Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 Running slow [Solved]


  • This topic is locked This topic is locked

#1
CatBee

CatBee

    Member

  • Member
  • PipPip
  • 65 posts
So lately my pc has been running slow... I tried to make it faster by removing useless programs and clearing browser cache but it doesnt seem to affect and the program that really takes long to open is Internet Explorer

HELP?!
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello CatBee,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called (FRST.txt) in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.

  • 0

#3
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Susy&Robin (administrator) on HPSUSYROBIN on 24-11-2013 16:53:16
Running from C:\Users\Susy&Robin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_152_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-09] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {0989a8f8-e216-11e1-a5ac-70f395b95e34} - G:\AutoRun.exe
MountPoints2: {48a34f9c-a046-11e0-b2e2-806e6f6e6963} - E:\Install.exe
MountPoints2: {50ccb00f-04cb-11e2-a416-e02a8202c98c} - G:\AutoRun.exe
MountPoints2: {b72f863c-e14a-11e1-8c96-e02a8202c98c} - G:\AutoRun.exe
MountPoints2: {b72f8650-e14a-11e1-8c96-e02a8202c98c} - G:\AutoRun.exe
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-06-02] (EasyBits Software AS)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-15] (Kaspersky Lab ZAO)
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {34245ADB-8EB4-49F6-964B-85EB57D49664} URL = http://nl.search.yah...psg&type=HPNTDF
SearchScopes: HKLM - {D4709FAE-D6EF-4C8E-A09A-B7B03359028C} URL = http://nl.wikipedia....h={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {D4709FAE-D6EF-4C8E-A09A-B7B03359028C} URL =
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield....er_1.0.80.2.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2010-08-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\[email protected]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (SiteAdvisor) - C:\Users\SUSY&R~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
CHR HKLM-x32\...\Chrome\Extension: [pgmfkblbflahhponhjmkcnpjinenhlnc] - C:\Users\Susy&Robin\AppData\Local\Vid-Saver\Chrome\Vid-Saver.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-15] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [655712 2012-08-08] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-08-20] ()
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1435928 2013-08-29] (Trusteer Ltd.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [x]
S2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll [x]
S2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [x]
S2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [x]
S2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [x]

==================== Drivers (Whitelisted) ====================

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-11-15] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-11-15] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-15] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-15] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-15] (Kaspersky Lab ZAO)
R1 RapportCerberus_56758; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [589872 2013-09-05] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [265872 2013-08-29] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [295696 2013-08-29] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [384432 2013-08-29] (Trusteer Ltd.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-11-15] (Kaspersky Lab ZAO)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-24 16:53 - 2013-11-24 16:54 - 00020363 _____ C:\Users\Susy&Robin\Downloads\FRST.txt
2013-11-24 16:52 - 2013-11-24 16:52 - 00000000 ____D C:\FRST
2013-11-24 16:51 - 2013-11-24 16:52 - 01958440 _____ (Farbar) C:\Users\Susy&Robin\Downloads\FRST64.exe
2013-11-15 15:43 - 2013-11-15 15:43 - 00002216 _____ C:\Users\Susy&Robin\Desktop\Veilig Bankieren.lnk
2013-11-15 15:42 - 2013-11-15 15:41 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-11-15 15:41 - 2012-07-11 17:09 - 00064856 _____ (Kaspersky Lab) C:\Windows\system32\klfphc.dll
2013-11-15 15:40 - 2011-06-02 14:39 - 00084536 _____ (Infowatch) C:\Windows\system32\Drivers\CSCrySec.sys
2013-11-15 15:40 - 2011-06-02 14:39 - 00066616 _____ (Infowatch) C:\Windows\system32\Drivers\CSVirtualDiskDrv.sys
2013-11-15 15:39 - 2013-11-24 16:42 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-15 15:39 - 2013-11-15 16:03 - 00000000 ____D C:\Windows\ELAMBKUP
2013-11-15 15:39 - 2013-11-15 16:02 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-15 15:39 - 2013-11-15 16:02 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-11-15 15:39 - 2013-11-15 15:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-11-05 15:11 - 2013-11-05 15:11 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\Lorenz_Cuno_Klopfenstein
2013-11-05 15:07 - 2013-11-05 15:07 - 00001138 _____ C:\Users\Susy&Robin\Desktop\OnTopReplica.lnk
2013-11-05 15:07 - 2013-11-05 15:07 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnTopReplica
2013-11-05 15:07 - 2013-11-05 15:07 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\OnTopReplica
2013-11-05 15:06 - 2013-11-05 15:07 - 00695407 _____ C:\Users\Susy&Robin\Downloads\OnTopReplica-Setup.exe
2013-11-04 16:31 - 2013-11-04 16:31 - 00239653 _____ C:\ProgramData\1383578753.bdinstall.bin
2013-11-03 22:34 - 2013-11-03 22:34 - 00000000 ____D C:\Users\Susy&Robin\Documents\loginZyra
2013-11-01 18:08 - 2013-11-01 18:08 - 577898623 _____ C:\Windows\MEMORY.DMP
2013-10-30 20:37 - 2013-10-30 20:48 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises (2012)
2013-10-28 04:53 - 2013-10-28 04:53 - 00000000 ____D C:\Users\Susy&Robin\Downloads\We're The Millers 2013 WEBRiP XViD UNiQUE (SilverTorrent)
2013-10-28 04:47 - 2013-10-28 04:48 - 00000000 ____D C:\Users\Susy&Robin\Downloads\This Is the End (2013) [1080p]
2013-10-28 04:35 - 2013-10-28 04:36 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Grown Ups 2 [2013] BRRip XViD-ETRG
2013-10-28 04:28 - 2013-10-28 04:29 - 00000000 ____D C:\Users\Susy&Robin\Downloads\World.War.Z.2013.BRRip XViD juggs
2013-10-28 04:04 - 2013-10-28 04:04 - 00000000 ____D C:\Users\Susy&Robin\Downloads\21.&.Over.2013.HDRip.XVID.AC3.5.1.HQ.Hive-CM8
2013-10-28 03:37 - 2013-10-28 04:24 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Identity.Thief.2013.UNRATED.1080p.BluRay.x264.anoXmous
2013-10-28 03:31 - 2013-10-28 03:32 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Spring.Breakers.2012.DVDRip.XViD-VH-PROD[rarbg]
2013-10-28 03:23 - 2013-10-28 03:53 - 1467342848 ____R C:\Users\Susy&Robin\Downloads\Parental.Guidance.2012.DVDRip.XviD-SPARKS.avi
2013-10-28 03:13 - 2013-10-28 03:26 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Movie.43.2013.DVDRip.XviD-3LT0N
2013-10-28 02:52 - 2013-10-28 02:57 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises (2012) DVDRip XviD-MAXSPEED
2013-10-28 02:51 - 2013-10-28 14:44 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The.Dark.Knight.Rises.2012.720p.BRRip.XviD.AC3-ViSiON
2013-10-28 02:50 - 2013-10-28 02:50 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises
2013-10-28 02:44 - 2013-10-28 02:49 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Super Troopers (2001) [1080p]

