Windows spring steeds naar bureaublad

[erudict]

ComboFix 12-08-28.03 - Aless 29/08/2012 16:47:24.3.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2035 [GMT 2:00]

Running from: c:\users\Aless\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

.

.

((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-29 )))))))))))))))))))))))))))))))

.

.

2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\Guest\AppData\Local\temp

2012-08-29 14:58 . 2012-08-29 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-28 12:25 . 2012-08-28 12:25 -------- d-----w- c:\users\Aless\AppData\Roaming\Malwarebytes

2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\programdata\Malwarebytes

2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-28 12:24 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-28 11:13 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C4F5DDD8-3BDA-4D42-B613-BFD252611AAF}\mpengine.dll

2012-08-26 16:58 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-22 18:06 . 2012-08-22 18:06 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation

2012-08-22 18:05 . 2012-08-22 18:05 -------- d-----w- c:\users\Aless\AppData\Roaming\Intel Corporation

2012-08-22 17:57 . 2012-08-22 17:57 -------- d-----w- c:\windows\SysWow64\sda

2012-08-22 17:56 . 2012-07-05 08:18 9888912 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll

2012-08-22 17:56 . 2012-07-05 08:18 252048 ----a-w- c:\windows\system32\drivers\RtsUStor.sys

2012-08-22 17:56 . 2012-07-05 08:18 422544 ----a-w- c:\windows\system32\RtsUStor.dll

2012-08-22 17:56 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Realtek

2012-08-22 17:56 . 2012-07-04 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll

2012-08-22 17:48 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Intel

2012-08-22 17:48 . 2012-08-22 17:48 -------- d-----w- C:\Intel

2012-08-22 17:22 . 2012-08-22 17:37 -------- d-----w- c:\program files (x86)\Driver-Soft

2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\program files\Realtek

2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\windows\SysWow64\RTCOM

2012-08-22 17:16 . 2012-08-22 17:16 -------- d-----w- C:\temp

2012-08-22 16:49 . 2012-08-22 16:49 -------- d-----w- c:\programdata\Innovative Solutions

2012-08-22 16:42 . 2012-08-22 16:42 -------- d-----w- c:\users\Aless\AppData\Local\Innovative Solutions

2012-08-22 16:40 . 2012-08-22 16:40 -------- d--h--w- c:\programdata\Common Files

2012-08-22 16:37 . 2012-08-22 16:37 -------- d-----w- c:\programdata\UAB

2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\users\Aless\AppData\Local\PC_Drivers_Headquarters

2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\programdata\PC Drivers HeadQuarters

2012-08-22 16:35 . 2012-08-22 16:35 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters

2012-08-22 16:34 . 2012-08-22 16:34 -------- d-----w- c:\programdata\Ask

2012-08-22 15:33 . 2012-08-22 15:49 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2007

2012-08-22 12:02 . 2012-08-22 12:02 -------- d-----w- c:\windows\Cache

2012-08-21 15:51 . 2012-08-21 18:12 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2008

2012-08-15 17:49 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-13 12:17 . 2012-08-01 00:21 645952 ----a-w- c:\windows\system32\drivers\iaStorA.sys

2012-08-13 12:17 . 2012-08-01 00:21 27456 ----a-w- c:\windows\system32\drivers\iaStorF.sys

2012-08-10 13:39 . 2012-08-10 13:39 551896 ----a-w- c:\windows\system32\appdrvrem01.exe

2012-08-10 13:39 . 2012-08-10 13:39 3854000 ----a-w- c:\windows\system32\drivers\appdrv01.sys

2012-08-10 11:41 . 2012-08-21 14:54 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2010

2012-08-10 11:24 . 2012-08-22 15:16 -------- d-----w- c:\program files (x86)\Cyanide

2012-08-08 17:05 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Yontoo

2012-08-08 17:05 . 2012-08-08 17:05 -------- d-----w- c:\programdata\Tarma Installer

2012-08-08 14:21 . 2012-06-12 20:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll

2012-08-08 14:21 . 2012-06-12 20:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys

2012-08-08 14:21 . 2012-06-12 20:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll

2012-07-31 15:44 . 2012-07-31 15:44 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys

2012-07-31 15:44 . 2012-07-31 15:44 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2012-07-31 15:44 . 2012-07-31 15:44 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys

2012-07-31 15:42 . 2012-07-31 15:42 -------- d-----w- c:\programdata\Sony Ericsson

2012-07-31 15:42 . 2012-07-31 15:42 -------- d-----w- c:\program files (x86)\Sony Ericsson

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 18:08 . 2012-04-20 16:44 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 18:08 . 2011-06-29 20:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-15 17:42 . 2011-06-29 20:10 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-08 17:18 . 2012-05-22 14:55 969576 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-08-08 17:18 . 2011-12-29 20:40 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-08-08 17:18 . 2011-12-24 12:06 1763688 ----a-w- c:\windows\system32\nvdispco64.dll

2012-08-08 17:18 . 2011-05-21 05:01 27569000 ----a-w- c:\windows\system32\nvoglv64.dll

2012-08-08 17:18 . 2011-05-21 05:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll

2012-08-08 17:18 . 2011-05-21 05:01 14878056 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-08-08 16:48 . 2011-02-28 20:47 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-08-08 16:48 . 2011-02-28 20:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-08-08 16:48 . 2011-02-28 20:47 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-08-08 16:48 . 2010-08-09 06:12 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-08-08 16:47 . 2011-02-28 20:46 3266408 ----a-w- c:\windows\system32\nvsvc64.dll

2012-08-08 16:47 . 2011-02-28 20:46 6193000 ----a-w- c:\windows\system32\nvcpl.dll

2012-08-08 16:47 . 2012-05-22 14:59 3485076 ----a-w- c:\windows\system32\nvcoproc.bin

2012-06-09 05:43 . 2012-07-11 15:21 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-11 15:21 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 15:21 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-12 12:50 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 15:21 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 15:21 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-12 12:50 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-27 13:23 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-27 13:23 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-27 13:23 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-27 13:23 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-27 13:23 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-27 13:23 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-27 13:23 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-27 13:22 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-27 13:22 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-02 05:50 . 2012-07-11 15:21 458704 ----a-w- c:\windows\system32\drivers\cng.sys

2012-06-02 05:48 . 2012-07-11 15:21 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys

2012-06-02 05:48 . 2012-07-11 15:21 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2012-06-02 05:45 . 2012-07-11 15:21 340992 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 05:44 . 2012-07-11 15:21 307200 ----a-w- c:\windows\system32\ncrypt.dll

2012-06-02 04:40 . 2012-07-11 15:21 22016 ----a-w- c:\windows\SysWow64\secur32.dll

2012-06-02 04:40 . 2012-07-11 15:21 225280 ----a-w- c:\windows\SysWow64\schannel.dll

2012-06-02 04:39 . 2012-07-11 15:21 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll

2012-06-02 04:34 . 2012-07-11 15:21 96768 ----a-w- c:\windows\SysWow64\sspicli.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-28_15.18.34 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-08-29 14:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-29 14:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2012-08-29 14:17 36442 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-06-29 19:38 . 2012-08-29 14:17 21550 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1965883478-2314542865-2172352216-1000_UserData.bin

+ 2011-06-29 19:22 . 2012-08-29 14:19 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 19:22 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-06-29 19:22 . 2012-08-29 14:19 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-06-29 19:22 . 2012-08-28 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-29 14:19 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-29 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-29 14:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-29 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-06-29 21:46 . 2012-08-29 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-29 14:46 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-28 14:47 . 2012-08-29 14:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-28 14:47 . 2012-08-29 14:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2012-08-28 15:17 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-29 14:57 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

"JaGeXDaemon"="c:\.jagex_cache_32\jagc.jar" [2011-09-12 35298]

"LG LinkAir"="" [bU]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]

"Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-17 3536864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2010-04-28 228352]

"V0350Mon.exe"="c:\windows\V0350Mon.exe" [2007-08-22 28672]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]

"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]

"NetTraffic"="c:\program files\NetTraffic\NetTraffic.exe" [2002-11-11 569856]

"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]

"HPPQVideo"="c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml" [bU]

"ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU]

"TaskTray"="" [bU]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128]

.

c:\users\Aless\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

.jagex_runescape_preferences.jar [2011-9-12 35298]

