Ga naar inhoud

erudict

Lid
  • Items

    16
  • Registratiedatum

  • Laatst bezocht

erudict's prestaties

  1. Oke! Hartelijk dank! Alles werkt nu! Al kan ik nu wel niet meer naar de pagina van mijn router gaan, heb zowel (oude) 192.168.0.1 als (nieuwe) 192.168.0.18 getest. Maar goed, tot nu toe geen problemen en ben ik tevreden. Nogmaals bedank!
  2. Op router 3 is alles nu in orde en werkt het perfect. Ben nu router 2 aan het instellen maar daar krijg ik het maar niet in orde. Ik verander de SSID in die van router 1 en 3 en schakel DHCP uit maar toch blijft de oude SSID naam zichtbaar tussen de wifi netwerken. - - - Updated - - - Vreemd, het wired netwerk van router 2 heeft nu wel het SSID dat die zou moeten hebben maar het wireless van router 2 blijft de oude naam hebben. 1 router dus met verschillende naam wired en wireless.
  3. Router 3 heb ik dezelfde SSID gegeven als de telenet bak, en DHCP van router 3 uitgezet. Resultaat: via kabel wel internet uit router 3, via wifi kan ik geen verbinding maken zowel met pc als gsm. (gsm melding is "kan geen ip verkrijgen")
  4. Dus alle routers dezelfde naam geven en zelfde wachtwoord. Dan de 2 andere routers DHCP uit zetten? Dat had ik al eens gedaan (denk ik) en dat lukte toen voor een uurtje ofzo en nadien liep alles vast, waren er dus conflicten. Maar ik zal het meteen eens opnieuw proberen om te zien of het nu wel zou lukken.
  5. Dag allemaal Ik heb al enkele keren zitten googelen maar helaas zonder succes. Mijn opstelling is de volgende: 3routers: Router 1 (modemding van telenet met telenethomespot ed) Router 2 (Linksys R3200) Router 3 (TP-link) Router 1 is de "bron" waar alles vandaan komt he. Router 2 en 3 zijn beiden wired aangesloten op router 1. Op router 2 is een wired printer aangesloten en een mediacenter, ook wired. Nu het probleem dat ik had was dat ik 3 verschillende netwerken in huis had (telenet-xxxx , ciscoxxxx en TP-linkxxx) Waardoor ik als ik in een andere kamer kwam telkens van netwerk moest veranderen en dus ook niet overal kon printen enzo. Dus heb ik wat gaan opzoeken om router 2 en 3 te gebruiken als "bridge" maar dat lukte niet goed met die ip's enzo met geen internetverbinding als resultaat. Nadien heb ik ook geprobeerd om de SSID's van de 3 routers dezelfde te maken. Dat lukte voor een uurtje ofzo en toen is alles ermee gestopt. Is er iemand die mij kan helpen? Heb er al enkele uren op zitten puffen en zitten opzoeken en ben wat radeloos aan het worden. Iig alvast bedank voor iedereen die hulp aanbied! nog even mijn "schema": Telenetbak(router1/modem) --------------------------- Router3 | | | | | router 2 ------------ printer | | | mediacenter
  6. Aangezien het op willekeurige momenten gebeurde is het moeilijk om dat nu al te zeggen.. Tot nu toe geen last maar dat is geen zekerheid natuurlijk. Ik hou je op de hoogte! Erg bedankt iig!
  7. ComboFix 12-08-30.05 - Aless 31/08/2012 12:30:25.4.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2272 [GMT 2:00] Running from: c:\users\Aless\Desktop\ComboFix.exe Command switches used :: c:\users\Aless\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Yontoo c:\program files (x86)\Yontoo\OptChrome.exe c:\program files (x86)\Yontoo\YontooLayers.crx c:\programdata\Ask c:\programdata\Ask\APN-Stub\PCD\APNIC.dll c:\programdata\Ask\APN-Stub\PCD\BIT90DF.tmp c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\users\Aless\AppData\Roaming\vso_ts_preview.xml . . ((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-31 ))))))))))))))))))))))))))))))) . . 2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-31 10:29 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4265973-2A97-44C2-9F9C-9D1E3B587260}\mpengine.dll 2012-08-28 12:25 . 2012-08-28 12:25 -------- d-----w- c:\users\Aless\AppData\Roaming\Malwarebytes 2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\programdata\Malwarebytes 2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-28 12:24 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 11:13 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-22 18:06 . 2012-08-22 18:06 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation 2012-08-22 18:05 . 2012-08-22 18:05 -------- d-----w- c:\users\Aless\AppData\Roaming\Intel Corporation 2012-08-22 17:57 . 2012-08-22 17:57 -------- d-----w- c:\windows\SysWow64\sda 2012-08-22 17:56 . 2012-07-05 08:18 9888912 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2012-08-22 17:56 . 2012-07-05 08:18 252048 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-08-22 17:56 . 2012-07-05 08:18 422544 ----a-w- c:\windows\system32\RtsUStor.dll 2012-08-22 17:56 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Realtek 2012-08-22 17:56 . 2012-07-04 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll 2012-08-22 17:48 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Intel 2012-08-22 17:48 . 2012-08-22 17:48 -------- d-----w- C:\Intel 2012-08-22 17:22 . 2012-08-22 17:37 -------- d-----w- c:\program files (x86)\Driver-Soft 2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\program files\Realtek 2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\windows\SysWow64\RTCOM 2012-08-22 17:16 . 2012-08-22 17:16 -------- d-----w- C:\temp 2012-08-22 16:49 . 2012-08-22 16:49 -------- d-----w- c:\programdata\Innovative Solutions 2012-08-22 16:42 . 2012-08-22 16:42 -------- d-----w- c:\users\Aless\AppData\Local\Innovative Solutions 2012-08-22 16:40 . 2012-08-22 16:40 -------- d--h--w- c:\programdata\Common Files 2012-08-22 16:37 . 2012-08-22 16:37 -------- d-----w- c:\programdata\UAB 2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\users\Aless\AppData\Local\PC_Drivers_Headquarters 2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2012-08-22 16:35 . 2012-08-22 16:35 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters 2012-08-22 15:33 . 2012-08-22 15:49 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2007 2012-08-22 12:02 . 2012-08-22 12:02 -------- d-----w- c:\windows\Cache 2012-08-21 15:51 . 2012-08-21 18:12 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2008 2012-08-15 17:49 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-08-13 12:17 . 