==================== One Month Modified Files and Folders =======

2013-11-24 16:54 - 2013-11-24 16:53 - 00020363 _____ C:\Users\Susy&Robin\Downloads\FRST.txt
2013-11-24 16:52 - 2013-11-24 16:52 - 00000000 ____D C:\FRST
2013-11-24 16:52 - 2013-11-24 16:51 - 01958440 _____ (Farbar) C:\Users\Susy&Robin\Downloads\FRST64.exe
2013-11-24 16:46 - 2013-06-03 14:46 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\PMB Files
2013-11-24 16:46 - 2013-06-03 14:46 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-24 16:42 - 2013-11-15 15:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-11-24 16:40 - 2012-04-02 18:07 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-24 16:20 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-24 16:20 - 2009-07-14 05:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-24 16:16 - 2010-10-25 01:10 - 01319996 _____ C:\Windows\WindowsUpdate.log
2013-11-24 16:12 - 2013-09-02 15:36 - 00009539 _____ C:\Windows\setupact.log
2013-11-24 16:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-24 00:27 - 2011-07-31 23:23 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\CrashDumps
2013-11-23 16:25 - 2010-08-15 03:33 - 00745998 _____ C:\Windows\system32\perfh013.dat
2013-11-23 16:25 - 2010-08-15 03:33 - 00153918 _____ C:\Windows\system32\perfc013.dat
2013-11-23 16:25 - 2009-07-14 06:13 - 01670888 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-23 16:01 - 2012-12-13 22:29 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\.minecraft
2013-11-23 15:50 - 2011-06-27 00:40 - 00004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8E5274B6-9129-41F5-9B0C-DFA80A2E7E03}
2013-11-23 04:46 - 2011-08-12 02:57 - 00000000 ____D C:\Windows\Minidump
2013-11-22 20:02 - 2011-06-28 14:41 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-22 20:01 - 2011-11-01 21:02 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-22 13:55 - 2013-10-11 18:56 - 00003240 _____ C:\Windows\System32\Tasks\HPCeeScheduleForSusy&Robin
2013-11-22 13:55 - 2013-10-11 18:56 - 00000352 _____ C:\Windows\Tasks\HPCeeScheduleForSusy&Robin.job
2013-11-22 13:55 - 2012-01-12 16:43 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-17 17:49 - 2012-01-16 18:51 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\.purple
2013-11-15 16:03 - 2013-11-15 15:39 - 00000000 ____D C:\Windows\ELAMBKUP
2013-11-15 16:02 - 2013-11-15 15:39 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2013-11-15 16:02 - 2013-11-15 15:39 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2013-11-15 16:02 - 2012-10-18 14:50 - 00054368 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kltdi.sys
2013-11-15 16:02 - 2012-09-03 18:23 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2013-11-15 16:02 - 2012-09-03 17:57 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2013-11-15 16:02 - 2012-08-13 16:49 - 00178448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2013-11-15 16:02 - 2012-06-19 17:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2013-11-15 15:43 - 2013-11-15 15:43 - 00002216 _____ C:\Users\Susy&Robin\Desktop\Veilig Bankieren.lnk
2013-11-15 15:41 - 2013-11-15 15:42 - 00001078 _____ C:\Users\Public\Desktop\Kaspersky PURE 3.0.lnk
2013-11-15 15:39 - 2013-11-15 15:39 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2013-11-15 15:30 - 2013-09-02 15:35 - 00534784 _____ C:\Windows\PFRO.log
2013-11-15 15:22 - 2012-05-18 22:11 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\Adobe