Dropbox.lnk - c:\users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

WD Quick View.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-8-1 4215808]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]

R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-31 14448]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-07-04 16008]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-07 113120]

R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2011-11-22 92896]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2011-11-22 402336]

R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-22 41968]

R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;tsusbhub [x]

S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-08-01 645952]

S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-08-01 27456]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2011-10-07 452872]

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2011-10-07 816016]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-22 65664]

S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-22 706776]

S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2012-08-10 3854000]

S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-11-22 337048]

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2011-11-22 230952]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2011-11-14 546768]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]

S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\splashdl\SPLASHDL.SYS\config\SIONExportService.exe [2011-07-08 337784]

S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]

S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]

S3 LGBusEnum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]

S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-05 82816]

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2011-09-28 70760]

S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-07-05 252048]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 18:08]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49]

.

2012-08-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000Core.job

- c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000UA.job

- c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-06-14 110360]

"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 192.168.1.1

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll

FF - ProfilePath - c:\users\Aless\AppData\Roaming\Mozilla\Firefox\Profiles\qzzbjgcd.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=113&systemid=406&sr=0&q=

FF - prefs.js: network.proxy.gopher -

FF - prefs.js: network.proxy.gopher_port - 0

FF - prefs.js: network.proxy.http - localhost

FF - prefs.js: network.proxy.http_port - 9666

FF - prefs.js: network.proxy.socks - localhost

FF - prefs.js: network.proxy.socks_port - 9050

FF - prefs.js: network.proxy.ssl - localhost

FF - prefs.js: network.proxy.ssl_port - 9666

FF - prefs.js: network.proxy.type - 0

FF - user.js: extentions.y2layers.installId - a22fc57d-f4f3-43df-9025-70bdf5c0a7cc

FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

FF - user.js: extensions.autoDisableScopes - 14

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-10 - (no file)

Toolbar-10 - (no file)

AddRemove-1ClickDownload - c:\program files (x86)\1ClickDownload\uninst.exe

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-08-29 17:17:51

ComboFix-quarantined-files.txt 2012-08-29 15:17

.

Pre-Run: 213.355.450.368 bytes beschikbaar

Post-Run: 213.043.490.816 bytes beschikbaar

.

- - End Of File - - 1B5C159321116A895B3D0AA56CDD227E

[kweezie wabbit]

Open een nieuw kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\programdata\Ask

c:\program files (x86)\Yontoo

c:\programdata\Tarma Installer

Firefox::

FF - ProfilePath - c:\users\Aless\AppData\Roaming\Mozilla\Firefox\Profiles\qzzbjgcd.default\

FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=113&systemid=406&sr=0&q=

FF - user.js: extentions.y2layers.installId - a22fc57d-f4f3-43df-9025-70bdf5c0a7cc

FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube

Sla dit bestand op je bureaublad op als CFScript

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht

[erudict]

ComboFix 12-08-30.05 - Aless 31/08/2012 12:30:25.4.4 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4095.2272 [GMT 2:00]

Running from: c:\users\Aless\Desktop\ComboFix.exe

Command switches used :: c:\users\Aless\Desktop\CFScript.txt

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

AV: PC Tools Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: PC Tools Spyware Doctor with AntiVirus *Disabled/Outdated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Yontoo

c:\program files (x86)\Yontoo\OptChrome.exe

c:\program files (x86)\Yontoo\YontooLayers.crx

c:\programdata\Ask

c:\programdata\Ask\APN-Stub\PCD\APNIC.dll

c:\programdata\Ask\APN-Stub\PCD\BIT90DF.tmp

c:\programdata\Tarma Installer

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe

c:\programdata\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe

c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico

c:\users\Aless\AppData\Roaming\vso_ts_preview.xml

.

.

((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-31 )))))))))))))))))))))))))))))))

.

.