2012-08-01 00:21 645952 ----a-w- c:\windows\system32\drivers\iaStorA.sys 2012-08-13 12:17 . 2012-08-01 00:21 27456 ----a-w- c:\windows\system32\drivers\iaStorF.sys 2012-08-10 13:39 . 2012-08-10 13:39 551896 ----a-w- c:\windows\system32\appdrvrem01.exe 2012-08-10 13:39 . 2012-08-10 13:39 3854000 ----a-w- c:\windows\system32\drivers\appdrv01.sys 2012-08-10 11:41 . 2012-08-21 14:54 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2010 2012-08-10 11:24 . 2012-08-22 15:16 -------- d-----w- c:\program files (x86)\Cyanide 2012-08-08 14:21 . 2012-06-12 20:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll 2012-08-08 14:21 . 2012-06-12 20:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2012-08-08 14:21 . 2012-06-12 20:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 18:08 . 2012-04-20 16:44 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-15 18:08 . 2011-06-29 20:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 17:42 . 2011-06-29 20:10 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-08-08 17:18 . 2012-05-22 14:55 969576 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-08-08 17:18 . 2011-12-29 20:40 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-08-08 17:18 . 2011-12-24 12:06 1763688 ----a-w- c:\windows\system32\nvdispco64.dll 2012-08-08 17:18 . 2011-05-21 05:01 27569000 ----a-w- c:\windows\system32\nvoglv64.dll 2012-08-08 17:18 . 2011-05-21 05:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll 2012-08-08 17:18 . 2011-05-21 05:01 14878056 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-08-08 16:48 . 2011-02-28 20:47 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-08-08 16:48 . 2011-02-28 20:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-08-08 16:48 . 2011-02-28 20:47 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-08-08 16:48 . 2010-08-09 06:12 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-08-08 16:47 . 2011-02-28 20:46 3266408 ----a-w- c:\windows\system32\nvsvc64.dll 2012-08-08 16:47 . 2011-02-28 20:46 6193000 ----a-w- c:\windows\system32\nvcpl.dll 2012-08-08 16:47 . 2012-05-22 14:59 3485076 ----a-w- c:\windows\system32\nvcoproc.bin 2012-07-31 15:44 . 2012-07-31 15:44 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys 2012-07-31 15:44 . 2012-07-31 15:44 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-07-31 15:44 . 2012-07-31 15:44 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys 2012-06-09 05:43 . 2012-07-11 15:21 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-11 15:21 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 15:21 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-12 12:50 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 15:21 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 15:21 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-12 12:50 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-27 13:23 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-27 13:23 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-27 13:23 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-27 13:23 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-27 13:23 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-27 13:23 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-27 13:23 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-27 13:22 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-27 13:22 36864 ----a-w- c:\windows\system32\wuapp.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-08-28_15.18.34 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-31 10:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-31 10:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 05:10 . 2012-08-31 10:21 36474 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-06-29 19:38 . 2012-08-31 10:21 21586 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1965883478-2314542865-2172352216-1000_UserData.bin + 2011-06-29 19:22 . 2012-08-31 10:21 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 19:22 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-06-29 19:22 . 2012-08-31 10:21 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-06-29 19:22 . 2012-08-28 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-31 10:21 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-06-29 21:46 . 2012-08-31 10:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-06-29 21:46 . 2012-08-31 10:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-06-29 21:46 . 2012-08-31 10:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-06-29 21:46 . 2012-08-31 10:29 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-06-29 21:46 . 2012-08-31 10:29 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-28 14:47 . 2012-08-31 10:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-28 14:47 . 2012-08-31 10:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2011-07-01 17:37 . 2012-08-30 09:49 421830 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin - 2009-07-14 04:54 . 2012-08-28 15:17 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-31 10:42 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024] "JaGeXDaemon"="c:\.jagex_cache_32\jagc.jar" [2011-09-12 35298] "LG LinkAir"="" [bU] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624] "Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-17 3536864] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2010-04-28 228352] "V0350Mon.exe"="c:\windows\V0350Mon.exe" [2007-08-22 28672] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "NetTraffic"="c:\program files\NetTraffic\NetTraffic.exe" [2002-11-11 569856] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576] "HPPQVideo"="c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml" [bU] "ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU] "TaskTray"="" [bU] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128] . c:\users\Aless\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ .jagex_runescape_preferences.jar [2011-9-12 35298] Dropbox.lnk - c:\users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] WD Quick View.