2013-11-15 15:21 - 2012-04-02 18:07 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-15 15:21 - 2012-04-02 18:06 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-15 15:21 - 2011-07-04 15:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 15:11 - 2013-11-05 15:11 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\Lorenz_Cuno_Klopfenstein
2013-11-05 15:07 - 2013-11-05 15:07 - 00001138 _____ C:\Users\Susy&Robin\Desktop\OnTopReplica.lnk
2013-11-05 15:07 - 2013-11-05 15:07 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnTopReplica
2013-11-05 15:07 - 2013-11-05 15:07 - 00000000 ____D C:\Users\Susy&Robin\AppData\Local\OnTopReplica
2013-11-05 15:07 - 2013-11-05 15:06 - 00695407 _____ C:\Users\Susy&Robin\Downloads\OnTopReplica-Setup.exe
2013-11-04 16:44 - 2013-05-16 16:30 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-04 16:33 - 2013-10-05 15:48 - 00000000 ____D C:\Program Files\Bitdefender
2013-11-04 16:31 - 2013-11-04 16:31 - 00239653 _____ C:\ProgramData\1383578753.bdinstall.bin
2013-11-04 16:29 - 2013-10-05 15:41 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2013-11-04 13:53 - 2011-08-28 18:02 - 00007595 _____ C:\Users\Susy&Robin\AppData\Local\Resmon.ResmonCfg
2013-11-03 22:34 - 2013-11-03 22:34 - 00000000 ____D C:\Users\Susy&Robin\Documents\loginZyra
2013-11-01 18:08 - 2013-11-01 18:08 - 577898623 _____ C:\Windows\MEMORY.DMP
2013-11-01 00:33 - 2012-02-28 19:31 - 00003224 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHPSUSYROBIN$
2013-11-01 00:33 - 2012-02-28 19:31 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForHPSUSYROBIN$.job
2013-10-31 18:50 - 2011-08-13 21:34 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\TS3Client
2013-10-30 23:55 - 2011-07-26 18:29 - 00000000 ____D C:\Users\Susy&Robin\AppData\Roaming\uTorrent
2013-10-30 20:48 - 2013-10-30 20:37 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises (2012)
2013-10-28 14:44 - 2013-10-28 02:51 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The.Dark.Knight.Rises.2012.720p.BRRip.XviD.AC3-ViSiON
2013-10-28 04:53 - 2013-10-28 04:53 - 00000000 ____D C:\Users\Susy&Robin\Downloads\We're The Millers 2013 WEBRiP XViD UNiQUE (SilverTorrent)
2013-10-28 04:48 - 2013-10-28 04:47 - 00000000 ____D C:\Users\Susy&Robin\Downloads\This Is the End (2013) [1080p]
2013-10-28 04:36 - 2013-10-28 04:35 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Grown Ups 2 [2013] BRRip XViD-ETRG
2013-10-28 04:29 - 2013-10-28 04:28 - 00000000 ____D C:\Users\Susy&Robin\Downloads\World.War.Z.2013.BRRip XViD juggs
2013-10-28 04:24 - 2013-10-28 03:37 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Identity.Thief.2013.UNRATED.1080p.BluRay.x264.anoXmous
2013-10-28 04:04 - 2013-10-28 04:04 - 00000000 ____D C:\Users\Susy&Robin\Downloads\21.&.Over.2013.HDRip.XVID.AC3.5.1.HQ.Hive-CM8
2013-10-28 03:53 - 2013-10-28 03:23 - 1467342848 ____R C:\Users\Susy&Robin\Downloads\Parental.Guidance.2012.DVDRip.XviD-SPARKS.avi
2013-10-28 03:32 - 2013-10-28 03:31 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Spring.Breakers.2012.DVDRip.XViD-VH-PROD[rarbg]
2013-10-28 03:26 - 2013-10-28 03:13 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Movie.43.2013.DVDRip.XviD-3LT0N
2013-10-28 02:57 - 2013-10-28 02:52 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises (2012) DVDRip XviD-MAXSPEED
2013-10-28 02:50 - 2013-10-28 02:50 - 00000000 ____D C:\Users\Susy&Robin\Downloads\The Dark Knight Rises
2013-10-28 02:49 - 2013-10-28 02:44 - 00000000 ____D C:\Users\Susy&Robin\Downloads\Super Troopers (2001) [1080p]
2013-10-25 17:28 - 2011-08-13 21:34 - 00000000 ____D C:\Program Files (x86)\Teamspeak3