2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\Guest\AppData\Local\temp

2012-08-31 10:44 . 2012-08-31 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-31 10:29 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4265973-2A97-44C2-9F9C-9D1E3B587260}\mpengine.dll

2012-08-28 12:25 . 2012-08-28 12:25 -------- d-----w- c:\users\Aless\AppData\Roaming\Malwarebytes

2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\programdata\Malwarebytes

2012-08-28 12:24 . 2012-08-28 12:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-28 12:24 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-28 11:13 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-08-22 18:06 . 2012-08-22 18:06 -------- d-----w- c:\program files (x86)\Common Files\Intel Corporation

2012-08-22 18:05 . 2012-08-22 18:05 -------- d-----w- c:\users\Aless\AppData\Roaming\Intel Corporation

2012-08-22 17:57 . 2012-08-22 17:57 -------- d-----w- c:\windows\SysWow64\sda

2012-08-22 17:56 . 2012-07-05 08:18 9888912 ----a-w- c:\windows\SysWow64\RtsUStoricon.dll

2012-08-22 17:56 . 2012-07-05 08:18 252048 ----a-w- c:\windows\system32\drivers\RtsUStor.sys

2012-08-22 17:56 . 2012-07-05 08:18 422544 ----a-w- c:\windows\system32\RtsUStor.dll

2012-08-22 17:56 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Realtek

2012-08-22 17:56 . 2012-07-04 14:55 53248 ----a-w- c:\windows\SysWow64\CSVer.dll

2012-08-22 17:48 . 2012-08-22 17:56 -------- d-----w- c:\program files (x86)\Intel

2012-08-22 17:48 . 2012-08-22 17:48 -------- d-----w- C:\Intel

2012-08-22 17:22 . 2012-08-22 17:37 -------- d-----w- c:\program files (x86)\Driver-Soft

2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\program files\Realtek

2012-08-22 17:20 . 2012-08-22 17:20 -------- d-----w- c:\windows\SysWow64\RTCOM

2012-08-22 17:16 . 2012-08-22 17:16 -------- d-----w- C:\temp

2012-08-22 16:49 . 2012-08-22 16:49 -------- d-----w- c:\programdata\Innovative Solutions

2012-08-22 16:42 . 2012-08-22 16:42 -------- d-----w- c:\users\Aless\AppData\Local\Innovative Solutions

2012-08-22 16:40 . 2012-08-22 16:40 -------- d--h--w- c:\programdata\Common Files

2012-08-22 16:37 . 2012-08-22 16:37 -------- d-----w- c:\programdata\UAB

2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\users\Aless\AppData\Local\PC_Drivers_Headquarters

2012-08-22 16:36 . 2012-08-22 16:36 -------- d-----w- c:\programdata\PC Drivers HeadQuarters

2012-08-22 16:35 . 2012-08-22 16:35 -------- d-----w- c:\program files (x86)\PC Drivers HeadQuarters

2012-08-22 15:33 . 2012-08-22 15:49 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2007

2012-08-22 12:02 . 2012-08-22 12:02 -------- d-----w- c:\windows\Cache

2012-08-21 15:51 . 2012-08-21 18:12 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2008

2012-08-15 17:49 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-13 12:17 . 2012-08-01 00:21 645952 ----a-w- c:\windows\system32\drivers\iaStorA.sys

2012-08-13 12:17 . 2012-08-01 00:21 27456 ----a-w- c:\windows\system32\drivers\iaStorF.sys

2012-08-10 13:39 . 2012-08-10 13:39 551896 ----a-w- c:\windows\system32\appdrvrem01.exe

2012-08-10 13:39 . 2012-08-10 13:39 3854000 ----a-w- c:\windows\system32\drivers\appdrv01.sys

2012-08-10 11:41 . 2012-08-21 14:54 -------- d-----w- c:\users\Aless\AppData\Roaming\Pro Cycling Manager 2010

2012-08-10 11:24 . 2012-08-22 15:16 -------- d-----w- c:\program files (x86)\Cyanide

2012-08-08 14:21 . 2012-06-12 20:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll

2012-08-08 14:21 . 2012-06-12 20:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys

2012-08-08 14:21 . 2012-06-12 20:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 18:08 . 2012-04-20 16:44 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 18:08 . 2011-06-29 20:49 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-15 17:42 . 2011-06-29 20:10 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-08-08 17:18 . 2012-05-22 14:55 969576 ----a-w- c:\windows\system32\nvumdshimx.dll

2012-08-08 17:18 . 2011-12-29 20:40 15291752 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2012-08-08 17:18 . 2011-12-24 12:06 1763688 ----a-w- c:\windows\system32\nvdispco64.dll