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-8-1 4215808] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176] R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-31 14448] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-07-04 16008] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-07 113120] R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2011-11-22 92896] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2011-11-22 402336] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-22 41968] R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;tsusbhub [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-08-01 645952] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-08-01 27456] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2011-11-14 367912] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2011-10-07 452872] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2011-10-07 816016] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-22 65664] S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-22 706776] S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2012-08-10 3854000] S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-11-22 337048] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2011-11-22 230952] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2011-11-14 546768] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456] S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\splashdl\SPLASHDL.SYS\config\SIONExportService.exe [2011-07-08 337784] S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448] S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384] S3 LGBusEnum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848] S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-05 82816] S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2011-09-28 70760] S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-07-05 252048] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 18:08] . 2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49] . 2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000Core.job - c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00] . 2012-08-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000UA.job - c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-06-14 110360] "HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 192.168.1.1 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\Aless\AppData\Roaming\Mozilla\Firefox\Profiles\qzzbjgcd.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 9666 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 9050 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 9666 FF - prefs.js: network.proxy.type - 0 FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-31 13:04:45 ComboFix-quarantined-files.txt 2012-08-31 11:04 ComboFix2.txt 2012-08-29 15:17 . Pre-Run: 201.345.187.840 bytes beschikbaar Post-Run: 201.251.438.592 bytes beschikbaar . - - End Of File - - 88FE06CA8CE81A8AFABF07CFC2F901BA
  8. ComboFix 12-08-28.03 - Aless 29/08/2012 16:47:24.3.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2035 [GMT 2:00] Running from: c:\users\Aless\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} . . ((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-29 ))))))))))))))))))))))))))))))) . . 2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-28 12:25 . 2012-08-28 12:25 -------- d-----w- c:\users\Aless\AppData\Roaming\Malwarebytes 2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\programdata\Malwarebytes 2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-28 12:24 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-28 11:13 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4F5DDD8-3BDA-4D42-B613-BFD252611AAF}\mpengine.dll 2012-08-26 16:58 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-22 18:06 . 2012-08-22 18:06 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation 2012-08-22 18:05 . 2012-08-22 18:05 -------- d-----w- c:\users\Aless\AppData\Roaming\Intel Corporation 2012-08-22 17:57 . 2012-08-22 17:57 -------- d-----w- c:\windows\SysWow64\sda 2012-08-22 17:56 . 2012-07-05 08:18 9888912 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll 2012-08-22 17:56 . 2012-07-05 08:18 252048 ----a-w- c:\windows\system32\drivers\RtsUStor.sys 2012-08-22 17:56 . 2012-07-05 08:18 422544 ----a-w- c:\windows\system32\RtsUStor.dll 2012-08-22 17:56 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Realtek 2012-08-22 17:56 . 2012-07-04 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll 2012-08-22 17:48 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Intel 2012-08-22 17:48 . 2012-08-22 17:48 -------- d-----w- C:\Intel 2012-08-22 17:22 . 2012-08-22 17:37 -------- d-----w- c:\program files (x86)\Driver-Soft 2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\program files\Realtek 2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\windows\SysWow64\RTCOM 2012-08-22 17:16 . 2012-08-22 17:16 -------- d-----w- C:\temp 2012-08-22 16:49 . 2012-08-22 16:49 -------- d-----w- c:\programdata\Innovative Solutions 2012-08-22 16:42 . 2012-08-22 16:42 -------- d-----w- c:\users\Aless\AppData\Local\Innovative Solutions 2012-08-22 16:40 . 2012-08-22 16:40 -------- d--h--w- c:\programdata\Common Files 2012-08-22 16:37 . 2012-08-22 16:37 -------- d-----w- c:\programdata\UAB 2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\users\Aless\AppData\Local\PC_Drivers_Headquarters 2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\programdata\PC Drivers HeadQuarters 2012-08-22 16:35 . 2012-08-22 16:35 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters 2012-08-22 16:34 . 2012-08-22 16:34 -------- d-----w- c:\programdata\Ask 2012-08-22 15:33 . 2012-08-22 15:49 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2007 2012-08-22 12:02 . 2012-08-22 12:02 -------- d-----w- c:\windows\Cache 2012-08-21 15:51 . 2012-08-21 18:12 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2008 2012-08-15 17:49 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll 2012-08-13 12:17 . 2012-08-01 00:21 645952 ----a-w- c:\windows\system32\drivers\iaStorA.sys 2012-08-13 12:17 . 2012-08-01 00:21 27456 ----a-w- c:\windows\system32\drivers\iaStorF.sys 2012-08-10 13:39 . 2012-08-10 13:39 551896 ----a-w- c:\windows\system32\appdrvrem01.exe 2012-08-10 13:39 . 