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-22 14:38

==================== End Of Log ============================
  • 0

#4
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by Susy&Robin at 2013-11-24 16:55:09
Running from C:\Users\Susy&Robin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.1.30017)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.7.0.2090)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.152)
Adobe Reader XI (11.0.03) (x32 Version: 11.0.03)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.7.609)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.3.133)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70704.0230)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bing Bar (x32 Version: 7.2.241.0)
Blackhawk Striker 2 (x32 Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Broadcom 2070 Bluetooth 3.0 (Version: 6.3.0.5600)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Light (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0416.541.8279)
Catalyst Control Center InstallProxy (x32 Version: 2010.0416.541.8279)
Catalyst Control Center Localization All (x32 Version: 2010.0416.541.8279)
CCC Help Chinese Standard (x32 Version: 2010.0416.0540.8279)
CCC Help Chinese Traditional (x32 Version: 2010.0416.0540.8279)
CCC Help Czech (x32 Version: 2010.0416.0540.8279)
CCC Help Danish (x32 Version: 2010.0416.0540.8279)
CCC Help Dutch (x32 Version: 2010.0416.0540.8279)
CCC Help English (x32 Version: 2010.0416.0540.8279)
CCC Help Finnish (x32 Version: 2010.0416.0540.8279)
CCC Help French (x32 Version: 2010.0416.0540.8279)
CCC Help German (x32 Version: 2010.0416.0540.8279)
CCC Help Greek (x32 Version: 2010.0416.0540.8279)
CCC Help Hungarian (x32 Version: 2010.0416.0540.8279)
CCC Help Italian (x32 Version: 2010.0416.0540.8279)
CCC Help Japanese (x32 Version: 2010.0416.0540.8279)
CCC Help Korean (x32 Version: 2010.0416.0540.8279)
CCC Help Norwegian (x32 Version: 2010.0416.0540.8279)
CCC Help Polish (x32 Version: 2010.0416.0540.8279)
CCC Help Portuguese (x32 Version: 2010.0416.0540.8279)
CCC Help Russian (x32 Version: 2010.0416.0540.8279)
CCC Help Spanish (x32 Version: 2010.0416.0540.8279)
CCC Help Swedish (x32 Version: 2010.0416.0540.8279)
CCC Help Thai (x32 Version: 2010.0416.0540.8279)
CCC Help Turkish (x32 Version: 2010.0416.0540.8279)
ccc-core-static (x32 Version: 2010.0416.541.8279)
ccc-utility64 (Version: 2010.0416.541.8279)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
CyberLink DVD Suite (x32 Version: 7.0.3003)
Dora's Carnival Adventure (x32 Version: 2.2.0.95)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121)
Energy Star Digital Logo (x32 Version: 1.0.1)
Escape Rosecliff Island (x32 Version: 2.2.0.95)
ESU for Microsoft Windows 7 (x32 Version: 1.0.0)
EVE Online (remove only) (x32)
FATE (x32 Version: 2.2.0.95)
FileHippo.com Update Checker (x32)
Final Drive Nitro (x32 Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Advisor (x32 Version: 3.4.10262.3295)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4)
HP Documentation (x32 Version: 1.1.1.0)
HP Game Console (x32)
HP Games (x32 Version: 1.0.1.3)
HP MediaSmart DVD (x32 Version: 4.1.4229)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (x32 Version: 4.1.4215)
HP MediaSmart Photo (x32 Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (x32 Version: 4.1.4214)
HP MediaSmart Webcam (x32 Version: 4.1.3024)
HP Power Manager (x32 Version: 1.2.3)
HP Quick Launch (x32 Version: 2.4.4)
HP Setup (x32 Version: 8.1.4186.3400)
HP SimplePass Identity Protection (Version: 5.20.233)
HP Software Framework (x32 Version: 4.1.6.1)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Wireless Assistant (Version: 4.0.9.0)
iCloud (Version: 3.0.2.163)
IDT Audio (x32 Version: 1.0.6288.0)
Internet Explorer (Enable DEP)
iTunes (Version: 11.1.0.126)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 33 (x32 Version: 6.0.330)
Jewel Quest - Heritage (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 14.0.8117.416)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558)
LabelPrint (x32 Version: 2.5.2907)
League of Legends (x32 Version: 1.3)
LightScribe System Software (x32 Version: 1.18.15.1)
Magic Desktop (x32)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 NLD Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobile Partner (x32 Version: 21.005.20.02.24)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Mumble 1.2.4 (x32 Version: 1.2.4)
OnTopReplica (HKCU Version: 3.4)
Pando Media Booster (x32 Version: 2.6.0.9)
Penguins! (x32 Version: 2.2.0.95)
PhotoNow! (x32 Version: 1.1.6904)
Pidgin (x32 Version: 2.10.1)
Plants vs. Zombies (x32 Version: 2.2.0.95)
Poker Superstars III (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.95)
Polar Golfer (x32 Version: 2.2.0.95)
Post Apocalyptic Mayhem (x32)
Power2Go (x32 Version: 6.1.4204)
PowerDirector (x32 Version: 8.0.3003)
Rapport (x32 Version: 3.5.1302.59)
Razer Game Booster (x32 Version: 4.0.68.0)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.11.1127.2009)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30113)
Recovery Manager (x32 Version: 5.5.3023)
Shared C Run-time for x64 (Version: 10.0.0)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
Taalpakket voor Microsoft .NET Framework 4.5 - NLD (Version: 4.5.50709)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1)
Trusteer Eindpuntbeveiliging (x32 Version: 3.5.1302.59)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Validity Sensors DDK (Version: 4.1.139.0)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Windows Live - Hulpprogramma voor uploaden (x32 Version: 14.0.8014.1029)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Photo Gallery (x32 Version: 14.0.8117.416)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points =========================

04-11-2013 15:43:02 avast! antivirus system restore point
04-11-2013 15:50:44 Windows Update
10-11-2013 18:00:12 Windows Back-up
15-11-2013 14:28:36 avast! antivirus system restore point
17-11-2013 18:00:09 Windows Back-up