2012-08-08 17:18 . 2011-05-21 05:01 27569000 ----a-w- c:\windows\system32\nvoglv64.dll

2012-08-08 17:18 . 2011-05-21 05:01 2725224 ----a-w- c:\windows\system32\nvapi64.dll

2012-08-08 17:18 . 2011-05-21 05:01 14878056 ----a-w- c:\windows\system32\nvwgf2umx.dll

2012-08-08 16:48 . 2011-02-28 20:47 891240 ----a-w- c:\windows\system32\nvvsvc.exe

2012-08-08 16:48 . 2011-02-28 20:47 2557800 ----a-w- c:\windows\system32\nvsvcr.dll

2012-08-08 16:48 . 2011-02-28 20:47 118120 ----a-w- c:\windows\system32\nvmctray.dll

2012-08-08 16:48 . 2010-08-09 06:12 63336 ----a-w- c:\windows\system32\nvshext.dll

2012-08-08 16:47 . 2011-02-28 20:46 3266408 ----a-w- c:\windows\system32\nvsvc64.dll

2012-08-08 16:47 . 2011-02-28 20:46 6193000 ----a-w- c:\windows\system32\nvcpl.dll

2012-08-08 16:47 . 2012-05-22 14:59 3485076 ----a-w- c:\windows\system32\nvcoproc.bin

2012-07-31 15:44 . 2012-07-31 15:44 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys

2012-07-31 15:44 . 2012-07-31 15:44 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2012-07-31 15:44 . 2012-07-31 15:44 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys

2012-06-09 05:43 . 2012-07-11 15:21 14172672 ----a-w- c:\windows\system32\shell32.dll

2012-06-06 06:06 . 2012-07-11 15:21 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-06-06 06:06 . 2012-07-11 15:21 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-06-06 06:02 . 2012-07-12 12:50 1133568 ----a-w- c:\windows\system32\cdosys.dll

2012-06-06 05:05 . 2012-07-11 15:21 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

2012-06-06 05:05 . 2012-07-11 15:21 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll

2012-06-06 05:03 . 2012-07-12 12:50 805376 ----a-w- c:\windows\SysWow64\cdosys.dll

2012-06-02 22:19 . 2012-06-27 13:23 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-27 13:23 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-27 13:23 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-27 13:23 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-27 13:23 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-27 13:23 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-27 13:23 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-27 13:22 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-27 13:22 36864 ----a-w- c:\windows\system32\wuapp.exe

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-28_15.18.34 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-08-31 10:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2009-07-14 04:54 . 2012-08-28 15:17 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-31 10:42 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 05:10 . 2012-08-31 10:21 36474 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-06-29 19:38 . 2012-08-31 10:21 21586 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1965883478-2314542865-2172352216-1000_UserData.bin

+ 2011-06-29 19:22 . 2012-08-31 10:21 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 19:22 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-06-29 19:22 . 2012-08-31 10:21 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-06-29 19:22 . 2012-08-28 11:35 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-31 10:21 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-08-28 11:35 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-31 10:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-31 10:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-31 10:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-06-29 21:46 . 2012-08-28 14:50 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-06-29 21:46 . 2012-08-31 10:29 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-06-29 21:46 . 2012-08-28 15:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-06-29 21:46 . 2012-08-31 10:29 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-08-28 14:47 . 2012-08-31 10:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-08-28 14:47 . 2012-08-28 14:47 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2012-08-28 14:47 . 2012-08-31 10:17 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2011-07-01 17:37 . 2012-08-30 09:49 421830 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin

- 2009-07-14 04:54 . 2012-08-28 15:17 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-08-31 10:42 1474560 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

"JaGeXDaemon"="c:\.jagex_cache_32\jagc.jar" [2011-09-12 35298]

"LG LinkAir"="" [bU]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]

"Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-17 3536864]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2010-04-28 228352]

"V0350Mon.exe"="c:\windows\V0350Mon.exe" [2007-08-22 28672]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]

"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]

"NetTraffic"="c:\program files\NetTraffic\NetTraffic.exe" [2002-11-11 569856]

"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]