2012-08-10 13:39 3854000 ----a-w- c:\windows\system32\drivers\appdrv01.sys 2012-08-10 11:41 . 2012-08-21 14:54 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2010 2012-08-10 11:24 . 2012-08-22 15:16 -------- d-----w- c:\program files (x86)\Cyanide 2012-08-08 17:05 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Yontoo 2012-08-08 17:05 . 2012-08-08 17:05 -------- d-----w- c:\programdata\Tarma Installer 2012-08-08 14:21 . 2012-06-12 20:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll 2012-08-08 14:21 . 2012-06-12 20:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys 2012-08-08 14:21 . 2012-06-12 20:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll 2012-07-31 15:44 . 2012-07-31 15:44 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys 2012-07-31 15:44 . 2012-07-31 15:44 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2012-07-31 15:44 . 2012-07-31 15:44 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys 2012-07-31 15:42 . 2012-07-31 15:42 -------- d-----w- c:\programdata\Sony Ericsson 2012-07-31 15:42 . 2012-07-31 15:42 -------- d-----w- c:\program files (x86)\Sony Ericsson . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 18:08 . 2012-04-20 16:44 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-15 18:08 . 2011-06-29 20:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 17:42 . 2011-06-29 20:10 62134624 ----a-w- c:\windows\system32\MRT.exe 2012-08-08 17:18 . 2012-05-22 14:55 969576 ----a-w- c:\windows\system32\nvumdshimx.dll 2012-08-08 17:18 . 2011-12-29 20:40 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2012-08-08 17:18 . 2011-12-24 12:06 1763688 ----a-w- c:\windows\system32\nvdispco64.dll 2012-08-08 17:18 . 2011-05-21 05:01 27569000 ----a-w- c:\windows\system32\nvoglv64.dll 2012-08-08 17:18 . 2011-05-21 05:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll 2012-08-08 17:18 . 2011-05-21 05:01 14878056 ----a-w- c:\windows\system32\nvwgf2umx.dll 2012-08-08 16:48 . 2011-02-28 20:47 891240 ----a-w- c:\windows\system32\nvvsvc.exe 2012-08-08 16:48 . 2011-02-28 20:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll 2012-08-08 16:48 . 2011-02-28 20:47 118120 ----a-w- c:\windows\system32\nvmctray.dll 2012-08-08 16:48 . 2010-08-09 06:12 63336 ----a-w- c:\windows\system32\nvshext.dll 2012-08-08 16:47 . 2011-02-28 20:46 3266408 ----a-w- c:\windows\system32\nvsvc64.dll 2012-08-08 16:47 . 2011-02-28 20:46 6193000 ----a-w- c:\windows\system32\nvcpl.dll 2012-08-08 16:47 . 2012-05-22 14:59 3485076 ----a-w- c:\windows\system32\nvcoproc.bin 2012-06-09 05:43 . 2012-07-11 15:21 14172672 ----a-w- c:\windows\system32\shell32.dll 2012-06-06 06:06 . 2012-07-11 15:21 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-06-06 06:06 . 2012-07-11 15:21 1881600 ----a-w- c:\windows\system32\msxml3.dll 2012-06-06 06:02 . 2012-07-12 12:50 1133568 ----a-w- c:\windows\system32\cdosys.dll 2012-06-06 05:05 . 2012-07-11 15:21 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll 2012-06-06 05:05 . 2012-07-11 15:21 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2012-06-06 05:03 . 2012-07-12 12:50 805376 ----a-w- c:\windows\SysWow64\cdosys.dll 2012-06-02 22:19 . 2012-06-27 13:23 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-27 13:23 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-27 13:23 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-27 13:23 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-27 13:23 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-27 13:23 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-27 13:23 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-27 13:22 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-27 13:22 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-06-02 05:50 . 2012-07-11 15:21 458704 ----a-w- c:\windows\system32\drivers\cng.sys 2012-06-02 05:48 . 2012-07-11 15:21 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48 . 2012-07-11 15:21 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-06-02 05:45 . 2012-07-11 15:21 340992 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 05:44 . 2012-07-11 15:21 307200 ----a-w- c:\windows\system32\ncrypt.dll 2012-06-02 04:40 . 2012-07-11 15:21 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2012-06-02 04:40 . 2012-07-11 15:21 225280 ----a-w- c:\windows\SysWow64\schannel.dll 2012-06-02 04:39 . 2012-07-11 15:21 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll 2012-06-02 04:34 . 2012-07-11 15:21 96768 ----a-w- c:\windows\SysWow64\sspicli.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-28_15.18.34 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-29 14:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-29 14:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 05:10 . 2012-08-29 14:17 36442 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-06-29 19:38 . 2012-08-29 14:17 21550 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1965883478-2314542865-2172352216-1000_UserData.bin + 2011-06-29 19:22 . 2012-08-29 14:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 19:22 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-06-29 19:22 . 2012-08-29 14:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-06-29 19:22 . 2012-08-28 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-29 14:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-06-29 21:46 . 2012-08-29 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-06-29 21:46 . 2012-08-29 14:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2011-06-29 21:46 . 2012-08-29 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-06-29 21:46 . 2012-08-29 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-06-29 21:46 . 2012-08-29 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-28 14:47 . 2012-08-29 14:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-28 14:47 . 2012-08-29 14:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 04:54 . 