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-09-04 16:08 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {140D1A4B-FEB6-44A4-B485-1F78EAE36059} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {1FB17E1A-8F5B-44DC-B569-2895CA606FF1} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {2442BD34-8E82-4A59-A816-4E6EC2F9E051} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {2E266436-AF96-4CF4-BA15-0BFDE2AEB74A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {3523B88D-7408-4A4A-8B73-38C97673413E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {4236823B-A1F7-48A4-8458-630DF2A3451A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {47D78B1A-3CD6-4439-831A-66D9EAD9A3DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {4B456960-1205-49E0-A862-405E87E6AD49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {56B20E2E-9501-498B-8B2A-58DBECBAB74D} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {5BEFC271-EE69-49D5-B4C3-37C918327283} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6147B2C1-8350-4EA6-A321-22FD73D11944} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E97E094-F6AC-4918-A781-1CB3B7F723C9} - System32\Tasks\Adobe-online actualiseringsprogramma => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {7A6C06F7-FF8B-4370-9446-C38510456826} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\SymErr.exe
Task: {7C517DCB-6B16-484F-A529-994ED3CD4592} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {892B55F4-43A9-4B06-BBB7-98FA4620935A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1031145200-657204300-1421087719-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8C8C5528-CF93-43C4-B842-5A11C3DECA6F} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.3.3.19\SymErr.exe
Task: {A45C2EE4-E5FE-45FD-9D9C-4F9FB5F14F2A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-15] (Adobe Systems Incorporated)
Task: {A5C106D6-5A17-4347-834C-069AA99480C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B19036E4-4AA5-489E-8FD6-C4870D3A50D6} - System32\Tasks\HPCeeScheduleForSusy&Robin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {B39C0E00-7992-4CB9-880B-517556366920} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1031145200-657204300-1421087719-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {B92C94A9-318A-46DE-AB0A-8546E4185835} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {BEB169DE-9B98-4F55-A89D-17A4D35000F6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-11-19] (Microsoft)
Task: {F490259D-B7DB-4052-91D4-99AD964EC871} - System32\Tasks\HPCeeScheduleForHPSUSYROBIN$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHPSUSYROBIN$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSusy&Robin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2010-06-08 22:55 - 2010-06-08 22:55 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-03-09 14:34 - 2010-03-09 14:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-12-07 20:54 - 2012-12-07 20:54 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2010-06-18 15:26 - 2010-06-18 15:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2013-09-05 16:46 - 2013-09-05 16:46 - 00991984 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 00843264 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2012-08-08 17:43 - 2012-08-08 17:42 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2012-06-27 14:09 - 2012-06-27 14:09 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-05-19 09:05 - 2010-05-19 09:05 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2010-02-09 17:58 - 2010-02-09 17:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2013 00:27:18 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: League of Legends.exe, versie: 3.14.0.700, tijdstempel: 0x528ab927
Naam van module met fout: League of Legends.exe, versie: 3.14.0.700, tijdstempel: 0x528ab927
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0042c7b0
Id van proces met fout: 0x31c8
Starttijd van toepassing met fout: 0xLeague of Legends.exe0
Pad naar toepassing met fout: League of Legends.exe1
Pad naar module met fout: League of Legends.exe2
Rapport-id: League of Legends.exe3

Error: (11/22/2013 09:39:06 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: LolClient.exe, versie: 0.0.0.0, tijdstempel: 0x515663e0
Naam van module met fout: ole32.dll, versie: 6.1.7601.17514, tijdstempel: 0x4ce7b96f
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0004866a
Id van proces met fout: 0x15a0
Starttijd van toepassing met fout: 0xLolClient.exe0
Pad naar toepassing met fout: LolClient.exe1
Pad naar module met fout: LolClient.exe2
Rapport-id: LolClient.exe3

Error: (11/17/2013 09:41:49 PM) (Source: Application Hang) (User: )
Description: Het programma LolClient.exe, versie 0.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: 2a80

Starttijd: 01cee3c9d611066f

Eindtijd: 0

Toepassingspad: C:\Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.57\deploy\LolClient.exe

Rapport-id: 881591ee-4fc8-11e3-99b3-e02a8202c98c

Error: (11/17/2013 02:22:47 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 10.0.9200.16720, tijdstempel: 0x523cf127
Naam van module met fout: kernel32.dll, versie: 6.1.7601.18229, tijdstempel: 0x51fb1115
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0002c29a
Id van proces met fout: 0x1b94
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (11/17/2013 02:21:54 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 10.0.9200.16720, tijdstempel: 0x523cf127
Naam van module met fout: atiumdag.dll, versie: 8.14.10.735, tijdstempel: 0x4bc831bb
Uitzonderingscode: 0xc00000fd
Foutoffset: 0x0000de4f
Id van proces met fout: 0x2f90
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (11/16/2013 02:04:39 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 10.0.9200.16720, tijdstempel: 0x523cf127
Naam van module met fout: Flash32_11_9_900_152.ocx, versie: 11.9.900.152, tijdstempel: 0x526f02a2
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00125a2a
Id van proces met fout: 0x3bc4
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (11/14/2013 08:29:51 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: League of Legends.exe, versie: 3.13.0.399, tijdstempel: 0x526ed0a3
Naam van module met fout: cgD3D9.dll, versie: 3.0.0.16, tijdstempel: 0x4d55a06f
Uitzonderingscode: 0xc0000005
Foutoffset: 0x000b6539
Id van proces met fout: 0x23c8
Starttijd van toepassing met fout: 0xLeague of Legends.exe0
Pad naar toepassing met fout: League of Legends.exe1
Pad naar module met fout: League of Legends.exe2
Rapport-id: League of Legends.exe3