"HPUsageTracking"="c:\program files (x86)\HP\HP UT\bin\hppusg.exe" [2009-05-11 24576]

"HPPQVideo"="c:\program files (x86)\HP\ScheduledLaunch\HP Color LaserJet CM1312 MFP Series\bin\hppschlnch.exe -r SOFTWARE\Hewlett-Packard\ScheduledLaunch\CLJ_CM1312_MFP_Series -f PQOptimizerVideo.xml" [bU]

"ToolBoxFX"="c:\program files (x86)\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2009-10-22 53248]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-09-30 252296]

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"ROC_roc_ssl_v12"="c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" [bU]

"TaskTray"="" [bU]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-07-16 56128]

.

c:\users\Aless\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

.jagex_runescape_preferences.jar [2011-9-12 35298]

Dropbox.lnk - c:\users\Aless\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

WD Quick View.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-8-1 4215808]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176]

R2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [2010-12-07 19456]

R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [2010-12-07 27648]

R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [2010-12-07 27136]

R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [2010-12-07 34304]

R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\lgandadb.sys [2010-08-02 31744]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2012-07-31 14448]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 136176]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2011-07-04 16008]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-07 113120]

R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]

R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [2011-11-22 92896]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2011-11-22 402336]

R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-11-22 41968]

R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;tsusbhub [x]

S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-08-01 645952]

S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-08-01 27456]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [2011-11-14 367912]

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [2011-10-07 452872]

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [2011-10-07 816016]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-11-22 65664]

S0 TFSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-11-22 706776]

S1 appdrv01;Application Driver (01);c:\windows\system32\Drivers\appdrv01.sys [2012-08-10 3854000]

S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [2011-11-22 337048]

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [2011-11-22 230952]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2011-11-14 546768]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2012-07-13 2451456]

S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\splashdl\SPLASHDL.SYS\config\SIONExportService.exe [2011-07-08 337784]

S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2011-11-10 370504]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys [2009-06-10 1192448]

S3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]

S3 LGBusEnum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]

S3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-12-05 82816]

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [2011-09-28 70760]

S3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys [2005-11-07 21120]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-07-05 252048]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 18:08]

.

2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49]

.

2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-29 20:49]

.

2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000Core.job

- c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00]

.

2012-08-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965883478-2314542865-2172352216-1000UA.job

- c:\users\Aless\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-29 15:00]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Aless\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-06-14 110360]

"HP Color LaserJet CM1312 MFP Series Fax"="c:\program files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe" [2009-09-22 3700736]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Free YouTube Download - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Aless\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 195.130.130.130 195.130.131.130 192.168.1.1

CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll

FF - ProfilePath - c:\users\Aless\AppData\Roaming\Mozilla\Firefox\Profiles\qzzbjgcd.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/

FF - prefs.js: network.proxy.gopher -

FF - prefs.js: network.proxy.gopher_port - 0

FF - prefs.js: network.proxy.http - localhost

FF - prefs.js: network.proxy.http_port - 9666

FF - prefs.js: network.proxy.socks - localhost

FF - prefs.js: network.proxy.socks_port - 9050

FF - prefs.js: network.proxy.ssl - localhost

FF - prefs.js: network.proxy.ssl_port - 9666

FF - prefs.js: network.proxy.type - 0

FF - user.js: extensions.autoDisableScopes - 14

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-10 - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1965883478-2314542865-2172352216-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-08-31 13:04:45

ComboFix-quarantined-files.txt 2012-08-31 11:04

ComboFix2.txt 2012-08-29 15:17

.

Pre-Run: 201.345.187.840 bytes beschikbaar

Post-Run: 201.251.438.592 bytes beschikbaar

.

- - End Of File - - 88FE06CA8CE81A8AFABF07CFC2F901BA

[kweezie wabbit]

Perfect uitgevoerd.

Heeft dit iets opgelost?

[erudict]

Aangezien het op willekeurige momenten gebeurde is het moeilijk om dat nu al te zeggen.. Tot nu toe geen last maar dat is geen zekerheid natuurlijk. Ik hou je op de hoogte!

Erg bedankt iig!

[kweezie wabbit]

Hallo erudict.

We zijn nu 2 weken verder.

Hoe staat het met het verspringende bureaublad?