2012-08-28 15:17 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-29 14:57 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024] "JaGeXDaemon"="c:\.jagex_cache_32\jagc.jar" [2011-09-12 35298] "LG LinkAir"="" [bU] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624] "Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-17 3536864] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2010-04-28 228352] "V0350Mon.exe"="c:\windows\V0350Mon.exe" [2007-08-22 28672] "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520] "NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136] "NetTraffic"="c:\program files\NetTraffic\NetTraffic.exe" [2002-11-11 569856] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280] "HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576] "HPPQVideo"="c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml" [bU] "ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776] "ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU] "TaskTray"="" [bU] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128] . c:\users\Aless\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ .jagex_runescape_preferences.jar [2011-9-12 35298] Dropbox.lnk - c:\users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] WD Quick View.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-8-1 4215808] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176] R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304] R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-31 14448] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-07-04 16008] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-07 113120] R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2011-11-22 92896] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992] R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2011-11-22 402336] R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-22 41968] R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 tsusbhub;tsusbhub;tsusbhub [x] S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-08-01 645952] S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-08-01 27456] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2011-11-14 367912] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2011-10-07 452872] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2011-10-07 816016] S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-22 65664] S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-22 706776] S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2012-08-10 3854000] S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-11-22 337048] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2011-11-22 230952] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2011-11-14 546768] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168] S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456] S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\splashdl\SPLASHDL.SYS\config\SIONExportService.exe [2011-07-08 337784] S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504] S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656] S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448] S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384] S3 LGBusEnum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848] S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-05 82816] S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2011-09-28 70760] S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-07-05 252048] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2012-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 18:08] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49] . 2012-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000Core.job - c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00] . 2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000UA.job - c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-06-14 110360] "HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Free YouTube Download - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm IE: Free YouTube to MP3 Converter - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105 LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 192.168.1.1 CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll FF - ProfilePath - c:\users\Aless\AppData\Roaming\Mozilla\Firefox\Profiles\qzzbjgcd.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=113&systemid=406&sr=0&q= FF - prefs.js: network.proxy.gopher - FF - prefs.js: network.proxy.gopher_port - 0 FF - prefs.js: network.proxy.http - localhost FF - prefs.js: network.proxy.http_port - 9666 FF - prefs.js: network.proxy.socks - localhost FF - prefs.js: network.proxy.socks_port - 9050 FF - prefs.js: network.proxy.ssl - localhost FF - prefs.js: network.proxy.ssl_port - 9666 FF - prefs.js: network.proxy.type - 0 FF - user.js: extentions.y2layers.installId - a22fc57d-f4f3-43df-9025-70bdf5c0a7cc FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube FF - user.js: extensions.autoDisableScopes - 14 . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) Toolbar-10 - (no file) AddRemove-1ClickDownload - c:\program files (x86)\1ClickDownload\uninst.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-08-29 17:17:51 ComboFix-quarantined-files.txt 2012-08-29 15:17 . Pre-Run: 213.355.450.368 bytes beschikbaar Post-Run: 213.043.490.816 bytes beschikbaar . - - End Of File - - 1B5C159321116A895B3D0AA56CDD227E