Error: (11/13/2013 03:19:34 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 10.0.9200.16720, tijdstempel: 0x523cf127
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.18229, tijdstempel: 0x51fb1116
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0000efd8
Id van proces met fout: 0x176c
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (11/11/2013 00:36:38 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: IEXPLORE.EXE, versie: 10.0.9200.16720, tijdstempel: 0x523cf127
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x20296425
Id van proces met fout: 0x1844
Starttijd van toepassing met fout: 0xIEXPLORE.EXE0
Pad naar toepassing met fout: IEXPLORE.EXE1
Pad naar module met fout: IEXPLORE.EXE2
Rapport-id: IEXPLORE.EXE3

Error: (11/10/2013 05:47:16 PM) (Source: Application Hang) (User: )
Description: Het programma iexplore.exe, versie 10.0.9200.16720 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.

Proces-id: 15dc

Starttijd: 01cede2e53b2e4c4

Eindtijd: 0

Toepassingspad: C:\Program Files\Internet Explorer\iexplore.exe

Rapport-id:


System errors:
=============
Error: (11/24/2013 04:12:33 PM) (Source: Service Control Manager) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
SBRE

Error: (11/24/2013 04:12:32 PM) (Source: Service Control Manager) (User: )
Description: De BullGuard on-access service-service is afhankelijk van de BullGuard main service-service, die vanwege de volgende fout niet kan worden gestart:
%%126

Error: (11/24/2013 04:12:31 PM) (Source: Service Control Manager) (User: )
Description: De Mobile Partner. OUC-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error: (11/24/2013 04:12:31 PM) (Source: Service Control Manager) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Mobile Partner. OUC.

Error: (11/24/2013 04:12:21 PM) (Source: Service Control Manager) (User: )
Description: De BullGuard update service-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (11/24/2013 04:12:21 PM) (Source: Service Control Manager) (User: )
Description: De BullGuard scanning service-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (11/24/2013 04:12:21 PM) (Source: Service Control Manager) (User: )
Description: De BullGuard main service-service is gestopt met de volgende foutcode:
%%126.

Error: (11/24/2013 04:12:21 PM) (Source: Service Control Manager) (User: )
Description: De BullGuard e-mail monitoring service-service is gestopt met de volgende foutcode:
%%126.

Error: (11/24/2013 04:52:12 AM) (Source: DCOM) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (11/23/2013 03:42:30 PM) (Source: Service Control Manager) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
SBRE


Microsoft Office Sessions:
=========================
Error: (11/24/2013 00:27:18 AM) (Source: Application Error)(User: )
Description: League of Legends.exe3.14.0.700528ab927League of Legends.exe3.14.0.700528ab927c00000050042c7b031c801cee8a2bca68bfdC:\Program Files (x86)\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.254\deploy\League of Legends.exeC:\Program Files (x86)\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.254\deploy\League of Legends.execae83b5f-5496-11e3-ba4c-e02a8202c98c

Error: (11/22/2013 09:39:06 PM) (Source: Application Error)(User: )
Description: LolClient.exe0.0.0.0515663e0ole32.dll6.1.7601.175144ce7b96fc00000050004866a15a001cee7b511188f78C:\Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.58\deploy\LolClient.exeC:\Windows\syswow64\ole32.dll20f01e31-53b6-11e3-924b-e02a8202c98c

Error: (11/17/2013 09:41:49 PM) (Source: Application Hang)(User: )
Description: LolClient.exe0.0.0.02a8001cee3c9d611066f0C:\Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.57\deploy\LolClient.exe881591ee-4fc8-11e3-99b3-e02a8202c98c

Error: (11/17/2013 02:22:47 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16720523cf127kernel32.dll6.1.7601.1822951fb1115c00000050002c29a1b9401cee3336afbe822C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\kernel32.dllc427f662-4f26-11e3-80c9-e02a8202c98c

Error: (11/17/2013 02:21:54 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16720523cf127atiumdag.dll8.14.10.7354bc831bbc00000fd0000de4f2f9001cee322479fee72C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\atiumdag.dlla455a2de-4f26-11e3-80c9-e02a8202c98c

Error: (11/16/2013 02:04:39 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16720523cf127Flash32_11_9_900_152.ocx11.9.900.152526f02a2c000000500125a2a3bc401cee263d359cd36C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\Macromed\Flash\Flash32_11_9_900_152.ocx10e29e20-4e5b-11e3-b0a1-e02a8202c98c

Error: (11/14/2013 08:29:51 PM) (Source: Application Error)(User: )
Description: League of Legends.exe3.13.0.399526ed0a3cgD3D9.dll3.0.0.164d55a06fc0000005000b653923c801cee16fb4dc742dC:\Program Files (x86)\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.251\deploy\League of Legends.exeC:\Program Files (x86)\League of Legends\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.251\deploy\cgD3D9.dll20f2fc0f-4d63-11e3-a17d-e02a8202c98c

Error: (11/13/2013 03:19:34 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16720523cf127KERNELBASE.dll6.1.7601.1822951fb1116c00000050000efd8176c01cee07b5c78d401C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\KERNELBASE.dll9e454bc9-4c6e-11e3-a5ec-e02a8202c98c

