DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 11.0.9600.17344 BrowserJavaVersion: 11.45.2 Run by Nancy at 8:29:09 on 2015-07-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.3511.2018 [GMT 2:00] . AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\system32\taskeng.exe C:\Program Files\pia_manager\pia_manager.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\TOP\SQL Anywhere 9\Shared\Sybase Central 4.3\win32\scjview.exe c:\Program Files\Microsoft SQL Server\MSSQL10_50.KLUWER2008R2\MSSQL\Binn\sqlservr.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtlService.exe C:\Program Files\Realtek\11n USB Wireless LAN Utility\RtWlan.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Users\Nancy\AppData\Local\Temp\ocrC560.tmp\bin\rubyw.exe C:\Program Files\pia_manager\pia_manager.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\vssvc.exe C:\Users\Nancy\AppData\Local\Temp\ocrC531.tmp\bin\rubyw.exe C:\Program Files\pia_manager\pia_tray\pia_tray.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\svchost.exe -k swprv . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.be/ BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_45\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_45\bin\jp2ssv.dll uRun: [SybaseCentral43] "c:\top\sql anywhere 9\shared\sybase central 4.3\win32\scjview.exe" -preload mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: SoftwareSASGeneration = dword:1 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - c:\program files\hewlett-packard\smart print\SmartPrintSetup.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} - hxxp://ccff02.minfin.fgov.be/diagnosis/static/resources/capicom.cab DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab TCP: NameServer = 192.168.0.1 TCP: Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}\3596475636F6D6449393334383 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}\B62796374796E623030393 : DHCPNameServer = 195.130.131.4 195.130.130.132 TCP: Interfaces\{010B9879-A692-401A-AE4C-02616152CCA3}\D4F62696C6560284F6473707F6470263433383 : DHCPNameServer = 10.0.0.2 10.0.0.3 TCP: Interfaces\{653AB07B-9FFC-4C9E-907A-2DDA1280D0CB} : DHCPNameServer = 209.222.18.222 209.222.18.218 TCP: Interfaces\{87009144-BBAF-4077-80C9-4F1846086AB2} : DHCPNameServer = 192.168.0.1 Handler: linkscanner - Notify: igfxcui - igfxdev.dll SSODL: WebCheck - . ================= FIREFOX =================== . FF - ProfilePath - c:\users\nancy\appdata\roaming\mozilla\firefox\profiles\cd6dpzrg.default-1437237930325\ FF - plugin: c:\program files\adobe\acrobat reader dc\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre1.8.0_45\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.40416.0\npctrlui.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\nancy\appdata\roaming\vasco\vascocardreaderplugin\3.2.3.4\npVascoCardReaderPlugin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_17_0_0_134.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-2-23 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-2-23 206248] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2014-2-23 787800] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-2-23 423784] R1 RawDisk3;RawDisk3;c:\windows\system32\drivers\rawdsk3.sys [2015-7-18 28256] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-7-24 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-2-23 70384] R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2014-2-23 91496] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-12-24 50344] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2010-6-29 13336] R2 MSSQL$KLUWER2008R2;SQL Server (KLUWER2008R2);c:\program files\microsoft sql server\mssql10_50.kluwer2008r2\mssql\binn\sqlservr.exe [2011-6-17 43040096] R2 Realtek11nSU;Realtek11nSU;c:\program files\realtek\11n usb wireless lan utility\RtlService.exe [2011-8-1 40960] R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-7-10 5097232] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2014-6-5 93040] R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2010-6-29 2320920] R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\avast software\avast\ng\vbox\VBoxAswDrv.sys [2014-12-24 218192] R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\avast software\avast\ng\vbox\AvastVBoxSVC.exe [2014-12-24 3192344] R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\drivers\BazisVirtualCDBus.sys [2011-6-4 115808] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-8-14 132480] R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2010-6-28 232960] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-6-28 67624] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-7-18 23256] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2010-4-1 1009184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608] S2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2015-7-18 1133880] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 cxbu0wdm;OMNIKEY 3x21;c:\windows\system32\drivers\cxbu0wdm.sys [2014-5-14 131064] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2014-10-16 108032] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-7-18 51928] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-2-9 14848] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2010-6-29 193056] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\rtl8192su.sys [2011-8-1 583680] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-2-9 49664] S3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-19 1343400] S3 WisLMSvc;WisLMSvc;c:\program files\launch manager\WisLMSvc.exe [2010-8-14 118560] S3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2010-8-14 13720] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896] S4 RsFx0151;RsFx0151 Driver;c:\windows\system32\drivers\RsFx0151.sys [2011-6-17 240736] S4 SQLAgent$KLUWER2008R2;SQL Server Agent (KLUWER2008R2);c:\program files\microsoft sql server\mssql10_50.kluwer2008r2\mssql\binn\SQLAGENT.EXE [2011-6-17 370016] . =============== Created Last 30 ================ . 2015-07-18 19:54:59 -------- d-----w- c:\users\nancy\appdata\roaming\VSRevoGroup 2015-07-18 19:49:13 28256 ----a-w- c:\windows\system32\drivers\rawdsk3.sys 2015-07-18 19:49:11 -------- d-----w- C:\logs 2015-07-18 19:49:10 -------- d-----w- c:\users\nancy\appdata\roaming\iolo 2015-07-18 19:49:10 -------- d-----w- c:\programdata\iolo 2015-07-18 16:50:54 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4b112882-22f8-4ac8-9d13-4ef7daa5ba27}\offreg.3328.dll 2015-07-18 15:36:27 9252600 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{4b112882-22f8-4ac8-9d13-4ef7daa5ba27}\mpengine.dll 2015-07-18 08:01:42 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-07-18 08:01:27 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-07-18 08:01:27 51928 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-07-18 08:01:27 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-07-18 08:01:27 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2015-07-18 06:03:39 -------- d-----w- c:\users\nancy\appdata\local\Apple Computer 2015-07-18 06:03:37 -------- d-----w- c:\users\nancy\appdata\roaming\Titanium 2015-07-18 06:02:05 26624 ----a-w- c:\windows\system32\drivers\tap0901.sys 2015-07-18 06:01:57 -------- d-----w- c:\program files\pia_manager 2015-07-16 11:53:03 -------- d-----w- c:\users\nancy\appdata\local\CEF 2015-07-08 19:46:09 -------- d-----w- c:\windows\system32\siscardplugins . ==================== Find3M ==================== . 2015-07-05 21:18:56 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-07-05 21:18:56 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-07-04 21:10:04 60 ----a-w- c:\windows\wpd99.drv 2015-06-23 11:27:10 246952 ------w- c:\windows\system32\MpSigStub.exe 2015-04-22 20:10:42 96680 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ============= FINISH: 8:30:28,98 ===============