  9. ComboFix 12-08-28.01 - Aless 28/08/2012 17:04:49.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2341 [GMT 2:00] Running from: C:\Users\Aless\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\Program Files (x86)\DealPly C:\Program Files (x86)\DealPly\DealPly.crx C:\Program Files (x86)\DealPly\icon.ico C:\Program Files (x86)\DealPly\uninst.exe C:\Users\Aless\AppData\Local\Microsoft\Windows\Temporary Internet Files\ApnStub.exe C:\Users\Aless\AppData\Roaming\Alesslog.dat C:\Users\Aless\AppData\Roaming\inst.exe C:\Users\Aless\AppData\Roaming\vso_ts_preview.xml C:\Windows\SysWow64\rundll32 F:\install.exe ((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-28 ))))))))))))))))))))))))))))))) 2012-08-28 15:17:54 . 2012-08-28 15:17:54 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\temp 2012-08-28 15:17:54 . 2012-08-28 15:17:54 -------- d-----w- C:\Users\Guest\AppData\Local\temp 2012-08-28 15:17:54 . 2012-08-28 15:17:54 -------- d-----w- C:\Users\Default\AppData\Local\temp 2012-08-28 12:25:12 . 2012-08-28 12:25:12 -------- d-----w- C:\Users\Aless\AppData\Roaming\Malwarebytes 2012-08-28 12:24:43 . 2012-08-28 12:24:43 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-28 12:24:42 . 2012-08-28 12:24:48 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-28 12:24:42 . 2012-07-03 11:46:44 24904 ----a-w- C:\Windows\system32\drivers\mbam.sys 2012-08-28 11:13:14 . 2012-08-01 22:58:21 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C4F5DDD8-3BDA-4D42-B613-BFD252611AAF}\mpengine.dll 2012-08-26 16:58:50 . 2012-08-01 22:58:21 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-08-22 18:06:19 . 2012-08-22 18:06:27 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation 2012-08-22 18:05:04 . 2012-08-22 18:05:04 -------- d-----w- C:\Users\Aless\AppData\Roaming\Intel Corporation 2012-08-22 17:57:33 . 2012-08-22 17:57:33 -------- d-----w- C:\Windows\SysWow64\sda 2012-08-22 17:56:56 . 2012-07-05 08:18:06 9888912 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll 2012-08-22 17:56:56 . 2012-07-05 08:18:06 252048 ----a-w- C:\Windows\system32\drivers\RtsUStor.sys 2012-08-22 17:56:56 . 2012-07-05 08:18:04 422544 ----a-w- C:\Windows\system32\RtsUStor.dll 2012-08-22 17:56:55 . 2012-08-22 17:56:55 -------- d-----w- C:\Program Files (x86)\Realtek 2012-08-22 17:56:35 . 2012-07-04 14:55:04 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-08-22 17:48:48 . 2012-08-22 17:56:35 -------- d-----w- C:\Program Files (x86)\Intel 2012-08-22 17:48:37 . 2012-08-22 17:48:37 -------- d-----w- C:\Intel 2012-08-22 17:22:28 . 2012-08-22 17:37:02 -------- d-----w- C:\Program Files (x86)\Driver-Soft 2012-08-22 17:20:16 . 2012-08-22 17:20:16 -------- d-----w- C:\Program Files\Realtek 2012-08-22 17:20:15 . 2012-08-22 17:20:16 -------- d-----w- C:\Windows\SysWow64\RTCOM 2012-08-22 17:16:35 . 2012-08-22 17:16:35 -------- d-----w- C:\temp 2012-08-22 16:49:39 . 2012-08-22 16:49:39 -------- d-----w- C:\ProgramData\Innovative Solutions 2012-08-22 16:42:40 . 2012-08-22 16:42:40 -------- d-----w- C:\Users\Aless\AppData\Local\Innovative Solutions 2012-08-22 16:40:45 . 2012-08-22 16:40:45 -------- d--h--w- C:\ProgramData\Common Files 2012-08-22 16:37:11 . 2012-08-22 16:37:11 -------- d-----w- C:\ProgramData\UAB 2012-08-22 16:36:49 . 2012-08-22 16:36:49 -------- d-----w- C:\Users\Aless\AppData\Local\PC_Drivers_Headquarters 2012-08-22 16:36:41 . 2012-08-22 16:36:41 -------- d-----w- C:\ProgramData\PC Drivers HeadQuarters 2012-08-22 16:35:42 . 2012-08-22 16:35:42 -------- d-----w- C:\Program Files (x86)\PC Drivers HeadQuarters 2012-08-22 16:34:57 . 2012-08-22 16:34:57 -------- d-----w- C:\ProgramData\Ask 2012-08-22 15:33:04 . 2012-08-22 15:49:10 -------- d-----w- C:\Users\Aless\AppData\Roaming\Pro Cycling Manager 2007 2012-08-22 12:02:24 . 2012-08-22 12:02:24 -------- d-----w- C:\Windows\Cache 2012-08-21 15:51:49 . 2012-08-21 18:12:23 -------- d-----w- C:\Users\Aless\AppData\Roaming\Pro Cycling Manager 2008 2012-08-15 17:49:47 . 2012-05-14 05:26:34 956928 ----a-w- C:\Windows\system32\localspl.dll 2012-08-13 12:17:23 . 2012-08-01 00:21:58 645952 ----a-w- C:\Windows\system32\drivers\iaStorA.sys 2012-08-13 12:17:23 . 2012-08-01 00:21:54 27456 ----a-w- C:\Windows\system32\drivers\iaStorF.sys 2012-08-10 13:39:34 . 2012-08-10 13:39:34 551896 ----a-w- C:\Windows\system32\appdrvrem01.exe 2012-08-10 13:39:34 . 2012-08-10 13:39:34 3854000 ----a-w- C:\Windows\system32\drivers\appdrv01.sys 2012-08-10 11:41:28 . 2012-08-21 14:54:37 -------- d-----w- C:\Users\Aless\AppData\Roaming\Pro Cycling Manager 2010 2012-08-10 11:24:55 . 2012-08-22 15:16:53 -------- d-----w- C:\Program Files (x86)\Cyanide 2012-08-08 17:05:47 . 2012-08-28 12:24:09 -------- d-----w- C:\Program Files (x86)\Yontoo 2012-08-08 17:05:12 . 2012-08-08 17:05:47 -------- d-----w- C:\ProgramData\Tarma Installer 2012-08-08 14:21:12 . 2012-06-12 20:00:48 74344 ----a-w- C:\Windows\system32\RtNicProp64.dll 2012-08-08 14:21:12 . 2012-06-12 20:00:48 726160 ----a-w- C:\Windows\system32\drivers\Rt64win7.sys 2012-08-08 14:21:12 . 2012-06-12 20:00:48 107552 ----a-w- C:\Windows\system32\RTNUninst64.dll 2012-07-31 15:44:10 . 2012-07-31 15:44:10 27760 ----a-w- C:\Windows\system32\drivers\ggsemc.sys 2012-07-31 15:44:10 . 2012-07-31 15:44:10 1721576 ----a-w- C:\Windows\system32\WdfCoInstaller01009.dll 2012-07-31 15:44:09 . 2012-07-31 15:44:10 14448 ----a-w- C:\Windows\system32\drivers\ggflt.sys 2012-07-31 15:42:52 . 2012-07-31 15:42:52 -------- d-----w- C:\ProgramData\Sony Ericsson 2012-07-31 15:42:43 . 2012-07-31 15:42:43 -------- d-----w- C:\Program Files (x86)\Sony Ericsson . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-08-15 18:08:39 . 2012-04-20 16:44:23 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-08-15 18:08:39 . 2011-06-29 20:49:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 17:42:56 . 2011-06-29 20:10:52 62134624 ----a-w- C:\Windows\system32\MRT.exe 2012-08-08 17:18:00 . 2012-05-22 14:55:46 969576 ----a-w- C:\Windows\system32\nvumdshimx.dll 2012-08-08 17:18:00 . 2011-12-29 20:40:40 15291752 ----a-w- C:\Windows\SysWow64\nvd3dum.dll 2012-08-08 17:18:00 . 2011-12-24 12:06:11 1763688 ----a-w- C:\Windows\system32\nvdispco64.dll 2012-08-08 17:18:00 . 2011-05-21 05:01:00 27569000 ----a-w- C:\Windows\system32\nvoglv64.dll 2012-08-08 17:18:00 . 2011-05-21 05:01:00 2725224 ----a-w- C:\Windows\system32\nvapi64.dll 2012-08-08 17:18:00 . 2011-05-21 05:01:00 14878056 ----a-w- C:\Windows\system32\nvwgf2umx.dll 2012-08-08 16:48:10 . 2011-02-28 20:47:16 891240 ----a-w- C:\Windows\system32\nvvsvc.exe 2012-08-08 16:48:09 . 2011-02-28 20:47:16 2557800 ----a-w- C:\Windows\system32\nvsvcr.dll 2012-08-08 16:48:09 . 2011-02-28 20:47:16 118120 ----a-w- C:\Windows\system32\nvmctray.dll 2012-08-08 16:48:09 . 2010-08-09 06:12:22 63336 ----a-w- C:\Windows\system32\nvshext.dll 2012-08-08 16:47:52 . 2011-02-28 20:46:22 3266408 ----a-w- C:\Windows\system32\nvsvc64.dll 2012-08-08 16:47:48 . 2011-02-28 20:46:40 6193000 ----a-w- C:\Windows\system32\nvcpl.dll 2012-08-08 16:47:29 . 2012-05-22 14:59:26 3485076 ----a-w- C:\Windows\system32\nvcoproc.bin 2012-06-09 05:43:10 . 