Error: (11/11/2013 00:36:38 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16720523cf127unknown0.0.0.000000000c000000520296425184401ceded218f49be5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown8669b576-4ac5-11e3-b758-e02a8202c98c

Error: (11/10/2013 05:47:16 PM) (Source: Application Hang)(User: )
Description: iexplore.exe10.0.9200.1672015dc01cede2e53b2e4c40C:\Program Files\Internet Explorer\iexplore.exe


CodeIntegrity Errors:
===================================
Date: 2013-11-23 18:23:12.435
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-23 18:23:12.435
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-23 18:23:12.435
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-23 18:23:12.388
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-23 18:23:12.372
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-23 18:23:12.372
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-22 14:42:15.255
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-22 14:42:15.255
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-22 14:42:15.239
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2013-11-22 14:42:15.224
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3834.9 MB
Available physical RAM: 1773.36 MB
Total Pagefile: 7667.98 MB
Available Pagefile: 4975.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:678.07 GB) (Free:528.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.27 GB) (Free:2.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: F2F188E2)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=678 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================
  • 0

#5
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello CatBee,

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#6
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
i'm not getting any logs... i ran it 3 times to make sure but nothing happens
  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Should be copies of the logs at:

C:\FRST\Logs

Go to Start and type JRT.txt in the Search programs and files panel. It should show up. Copy and paste back here. :)

If you can't find it come back and tell me.
  • 0

#8
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
I managed to find the FRST logs at C:\FRST\Logs. but nothing shows up when i type JRT.txt
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Try this one instead:

Download : ADWCleaner to your desktop.

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs and click on the AdwCleaner icon.

Posted Image

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.
  • 0

#10
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
# AdwCleaner v3.013 - Report created 27/11/2013 at 18:29:05
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Susy&Robin - HPSUSYROBIN
# Running from : C:\Users\Susy&Robin\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Users\Susy&Robin\AppData\Local\Vid-Saver
Folder Deleted : C:\Users\Susy&Robin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Susy&Robin\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Susy&Robin\AppData\Roaming\ParetoLogic
File Deleted : C:\Users\Susy&Robin\AppData\Roaming\BabMaint.exe
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKCU\Software\5be8adeb06dbd48
Key Deleted : HKLM\SOFTWARE\5be8adeb06dbd48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Vid-Saver
Key Deleted : HKLM\Software\ParetoLogic

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v

[ File : C:\Users\Susy&Robin\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]


*************************

AdwCleaner[R0].txt - [3175 octets] - [27/11/2013 18:24:21]
AdwCleaner[R1].txt - [3235 octets] - [27/11/2013 18:26:14]
AdwCleaner[R2].txt - [3295 octets] - [27/11/2013 18:27:14]
AdwCleaner[S0].txt - [2844 octets] - [27/11/2013 18:29:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2904 octets] ##########
  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello CatBee,

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#12
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
The log is in Dutch...