2012-07-11 15:21:38 14172672 ----a-w- C:\Windows\system32\shell32.dll 2012-06-06 06:06:16 . 2012-07-11 15:21:47 2004480 ----a-w- C:\Windows\system32\msxml6.dll 2012-06-06 06:06:16 . 2012-07-11 15:21:46 1881600 ----a-w- C:\Windows\system32\msxml3.dll 2012-06-06 06:02:54 . 2012-07-12 12:50:14 1133568 ----a-w- C:\Windows\system32\cdosys.dll 2012-06-06 05:05:52 . 2012-07-11 15:21:46 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 . 2012-07-11 15:21:43 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 . 2012-07-12 12:50:16 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:19:46 . 2012-06-27 13:23:19 38424 ----a-w- C:\Windows\system32\wups.dll 2012-06-02 22:19:43 . 2012-06-27 13:23:33 2428952 ----a-w- C:\Windows\system32\wuaueng.dll 2012-06-02 22:19:42 . 2012-06-27 13:23:33 57880 ----a-w- C:\Windows\system32\wuauclt.exe 2012-06-02 22:19:42 . 2012-06-27 13:23:33 44056 ----a-w- C:\Windows\system32\wups2.dll 2012-06-02 22:19:23 . 2012-06-27 13:23:19 701976 ----a-w- C:\Windows\system32\wuapi.dll 2012-06-02 22:15:31 . 2012-06-27 13:23:33 2622464 ----a-w- C:\Windows\system32\wucltux.dll 2012-06-02 22:15:08 . 2012-06-27 13:23:19 99840 ----a-w- C:\Windows\system32\wudriver.dll 2012-06-02 13:19:42 . 2012-06-27 13:22:52 186752 ----a-w- C:\Windows\system32\wuwebv.dll 2012-06-02 13:15:12 . 2012-06-27 13:22:52 36864 ----a-w- C:\Windows\system32\wuapp.exe 2012-06-02 05:50:10 . 2012-07-11 15:21:14 458704 ----a-w- C:\Windows\system32\drivers\cng.sys 2012-06-02 05:48:16 . 2012-07-11 15:21:12 151920 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys 2012-06-02 05:48:16 . 2012-07-11 15:21:09 95600 ----a-w- C:\Windows\system32\drivers\ksecdd.sys 2012-06-02 05:45:31 . 2012-07-11 15:21:14 340992 ----a-w- C:\Windows\system32\schannel.dll 2012-06-02 05:44:21 . 2012-07-11 15:21:14 307200 ----a-w- C:\Windows\system32\ncrypt.dll 2012-06-02 04:40:42 . 2012-07-11 15:21:08 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 . 2012-07-11 15:21:10 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 . 2012-07-11 15:21:11 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 . 2012-07-11 15:21:08 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58:14 94208 ----a-w- C:\Users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58:14 94208 ----a-w- C:\Users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58:14 94208 ----a-w- C:\Users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2012-02-14 22:58:14 94208 ----a-w- C:\Users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 10:51:06 202024] "JaGeXDaemon"="C:\.jagex_cache_32\jagc.jar" [2011-09-12 15:14:21 35298] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 13:25:17 1475584] "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 13:00:22 445624] "Driver Detective"="C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-17 08:34:06 3536864] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Diamondback"="C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe" [2010-04-28 15:25:44 228352] "V0350Mon.exe"="C:\Windows\V0350Mon.exe" [2007-08-22 23:03:00 28672] "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 16:22:24 91520] "NBKeyScan"="C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 07:25:06 1828136] "NetTraffic"="C:\Program Files\NetTraffic\NetTraffic.exe" [2002-11-11 16:13:40 569856] "B2C_AGENT"="C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 00:53:14 404568] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 18:06:18 59280] "HPUsageTracking"="C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 09:45:18 24576] "ToolBoxFX"="C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 08:27:28 53248] "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 01:41:12 49208] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 20:51:26 919008] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 11:19:12 252296] "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 23:08:12 1259376] "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" [2012-04-18 18:56:22 421888] "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 17:33:22 421776] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 17:23:12 56128] C:\Users\Aless\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ .jagex_runescape_preferences.jar [2011-9-12 35298] Dropbox.lnk - C:\Users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] WD Quick View.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-8-1 4215808] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service"
  10. Hartelijk bedankt voor uw hulp! Hier komen de logjes: Malwarebytes Anti-Malware 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.08.28.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Aless :: ALESS-PC [administrator] 28/08/2012 14:25:35 mbam-log-2012-08-28 (14-25-35).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 239936 Verstreken tijd: 6 minuut/minuten, 39 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 5 HKCR\CLSID\{GUB8D4BU-751P-11RR-B1X7-C787GT70WPK6} (Backdoor.Agent.PGen) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{GUB8D4BU-751P-11RR-B1X7-C787GT70WPK6} (Backdoor.Agent.PGen) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\DC3_FEXEC (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Cr_Installer\1950 (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.Agent.PGen) -> Data: C:\Windows\system32\rundll32\rundll32.exe -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|Policies (Backdoor.Agent.PGen) -> Data: C:\Windows\system32\rundll32\rundll32.exe -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 1 C:\Users\Aless\AppData\Roaming\dclogs (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 10 C:\Users\Aless\AppData\Local\Temp\Keygen.exe (PUP.RiskwareTool.CK) -> Geen actie ondernomen. C:\$Recycle.Bin\S-1-5-21-1965883478-2314542865-2172352216-1000\$R04O619.exe (PUP.BundleOffers.IIQ) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-1965883478-2314542865-2172352216-1000\$RIAQPNZ.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-1965883478-2314542865-2172352216-1000\$RKC4PHS.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-1965883478-2314542865-2172352216-1000\$RN7N44D.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\$Recycle.Bin\S-1-5-21-1965883478-2314542865-2172352216-1000\$RWC5T1P.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Aless\Downloads\pro cycling manager.exe (Adware.Solimba.Lame) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Aless\AppData\Local\Temp\javax.exe (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\Aless\AppData\Roaming\dclogs\2012-05-31-5.DC (Stolen.Data) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\System32\rundll32\rundll32.exe (Backdoor.Agent.PGen) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) 2de log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:42:17, on 28/08/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files (x86)\Java\jre7\bin\javaw.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe C:\Windows\V0350Mon.exe C:\Users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\NetTraffic\NetTraffic.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDMedia.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\Downloads\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe O4 - HKLM\..\Run: [V0350Mon.exe] C:\Windows\V0350Mon.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NetTraffic] C:\Program Files\NetTraffic\NetTraffic.exe O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\" O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [JaGeXDaemon] C:\.jagex_cache_32\jagc.jar O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKCU\..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: .jagex_runescape_preferences.jar O4 - Startup: Dropbox.lnk = Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: Splashtop Meta Data Export Service (Splashtop MDES) - Splashtop Inc. - C:\SPLASHDL\SPLASHDL.SYS\config\SIONExportService.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17367 bytes
  11. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:52:39, on 25/08/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal Running processes: C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files (x86)\Java\jre7\bin\javaw.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe C:\Windows\V0350Mon.exe C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe C:\Program Files\NetTraffic\NetTraffic.exe C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.00.048\Applets\x86\LCDMedia.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Aless\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: PC Tools Browser Defender - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: RewardsArcadeSuite - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Program Files (x86)\RewardsArcadeSuite\RewardsArcadeSuite.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: PC Tools Browser Defender - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe O4 - HKLM\..\Run: [V0350Mon.exe] C:\Windows\V0350Mon.exe O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [NetTraffic] C:\Program Files\NetTraffic\NetTraffic.exe O4 - HKLM\..\Run: [b2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\" O4 - HKLM\..\Run: [HPPQVideo] "C:\Program Files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe" -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml -o remindLater O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [JaGeXDaemon] C:\.jagex_cache_32\jagc.jar O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Google Update] "C:\Users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background O4 - HKCU\..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false O4 - HKLM\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\rundll32\rundll32.exe O4 - HKLM\..\Policies\Explorer\Run: [] O4 - HKCU\..\Policies\Explorer\Run: [Policies] C:\Windows\system32\rundll32\rundll32.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user') O4 - Startup: .jagex_runescape_preferences.jar O4 - Startup: Dropbox.lnk = Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Unknown owner - C:\Windows\System32\appdrvrem01.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe O23 - Service: Splashtop Meta Data Export Service (Splashtop MDES) - Splashtop Inc. - C:\SPLASHDL\SPLASHDL.SYS\config\SIONExportService.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 18549 bytes
  12. Dag, Ik heb al een weekje of 2 last van een erg irritant probleem: Telkens opnieuw springt mijn venster ( internet, word, spelletjes, eender wat) terug naar het bureaublad van zichzelf. Ik heb al mijn drivers al geüpdatet maar het probleem blijft. Wat wel raar is, is dat bij word of internet ( programma's die niet full screen zijn) het niet naar het bureaublad springt maar het gewoon niet actief is ( ik moet terug willekeurig klikken op het venster om terug te kunnen typen). Bij spelletjes springt hij gewoon terug naar het bureaublad. Het is telkens op willekeurige momenten dat dit voorkomt, heel erg raar & irritant! Alvast bedankt voor jullie hulp!
  13. http://speccy.piriform.com/results/iudd1AlFqV1d0z7DRyh0Npb zijn de resultaten na het ontstoffen.. Soms zijn de tekens bij het opstarten verdwenen en de andere keer verschijnen ze weer. De error over de sqmapi.dll blijf ik hebben.
  14. Ik heb de pc laten afkoelen want ik dacht echt dat het hem ergens aan de hardware lag en vandaag starte ik hem op en had ik geen probleem van onzuiver scherm en toen kreeg ik op mijn bureaublad een error sessionagent taskhost.exe - bad image windows portable divices\SqmApi.dll is either not designed to run on windows or it contains an error. try installing the program again using the original installation media or contact your system admin or the software vendor for support. De error ging niet weg maar ik kon wel andere dingen openen zoals firefox waarna even later ik weer het blauwe scherm kreeg waar mijn pc afsluit om beschadiging te vermijden. Die log plak ik meteen http://speccy.piriform.com/results/WxV7KqeH4qPyTJCjxMb1sWn Graphics HP 2229h (1680x1050@59Hz) 1536MBGeForce GT 230 (Onbekend): 72 °C ==> mss toch de grafische kaart kapot, is wat ik al dacht want de fan blaast bijna niet meer en enkel kei warme lucht. Mss pc eens open doen en wat ontstoffen? mvg
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.