ComboFix 13-11-27.01 - Susy&Robin 28-11-2013 15:41:25.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3835.2169 [GMT 1:00]
Gestart vanuit: c:\users\Susy&Robin\Desktop\ComboFix.exe
AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
/wow section - STAGE 32
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Het proces heeft geen toegang tot het bestand omdat het door een ander
proces wordt gebruikt.
Kan bestand LockedB niet vinden.
Kan bestand lockedB niet vinden.
Kan bestand LockedB niet vinden.
Toegang geweigerd.
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1380984148.bdinstall.bin
c:\programdata\1380984430.bdinstall.bin
c:\programdata\1380984837.bdinstall.bin
c:\programdata\1383578753.bdinstall.bin
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-10-28 to 2013-11-28 ))))))))))))))))))))))))))))))
.
.
2013-11-28 15:02 . 2013-11-28 15:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-27 21:41 . 2013-11-28 14:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30C942A8-D674-4296-B5C3-A5676DE482DE}\offreg.dll
2013-11-27 17:24 . 2013-11-27 17:29 -------- d-----w- C:\AdwCleaner
2013-11-24 15:52 . 2013-11-24 15:52 -------- d-----w- C:\FRST
2013-11-15 14:41 . 2012-07-11 16:09 64856 ----a-w- c:\windows\system32\klfphc.dll
2013-11-15 14:40 . 2011-06-02 13:39 66616 ----a-w- c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2013-11-15 14:40 . 2011-06-02 13:39 84536 ----a-w- c:\windows\system32\drivers\CSCrySec.sys
2013-11-15 14:39 . 2013-11-15 15:03 -------- d-----w- c:\windows\ELAMBKUP
2013-11-15 14:39 . 2013-11-15 14:39 -------- d-----w- c:\program files (x86)\Common Files\InfoWatch
2013-11-15 14:39 . 2013-11-28 14:31 -------- d-----w- c:\programdata\Kaspersky Lab
2013-11-15 14:39 . 2013-11-15 14:39 -------- d-----w- c:\program files (x86)\Kaspersky Lab
2013-11-15 14:39 . 2013-11-15 15:02 626272 ----a-w- c:\windows\system32\drivers\klif.sys
2013-11-15 14:39 . 2013-11-15 15:02 90208 ----a-w- c:\windows\system32\drivers\klflt.sys
2013-11-05 15:27 . 2013-10-16 00:20 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{30C942A8-D674-4296-B5C3-A5676DE482DE}\mpengine.dll
2013-11-05 14:11 . 2013-11-05 14:11 -------- d-----w- c:\users\Susy&Robin\AppData\Local\Lorenz_Cuno_Klopfenstein
2013-11-05 14:07 . 2013-11-05 14:07 -------- d-----w- c:\users\Susy&Robin\AppData\Local\OnTopReplica
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-15 15:02 . 2012-08-13 15:49 178448 ----a-w- c:\windows\system32\drivers\kneps.sys
2013-11-15 15:02 . 2012-10-18 13:50 54368 ----a-w- c:\windows\system32\drivers\kltdi.sys
2013-11-15 15:02 . 2012-09-03 17:23 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2013-11-15 15:02 . 2012-09-03 16:57 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2013-11-15 15:02 . 2012-06-19 16:28 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys
2013-11-15 14:21 . 2011-07-04 14:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-04 15:44 . 2013-05-16 15:30 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-22 14:03 . 2013-10-22 14:03 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-09 22:06 . 2012-01-20 17:49 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 20:40 . 2013-10-08 20:40 17226632 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-10-05 14:41 . 2013-10-05 14:41 244631 ----a-w- c:\programdata\1380984072.bdinstall.bin
2013-09-22 23:28 . 2013-10-09 22:13 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-09 22:13 2876928 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-09 22:14 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-09 22:14 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-09 22:14 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-09 22:13 2241024 ----a-w- c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-09 22:13 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-09 22:13 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-09 22:13 19252224 ----a-w- c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-09 22:13 855552 ----a-w- c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-09 22:13 3959296 ----a-w- c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-09 22:13 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-09 22:14 526336 ----a-w- c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-09 22:14 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-09 22:14 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-09 22:14 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-09 22:14 2647552 ----a-w- c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-09 22:13 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-09 22:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-09 22:14 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-09 22:14 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-09 22:14 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-09 14:21 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-09 14:21 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 14:21 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 14:21 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 14:20 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 14:20 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 14:20 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 14:20 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 14:20 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 14:20 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 14:20 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 13:35 . 2011-08-28 01:24 278800 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 17:20 459784 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" [2010-02-09 1712184]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-05-19 2736128]
"ISUSPM"="c:\programdata\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2008-10-20 210208]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2010-06-02 61112]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-16 98304]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-06-14 587320]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-11-15 356128]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe [x]
R2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
R2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
R2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x]
R2 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe;c:\program files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [x]
R2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe;c:\program files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys;c:\windows\SYSNATIVE\DRIVERS\CSCrySec.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys;c:\windows\SYSNATIVE\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 CSObjectsSrv;CryptoStorage control service;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-05-19 08:36 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2013-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-12 14:21]
.
2013-10-31 c:\windows\Tasks\HPCeeScheduleForHPSUSYROBIN$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
2013-11-26 c:\windows\Tasks\HPCeeScheduleForSusy&Robin.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 17:22 492040 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-09 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-11-19 21720]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: Toevoegen aan Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
TCP: DhcpNameServer = 83.255.245.11 193.150.193.150
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKU-Default-Run-Bitdefender Wallet Agent - c:\program files\Bitdefender\Bitdefender\pmbxag.exe
Wow6432Node-HKU-Default-Run-Bitdefender Wallet - c:\program files\Bitdefender\Bitdefender\pwdmanui.exe
Wow6432Node-HKU-Default-Run-Bitdefender Wallet Application Agent - c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-InstallerLauncher - c:\program files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{6EBF7485-159F-4BFF-A14F-B9E3AAC4465B}"=hex:51,66,7a,6c,4c,1d,38,12,eb,77,ac,
6a,ad,5b,91,0e,de,59,fa,a3,af,9a,02,4f
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6f,c9,66,8c,f5,c6,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f5,f1,a4,c7,60,27,53,42,90,01,7c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f5,f1,a4,c7,60,27,53,42,90,01,7c,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-11-28 16:08:11
ComboFix-quarantined-files.txt 2013-11-28 15:07
.
Pre-Run: 577.118.855.168 bytes beschikbaar
Post-Run: 576.654.888.960 bytes beschikbaar
.
- - End Of File - - B883112FA9F2FAA26D796396DC2CF7F2
8F401FAB9E5EAC873EDDCA10434209F3
  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello again CatBee,

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

  • Click the green ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
    then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install. If your firewall asks whether you want to allow installation, say yes.
  • Make sure that the option Scan archives is checked.
  • If you are given an option to quarantine files ensure the scan is set to do so.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Then click on: Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic and tell me how your machine is now.

  • 0

#14
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=33eb3ca65eb6ca4781a2c13b5c79542c
# engine=16078
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-11-29 09:11:45
# local_time=2013-11-29 10:11:45 (+0100, West-Europa (standaardtijd))
# country="Netherlands"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 113450 137389355 0 0
# compatibility_mode=9983 16777215 0 0 0 0 0 0
# scanned=296749
# found=1
# cleaned=1
# scan_time=17798
sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Susy&Robin\AppData\Roaming\BabMaint.exe.vir"
  • 0

#15
CatBee

CatBee

    Member

  • Topic Starter
  • Member
  • PipPip
  • 65 posts
My pc is running much faster after all those cleanings :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP