Kevink

alles is weg! Had ook problemen met een foutmelding "Display driver has stopped responding but has recovered" Heb ik voorlopig ook geen last meer van! Vriendelijk bedankt Kevin

Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Kevin on Thu 02/20/2014 at 10:51:08.48. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kevin\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-19-214858.log 41200 bytes ==== Possible Rootkit Infection ====================== C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\U C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L\00000004.@ ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Run] "BackgroundContainer"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "BackgroundContainer"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShadowPlay"=- ==== Deleting Files \ Folders ====================== C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer not found C:\windows\SysNative\nvspcap64.dll,ShadowPlayOnSystemStart not found ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1055 folders=198 103044876 bytes) ==== EOF on Thu 02/20/2014 at 10:52:09.35 ======================

Zoek logje: Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Kevin on Wed 02/19/2014 at 22:38:08.66. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Kevin\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 2/19/2014 10:39:09 PM Zoek.exe System Restore Point Created Succesfully. ==== Possible Rootkit Infection ====================== C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\U C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L\00000004.@ ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Canon IJ Network Tool deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Kevin\AppData\Roaming\9A7C5E deleted successfully C:\Users\Kevin\AppData\Roaming\DigitalSites deleted successfully C:\Users\Kevin\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Kevin\AppData\Local\WarThunder deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{068887F4-6BF1-4480-845B-730C51CDFFEC} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Users\Kevin\AppData\Roaming\DigitalSites not found C:\Program Files (x86)\Hotspot_Shield deleted C:\Program Files (x86)\Yontoo deleted C:\Windows\syswow64\appdata deleted C:\PROGRA~3\eSellerate deleted C:\PROGRA~2\Delta deleted C:\PROGRA~2\TorrentB deleted C:\PROGRA~2\Conduit deleted C:\Users\Kevin\AppData\Roaming\BreakingPoint_Options.ini deleted C:\Users\Kevin\AppData\Roaming\Hotspot Shield deleted C:\Users\Kevin\AppData\Roaming\BabSolution deleted C:\Users\Kevin\AppData\Roaming\Babylon deleted C:\Users\Kevin\AppData\Roaming\DSite deleted C:\PROGRA~3\BrowserProtect deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Adobe\1B67B01.vbe deleted C:\PROGRA~3\Adobe\25065DF.vbe deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Package Cache deleted C:\Users\Kevin\AppData\Local\newhb2.crx deleted C:\Users\Kevin\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted C:\windows\SysNative\Tasks\DSite deleted C:\Users\Kevin\AppData\LocalLow\Hotspot_Shield deleted C:\Users\Kevin\AppData\LocalLow\Delta deleted C:\Users\Kevin\AppData\LocalLow\Conduit deleted C:\windows\SysNative\Tasks\BrowserProtect deleted C:\windows\SysNative\tasks\Digital Sites deleted C:\Windows\tasks\Digital Sites.job deleted C:\Windows\tasks\DSite.job deleted C:\END deleted C:\Windows\Syswow64\RegistryHelperLM.ocx deleted C:\Windows\Syswow64\Hotspot Shield deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\settings.db" not deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\logs\ts3client_2014-02-19__22_36_35.723829.log" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com\unq3D.jpg" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\channel.html" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.html" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.txt" not deleted "C:\PROGRA~2\Hotspot Shield\bin\af_proxy.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\cmw_srv.exe" deleted "C:\PROGRA~2\Hotspot Shield\bin\HSSCP.exe" deleted "C:\PROGRA~2\Hotspot Shield\bin\HssSrvlib.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\zlib1.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\lang\gui-eng.dll" deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted "C:\Users\Kevin\AppData\Roaming\Yontoo" deleted "C:\Users\Kevin\AppData\Roaming\TS3Client" not deleted "C:\PROGRA~2\Hotspot Shield" not deleted "C:\Users\Kevin\AppData\Roaming\Yontoo" deleted "C:\PROGRA~3\Hotspot Shield" deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\dat" deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\cache" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\chats" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\logs" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com" not deleted "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==" not deleted "C:\PROGRA~2\Hotspot Shield\bin" not deleted "C:\PROGRA~2\Hotspot Shield\bin\lang" deleted "C:\Users\Kevin\AppData\Roaming\Yontoo\dat" deleted "C:\PROGRA~3\Hotspot Shield\config" deleted "C:\PROGRA~3\Hotspot Shield\config\hsspx" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-02-05 00:45:33 01A4FEEB9CB3E8C739CE62EB050D363D 262 ----a-w- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini ====== C:\Users\Kevin\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-02-18 22:10:13 53DD53A3325EBD857E64CD3721590A49 599840 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-02-18 22:08:12 EB43435428983B765F84E7AEFD8F53D3 863520 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2014-02-18 22:08:12 DDED1206C0F67CCA99E451C445229BA1 408352 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll 2014-02-18 22:08:12 DBFAFBCFCE0724CFDF305C093407CD65 148528 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2014-02-18 22:08:12 AF56825148F85742F3867BE7B1D36AB3 2956576 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-02-18 22:08:12 A09D95925DB75AF8E0EB9CCF9C64E1EA 17560352 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-02-18 22:08:12 9FC52654FE92A915556170B6143D9495 2410784 ----a-w- C:\Windows\SysWOW64\nvcuvenc.dll 2014-02-18 22:08:12 9169E49ED45608F58DA4A6842F79A6FC 832424 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2014-02-18 22:08:12 7DC5F85DE8E0F2CC0812400CEBBE9284 15740232 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll 2014-02-18 22:08:12 78E17F87A9C027B60F638A3EAEE11924 23683360 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-02-18 22:08:12 774C51EE5FC8DB1E7CEB84212AE3F3C6 305600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2014-02-18 22:08:12 6625501E3A3B35737B31B281A151585B 9728064 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-02-18 22:08:12 5477F6C607976A15E2E70599C647612C 844576 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2014-02-18 22:08:12 4748606583AC023E87FD50656802CF73 333600 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll 2014-02-18 22:08:12 3482778F0F0ED7497602BF490A813886 9690424 ----a-w- C:\Windows\SysWOW64\nvopencl.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-18 22:08:12 FA777A854BA2C8DFA5FE48CF6190FB7B 875296 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2014-02-18 22:08:12 F75741DA002D660107AFBADD1DC6257E 353504 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2014-02-18 22:08:12 EE45DE08249907C6A60E6A26FC1C19DD 2782496 ----a-w- C:\Windows\Sysnative\nvcuvenc.dll 2014-02-18 22:08:12 E16A03F0F19D9FFC141EC8BEAF8D1BB5 1885472 ----a-w- C:\Windows\Sysnative\nvdispco6433489.dll 2014-02-18 22:08:12 C959A65F734FD6BF549A2B40A97D0032 11636176 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-02-18 22:08:12 859816390C1E2ED105D6E1E0BEFA4E8B 25256224 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-02-18 22:08:12 66DB72CC7E8D2DE53EF28204B07531A2 3142432 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-02-18 22:08:12 5D09FA65DB21CCA31D30AFB51F9A63AF 11589272 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-02-18 22:08:12 5C06001B0688F59BD6BAB0BBCCA871C0 892192 ----a-w- C:\Windows\Sysnative\NvIFR64.dll 2014-02-18 22:08:12 53B1A6B1A88AE290BFCA62EA97D98B45 378656 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll 2014-02-18 22:08:12 2913EC6B84DC8698ACCE19F9B1976936 483104 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll 2014-02-18 22:08:12 1BAAA2BAE54265A8B3D1EF1341CB28F7 1515296 ----a-w- C:\Windows\Sysnative\nvdispgenco6433489.dll ====== C:\Windows\Sysnative\drivers ===== 2014-02-18 22:08:12 52B33E12FF8C9E219CAEC1BB4A5F5E4C 12324640 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-01-27 15:13:26 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-01-23 00:37:11 939C0FAE9CC0CDD69E6508BDE4C11FE5 39200 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-02-15 13:42:38 -------- d-----w- C:\Program Files\trend micro 2014-02-05 00:45:33 -------- d-----w- C:\Program Files\Ventrilo ======= C:\PROGRA~2 ===== 2014-02-15 18:40:46 -------- d-----w- C:\PROGRA~2\Soul's Software 2014-02-15 13:38:22 -------- d-----w- C:\PROGRA~2\Razer 2014-02-05 00:45:24 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard ======= C: ===== ====== C:\Users\Kevin\AppData\Roaming ====== 2014-02-15 13:38:34 -------- d-----w- C:\Users\Kevin\AppData\Local\Razer 2014-02-05 00:45:49 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Ventrilo 2014-02-05 00:45:33 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo 2014-01-23 00:37:55 -------- d-----w- C:\Users\Kevin\AppData\Local\NVIDIA Corporation ====== C:\Users\Kevin ====== 2014-02-16 18:09:40 4E4D3567955C124829B4096A7B426EA2 4149856 ----a-w- C:\Users\Kevin\Downloads\Nexus Mod Manager-0.47.3.exe 2014-02-15 18:40:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soul's Software 2014-02-15 13:42:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Kevin\Downloads\RSITx64.exe 2014-02-15 13:38:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2014-02-15 13:38:22 -------- d-----w- C:\ProgramData\Razer 2014-02-15 13:37:49 BAD8ECC0BA7C02BE719A303A335D5388 41363400 ----a-w- C:\Users\Kevin\Downloads\RazerGameBoosterSetup_4.1.59.0_1.exe ====== C: exe-files == 2014-02-19 21:41:12 AE27CA4454D2B0DC278A369D0399ED21 302184 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\00005711\drsupdate.17681648_RUNASUSER.exe 2014-02-18 22:10:14 581766A01C183189932D0D1D35F2EF52 8342304 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2014-02-18 22:10:13 AE8922CFD4D7BDB8DFB573F5C19CE3D5 1091360 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2014-02-18 22:10:13 9D8681918A448254BA538B6071FE8094 897312 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2014-02-18 22:10:13 97817724E974748CE92D0195E39F00EF 1892128 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2014-02-18 22:10:13 89B053626586E1DD8A8731BF5944F767 2603296 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2014-02-18 22:10:13 53DD53A3325EBD857E64CD3721590A49 599840 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-02-18 22:10:13 520E20D45DA1CA709AB74D1A1B131D8E 817952 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2014-02-18 22:10:13 22B5EC30D5F834A7DDA16091517A4322 438560 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2014-02-18 22:10:12 B5D2F4BF587FD60AF75B09EFC1AD0E0A 411936 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2014-02-18 22:09:41 CEF4BE9ABE7F6346DC425CD0221AD260 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvSmartMaxapp64.exe 2014-02-18 22:09:41 BDA6857D08E2E74FB9C19AEB2EA9C079 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvSmartMaxapp.exe 2014-02-18 22:09:41 734D6058A77CE70EE554F3DC3861C3EB 1203488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvxdsync.exe 2014-02-18 22:09:41 63CFF01EC86EC446B29D5CA958720E0B 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\setup.exe 2014-02-18 22:09:41 33FF7ECD3BA2A9259FBFB7E8937505BA 2448160 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\NvTray.exe 2014-02-18 22:09:41 2B47EDD27365F9F5D8E87648BECF52C4 923936 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvvsvc.exe 2014-02-18 22:09:41 0E2120E0C294CFA5894C9941EC76E921 6867232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvcplui.exe 2014-02-18 22:09:33 63CFF01EC86EC446B29D5CA958720E0B 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{9932DA19-E7C7-4A8D-9757-B4C4B19FCAA6}\setup.exe 2014-02-18 22:08:13 AAF0FA0DC0AD5B536B7826026355F355 18687232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{600390CD-E87A-432F-BA3B-C1234F61D3B2}\3DVision_334.89.exe 2014-02-18 22:08:12 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{27A1C261-169C-4B61-82E2-AD3935BB349A}\dbInstaller.exe 2014-02-18 22:08:12 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-02-18 22:08:12 B967F05D5A8319679A521877F120B378 32592752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{27A1C261-169C-4B61-82E2-AD3935BB349A}\nvcplsetupeng.exe 2014-02-18 22:07:31 FC98D37EF375B83BB1506B1FE26C039D 413472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{3F0E3AD8-1CA4-4D3F-8997-DA92C74A05F5}\setup.exe 2014-02-18 22:07:24 FC98D37EF375B83BB1506B1FE26C039D 413472 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\setup.exe 2014-02-18 22:07:24 D8034ECA85CC95AAC3E884F33A7421E3 2728736 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nwiz.exe 2014-02-18 22:07:24 99842AD5AF3AADC7D30BD18E3D228F54 479520 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nvTaskBar.exe 2014-02-18 22:07:24 5F1370051C50BA8FE24553388FF82590 197408 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Update.Core\WLMerger.exe 2014-02-18 22:07:23 DA09A1DAEBD38226C0CB22BA8D967F63 15904544 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe 2014-02-18 22:07:22 FB362290F6601E04A16AB972417FE89A 638752 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-02-18 22:07:22 D2FE0376285A783693469422678E878B 1593632 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Network.Service\NVNetworkService.exe 2014-02-18 22:07:22 C2576A06D7BA0ED0CB6F6A62D311A0EF 4277536 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2014-02-18 22:07:22 C022B05EBD190802B540FFE1DA7AD0DA 127264 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\LEDVisualizer\NvLedVisualizer.exe 2014-02-18 22:07:22 BE6FCD1CCBE6D63B106B3DD25F308890 87328 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\LEDVisualizer\NvLedServiceHost.exe 2014-02-18 22:07:22 92F7D33128AF3F00C6AE74C15EC90DF0 1499936 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\nvspcaps.exe 2014-02-18 22:07:22 80F7E00C80C66949779C5E3967F6E795 3323680 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2014-02-18 22:07:22 4F0E2990DB12849D428DE7B0AC5D92B9 16941856 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe 2014-02-18 22:07:22 011E9C480CAAA228D2712116F2653B99 1823008 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\nvspcaps64.exe 2014-02-18 22:07:19 F6C8952A33B0052DEE6330AC5B96BF00 540448 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\DXSETUP.exe 2014-02-18 22:07:19 EE73B56ED71EB6383F25FA5468923BB2 2234144 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Update.Core\NvBackend.exe 2014-02-18 22:07:19 E724C530E08C1AC2ABC6D14FBFA1C3CD 744736 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nvAppBar.exe 2014-02-18 22:07:19 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.Driver\dbInstaller.exe 2014-02-18 22:07:19 B967F05D5A8319679A521877F120B378 32592752 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.Driver\nvcplsetupeng.exe 2014-02-18 22:07:19 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\MS.NET\dotNetFx40_Full_setup.exe 2014-02-18 22:07:19 39F106593F6D20498C21F0E695D8E116 596768 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\7z.exe 2014-02-18 22:07:19 2A36A4B4462540D8CF8F522C73C37E25 1015584 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\GFExperience.exe 2014-02-18 22:07:17 AAF0FA0DC0AD5B536B7826026355F355 18687232 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVision\3DVision_334.89.exe 2014-02-18 21:40:40 88EA223EB49E4A63A6FB593970D3079A 232660160 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\334.89-desktop-win8-win7-winvista-64bit-english-whql-g.exe 2014-02-18 21:40:28 EB63BEF2EFC3884C288AE5F1454A2D32 3278528 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\00005825\DAO.17882696.exe 2014-02-16 21:31:29 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe 2014-02-16 21:31:29 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe 2014-02-16 21:31:28 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 21:31:18 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe 2014-02-16 21:31:18 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe 2014-02-16 21:31:18 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe 2014-02-16 21:31:16 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe 2014-02-16 18:09:40 4E4D3567955C124829B4096A7B426EA2 4149856 ----a-w- C:\Users\Kevin\Downloads\Nexus Mod Manager-0.47.3.exe 2014-02-15 13:42:38 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Kevin.exe 2014-02-15 13:42:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Kevin\Downloads\RSITx64.exe 2014-02-15 13:38:25 FD30BD50CCA1CE094986A4EB8DC3B569 23552 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\SetupSystemStart.exe 2014-02-15 13:38:25 BC2CE9027C7F98B3365A64AB413D2845 61152 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe 2014-02-15 13:38:25 962503AA7DFFB1D00D8664CD3A1FC40B 105448 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe 2014-02-15 13:38:25 4C0A23925B7E4535B958E16B54BE060A 17352 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\UninstallPowerPlans.exe 2014-02-15 13:38:24 FA7C15A9C87A3BFB654C83850B91F228 127072 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\ProcessCapturer.exe 2014-02-15 13:38:24 54218B2F19E0B84AD34A612AC5063C17 364272 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RzUpdateManager.exe 2014-02-15 13:38:24 3FA014715A3F5A48D88B452853F423F5 1484624 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\main.exe 2014-02-15 13:38:22 F0A7FDCC3EE8C30A31B7407E9AA3026C 1306464 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\unins000.exe 2014-02-15 13:37:49 BAD8ECC0BA7C02BE719A303A335D5388 41363400 ----a-w- C:\Users\Kevin\Downloads\RazerGameBoosterSetup_4.1.59.0_1.exe 2014-02-14 19:36:03 A937F2D5A6AF690047D2DB8C34F94981 33792 ----a-w- C:\SteamLibrary\SteamApps\common\ARMA 2 Operation Arrowhead\@I44\invasion 44.exe 2014-02-14 19:36:03 5E6E252E236F2FC90484206399D6104F 33792 ----a-w- C:\SteamLibrary\SteamApps\common\ARMA 2 Operation Arrowhead\@I44\invasion 44 (beta).exe 2014-02-13 20:29:46 B0AB350E3E98C7FB1E4930F762D0477B 3273016 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\000057eb\DAO.17845377.exe === C: other files == 2014-02-18 22:08:12 F4992A26D629288ADBBDC3A715629FA1 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda64.sys 2014-02-18 22:08:12 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda64v.sys 2014-02-18 22:08:12 9F8EE4948B7ADD9D12F778F61A2758A4 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda32v.sys 2014-02-18 22:08:12 52B33E12FF8C9E219CAEC1BB4A5F5E4C 12324640 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-02-18 22:08:12 47FEB587AAE06F6717FCABF8BCF184FD 129312 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda32.sys 2014-02-18 22:08:12 0D24482F9513F2AA5A961EB9F1BA0CFA 435232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{8A84D9E4-F13F-46AC-9326-C9A794AACD37}\nvstusb32.sys 2014-02-18 22:08:12 063BD34A095C88CC2E69CF0B93C0ECA6 451872 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{8A84D9E4-F13F-46AC-9326-C9A794AACD37}\nvstusb64.sys 2014-02-18 22:07:29 F4992A26D629288ADBBDC3A715629FA1 163104 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda64.sys 2014-02-18 22:07:29 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda64v.sys 2014-02-18 22:07:29 D230D757C084FB8D7BC4936E3D6334B8 34080 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NvVAD\nvvad32v.sys 2014-02-18 22:07:29 9F8EE4948B7ADD9D12F778F61A2758A4 162592 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda32v.sys 2014-02-18 22:07:29 939C0FAE9CC0CDD69E6508BDE4C11FE5 39200 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NvVAD\nvvad64v.sys 2014-02-18 22:07:29 47FEB587AAE06F6717FCABF8BCF184FD 129312 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda32.sys 2014-02-18 22:07:29 0D24482F9513F2AA5A961EB9F1BA0CFA 435232 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVisionUSB.Driver\nvstusb32.sys 2014-02-18 22:07:29 063BD34A095C88CC2E69CF0B93C0ECA6 451872 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVisionUSB.Driver\nvstusb64.sys 2014-02-15 18:40:26 84EA7982D700D1F95CD68D787364E290 628174 ----a-w- C:\Users\Kevin\Downloads\SSTQDefilerNETSetup.zip 2014-02-15 13:37:05 3EE381632B1D1AD1557B3BC409BF80F9 15350450 ----a-w- C:\ProgramData\Samsung\SSD Magician\Site Link\Samsung_Magician_v43.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EADM"="D:\Program Files (x86)\Origin\Origin.exe -AutoStart" "DAEMON Tools Lite"="D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe -autorun" "Steam"="D:\Program Files\Steam\Steam.exe -silent" "SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "uTorrent"="C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler" "CPMonitor"="D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" "Desktop Disc Tool"="D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="D:\Program Files (x86)\iTunes\iTunesHelper.exe" "CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EADM"="D:\Program Files (x86)\Origin\Origin.exe -AutoStart" "DAEMON Tools Lite"="D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe -autorun" "Steam"="D:\Program Files\Steam\Steam.exe -silent" "SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" "uTorrent"="C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe -f C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat" "MSC"="C:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey" "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Folders ====================== 2013-06-08 22:52:04 654 ----a-w- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk 2013-01-11 01:07:48 279 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/05/2014 12:24 PM] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/07/2013 09:41 PM] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Kevin\AppData\Roaming\TomTom\HOME\Profiles\soz6r5po.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\Kevin\AppData\Local\newhb2.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[05/23/2011 07:24 PM] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\Kevin\AppData\Local\newhb2.crx[] Google Docs - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Fun Dial - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd YouTube - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo\u003E - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage deleted successfully C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage-journal deleted successfully C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{068887F4-6BF1-4480-845B-730C51CDFFEC}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{068887F4-6BF1-4480-845B-730C51CDFFEC}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Kevin\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1055 folders=198 103044876 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\fbwuser\AppData\Local\Temp emptied successfully C:\Users\Kevin\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Kevin\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Kevin\AppData\Roaming\TS3Client\settings.db" not found "C:\Users\Kevin\AppData\Roaming\TS3Client\logs\ts3client_2014-02-19__22_36_35.723829.log" not found "C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com\unq3D.jpg" not found "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\channel.html" not found "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.html" not found "C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.txt" not found "C:\Users\Kevin\AppData\Roaming\TS3Client" not found "C:\PROGRA~2\Hotspot Shield" not found ==== EOF on Wed 02/19/2014 at 22:48:58.32 ======================

Bij het opstarten van bvb. een game zoals arma, krijg ik na enige tijd last van haperen, mijn pc slaat volledig vast. "display driver stopped responding and has recovered" Heb reeds men drivers van men grafische kaart opnieuw geïnstalleerd, maar het blijft gebeuren. Iemand enig idee wat ik hieraan kan doen? mvg kevin

dankje voor je snelle reactie, RSIT-log: Logfile of random's system information tool 1.09 (written by random/random) Run by Kevin at 2014-02-19 11:43:28 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 7 GB (6%) free of 114 GB Total RAM: 8078 MB (74% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:43:29 AM, on 2/19/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe D:\wirelesscm.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Kevin.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13740 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Windows\system32\nvvsvc.exe" "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" C:\Windows\system32\svchost.exe -k RPCSS "C:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe" "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe" "C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe" "C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe" "C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe" C:\Windows\system32\svchost.exe -k imgsvc "taskhost.exe" taskeng.exe {6A03F123-3BCB-44A1-9B96-90B40D67BBEF} "D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe" "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe" D:\WlanWpsSvc.exe "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp \??\C:\Windows\system32\conhost.exe "-1497997933-1326760821-1287065954-18913637631339321364-310950238-11854003831608150903 "C:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s WLIDSvcM.exe 2440 "C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" "C:\Windows\System32\StikyNot.exe" "C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "D:\wirelesscm.exe" "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" "C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe" /silent "D:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} -nolaunchurl C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\system32\sppsvc.exe "C:\Windows\system32\wuauclt.exe" wmiadap.exe /F /T /R taskhost.exe $(Arg0) "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4828.0.1861434800\2105229249" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.1.1564790786\60927414" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.2.1054520887\1978375620" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.4.612946118\113073143" /prefetch:673131151 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} "C:\Users\Kevin\Downloads\RSITx64.exe" C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\Digital Sites.job C:\Windows\tasks\DSite.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2013-06-21 287048] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}] Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-17 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] Hotspot Shield Toolbar - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll [2013-07-16 231712] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-17 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2013-06-21 233288] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {c95a4e8e-816d-4655-8c79-d736da1adb6d} - Hotspot Shield Toolbar - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll [2013-07-16 231712] {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888] "Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe -f C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat [] "MSC"=C:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey [] "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-02-28 7468784] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824] "NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-01-21 1179576] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EADM"=D:\Program Files (x86)\Origin\Origin.exe [2013-06-04 3456080] "DAEMON Tools Lite"=D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320] "Steam"=D:\Program Files\Steam\Steam.exe [2014-02-11 1824000] "SteelSeries Engine"=C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2013-06-12 241152] "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [] "RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520] "uTorrent"=C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-15 900440] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] ""= [] "RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [2011-07-13 293360] "DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704] "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2010-05-21 324976] "CPMonitor"=D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [2011-07-08 84464] "Desktop Disc Tool"=D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe [2011-06-12 506352] "beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup [] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "iTunesHelper"=D:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392] "CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448] "IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Wireless Connection Manager.lnk - D:\wirelesscm.exe C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup GamersFirst LIVE!.lnk - C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe Samsung Magician.lnk - D:\Samsung SSD Magician\Samsung Magician.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-10-10 441856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "HideSCAHealth"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.I420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo"=vfwwdm32.dll "MSVideo8"=VfWWDM32.dll "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux2"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv "VIDC.FPS1"=frapsv64.dll "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-18 23:10:54 ----D---- C:\Program Files (x86)\AGEIA Technologies 2014-02-18 23:10:13 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvopencl.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvinit.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvIFR.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvFBC.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvopencl.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvoglshim64.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvIFROpenGL.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvIFR64.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvFBC64.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvEncodeAPI64.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvdispgenco6433489.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvdispco6433489.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuvid.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuvenc.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuda.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcompiler.dll 2014-02-18 23:08:12 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2014-02-15 19:40:46 ----D---- C:\Program Files (x86)\Soul's Software 2014-02-15 14:42:38 ----D---- C:\Program Files\trend micro 2014-02-15 14:42:37 ----D---- C:\rsit 2014-02-15 14:38:22 ----D---- C:\ProgramData\Razer 2014-02-15 14:38:22 ----D---- C:\Program Files (x86)\Razer 2014-02-12 15:35:59 ----D---- C:\Users\Kevin\AppData\Roaming\DigitalSites 2014-02-05 01:45:49 ----D---- C:\Users\Kevin\AppData\Roaming\Ventrilo 2014-02-05 01:45:33 ----D---- C:\Program Files\Ventrilo 2014-02-05 01:45:33 ----A---- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini 2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvhdap64.dll 2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvdispgenco6433221.dll 2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvdispco6433221.dll 2014-01-27 16:13:26 ----A---- C:\Windows\system32\drivers\nvhda64v.sys 2014-01-23 01:37:35 ----A---- C:\Windows\SYSWOW64\nvspcap.dll 2014-01-23 01:37:35 ----A---- C:\Windows\system32\nvspcap64.dll 2014-01-23 01:37:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll 2014-01-23 01:37:11 ----A---- C:\Windows\system32\nvaudcap64v.dll 2014-01-23 01:37:11 ----A---- C:\Windows\system32\drivers\nvvad64v.sys ======List of files/folders modified in the last 1 month====== 2014-02-19 11:42:57 ----D---- C:\Users\Kevin\AppData\Roaming\uTorrent 2014-02-19 11:39:50 ----D---- C:\Windows\Temp 2014-02-19 11:38:50 ----D---- C:\Users\Kevin\AppData\Roaming\Yontoo 2014-02-19 11:38:24 ----D---- C:\Users\Kevin\AppData\Roaming\TS3Client 2014-02-19 11:37:51 ----D---- C:\Windows\system32\Tasks 2014-02-19 11:37:45 ----D---- C:\ProgramData\NVIDIA 2014-02-19 00:42:09 ----D---- C:\Windows\system32\config 2014-02-19 00:26:40 ----D---- C:\Windows\System32 2014-02-19 00:26:40 ----D---- C:\Windows\inf 2014-02-19 00:26:40 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-02-19 00:19:58 ----D---- C:\Users\Kevin\AppData\Roaming\Skype 2014-02-18 23:38:55 ----D---- C:\Windows 2014-02-18 23:38:16 ----D---- C:\Windows\SysWOW64 2014-02-18 23:10:56 ----SHD---- C:\Windows\Installer 2014-02-18 23:10:54 ----RD---- C:\Program Files (x86) 2014-02-18 23:10:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2014-02-18 23:10:12 ----D---- C:\Temp 2014-02-18 23:10:10 ----D---- C:\Windows\system32\DriverStore 2014-02-18 23:10:10 ----D---- C:\Windows\system32\catroot 2014-02-18 23:09:06 ----D---- C:\Windows\system32\drivers 2014-02-18 11:45:03 ----D---- C:\Windows\system32\catroot2 2014-02-16 12:24:29 ----SHD---- C:\System Volume Information 2014-02-15 14:42:38 ----RD---- C:\Program Files 2014-02-15 14:38:22 ----D---- C:\ProgramData 2014-02-13 17:30:14 ----D---- C:\Users\Kevin\AppData\Roaming\vlc 2014-02-12 15:35:59 ----D---- C:\Windows\Tasks 2014-02-12 06:17:46 ----D---- C:\ProgramData\CanonIJPLM 2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvwgf2umx.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvoglv64.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvinitx.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvd3dumx.dll 2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll 2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvsvc64.dll 2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvcpl.dll 2014-02-08 18:42:33 ----A---- C:\Windows\system32\nvvsvc.exe 2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvshext.dll 2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvmctray.dll 2014-02-05 12:24:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2014-02-05 01:45:24 ----D---- C:\Program Files (x86)\Common Files 2014-01-27 16:15:00 ----D---- C:\ProgramData\NVIDIA Corporation 2014-01-23 01:37:35 ----D---- C:\Program Files\NVIDIA Corporation 2014-01-23 01:37:31 ----D---- C:\Windows\Microsoft.NET 2014-01-23 01:37:12 ----RD---- C:\Users ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-05-24 55952] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R0 Sahdad64;HDD Filter Driver; C:\Windows\System32\Drivers\Sahdad64.sys [2011-02-09 27120] R0 Saibad64;Volume Filter Driver; C:\Windows\System32\Drivers\Saibad64.sys [2011-02-09 19952] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-11 564824] R0 SysCow;SysCow; C:\Windows\system32\drivers\syscowad64v.sys [2010-05-23 164848] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-11 283200] R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-06-21 46792] R1 SaibVdAd64;Virtual Disk Driver; C:\Windows\System32\Drivers\SaibVdAd64.sys [2011-02-09 27632] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] R3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2013-04-26 134656] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408] R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136] R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-10-12 50072] R3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344] R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200] R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184] S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2012-10-03 45056] S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2007-10-12 582680] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888] S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-08-20 664576] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 BOT4Service;BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-06-21 831272] R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-06-21 548136] R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056] R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632] R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936] R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-02 76888] R2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-11-22 105448] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936] R2 TeamViewer8;TeamViewer 8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072] R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848] R2 WlanWpsSvc;WlanWpsSvc; D:\WlanWpsSvc.exe [2008-06-26 167936] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 116648] S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648] S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-05-26 49152] S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-01-21 654848] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 116648] S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2013-06-21 78512] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 RoxMediaDB13;RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-12 1255736] S4 BOTService;BOTService; C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696] -----------------EOF-----------------

Heb last van reclamepop-ups en onderlijnde woorden :/ als iemand zo vriendelijk zou willen zijn om mijn logje na te kijken! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:00:40 AM, on 2/19/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe C:\Windows\SysWOW64\rundll32.exe D:\wirelesscm.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14677 bytes

hallo, iemand zin om dit logje even na te kijken? info.txt logfile of random's system information tool 1.09 2014-02-15 14:42:40 ======Uninstall list====== -->C:\Windows\SysWOW64\\MSIEXEC.EXE /x {7B91CBFD-0671-4819-9724-CABE3014E886} -->MsiExec /X{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C} 7 Days to Die - Alpha version 0.9.1-->"C:\Program Files (x86)\7DaysToDie-Alpha\unins000.exe" 7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000} Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95} Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394} Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23} Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C} Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8} Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE} Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5} Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D} Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2} Adobe Flash Player 12 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_44_ActiveX.exe -maintain activex Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B} Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245} Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E} Adobe InDesign CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\0afb6829baf354bd3bebf7d31585b38\Setup.exe Adobe InDesign CS3-->MsiExec.exe /I{0F005E22-4D14-4E7E-AD03-234B2FCB876C} Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078} Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C} Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001} Adobe Setup-->MsiExec.exe /I{CBFBA159-6E98-4FAA-B0D8-0A61CE5226BE} Adobe SING CS3-->MsiExec.exe /I{3F9B2FD2-1C83-4401-9967-C3636638E958} Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183} Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312} Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8} Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5} Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6} Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923} APB Reloaded-->"D:\Program Files (x86)\GamersFirst\APB Reloaded\Uninstall.exe" Apple Application Support-->MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} Apple Mobile Device Support-->MsiExec.exe /I{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ARMA 2 Army of The Czech Republic - Data cache removal-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\ACR\datacacheremoval.exe ARMA 2: British Armed Forces - Data cache removal-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\BAF\datacacheremoval.exe Arma 2: British Armed Forces-->"D:\Program Files\Steam\steam.exe" steam://uninstall/65700 Arma 2: Operation Arrowhead-->"D:\Program Files\Steam\steam.exe" steam://uninstall/33930 Arma 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/33900 Assassin's Creed II-->"C:\Program Files (x86)\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0013 -removeonly Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe BattlEye for OA Uninstall-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe BattlEye Uninstall-->C:\SteamLibrary\steamapps\common\Arma 2BattlEye\UnInstallBE.exe Belgium e-ID middleware 4.0.5 (build 7363)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207363} BioShock Infinite-->"D:\Program Files (x86)\BioShock Infinite\unins000.exe" Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Broadcom NetLink Controller-->MsiExec.exe /X{C91DCB72-F5BB-410D-A91A-314F5D1B4284} Call of Duty: Black Ops-->"D:\Program Files\Steam\steam.exe" steam://uninstall/42700 Call of Duty: Modern Warfare 2 - Multiplayer-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10190 Canon Easy-WebPrint EX-->"C:\Program Files (x86)\Canon\Easy-WebPrint EX\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe Canon IJ Scan Utility-->"C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R Canon MG3200 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series /L0x0009 Canon MG3200 series On-screen Manual-->C:\Program Files (x86)\Canon\IJ Manual\Canon MG3200 series\uninstall.exe Canon MG3200 series User Registration-->C:\Program Files (x86)\Canon\IJEREG\MG3200 series\UNINST.EXE Canon My Image Garden Design Files-->"C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.ini Canon My Image Garden-->"C:\Program Files (x86)\Canon\My Image Garden\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\uninst.ini Canon My Printer-->"C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini Canon Quick Menu-->"C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini CDBurnerXP-->"D:\Program Files\Dvd burner\CDBurnerXP\unins000.exe" Cheat Engine 6.2-->"D:\Program Files\Cheat engine\Cheat Engine 6.2\unins000.exe" ConvertXtoDVD 4.2.0.0-->"D:\Program Files (x86)\VSO\ConvertX\4\unins000.exe" Core Temp 1.0 RC5-->"C:\Program Files\Core Temp\unins000.exe" Counter-Strike: Global Offensive-->"D:\Program Files\Steam\steam.exe" steam://uninstall/730 Crysis 3 version 5.1-->"D:\Program Files (x86)\Crysis 3\unins000.exe" Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9} DAEMON Tools Lite-->D:\Program Files\Daemon tools\DAEMON Tools Lite\uninst.exe Dark Souls Prepare to Die Edition-->MsiExec.exe /I{4E4D0FA1-F880-4CCB-999A-501000008200} Dark Souls Prepare to Die Edition-->MsiExec.exe /X{4E4D0FA1-F880-4CCB-999A-501000008200} DayZ Commander-->MsiExec.exe /I{D7ECDD70-EBAB-42AD-8BE3-2F4D1CEC70A7} DayZ-->"D:\Program Files\Steam\steam.exe" steam://uninstall/221100 Debut Video Capture Software-->"C:\Program Files (x86)\NCH Software\Debut\debut.exe" -uninstall DEFIANCE-->"C:\Users\Kevin\AppData\Local\Defiance\unins000.exe" DefianceRuntimes-->MsiExec.exe /I{79B1FF35-9EA8-48ED-98D6-19ABE004BE89} Delta Chrome Toolbar-->"C:\Users\Kevin\AppData\Roaming\BabSolution\Shared\GUninstaller.exe" -key "Delta Chrome Toolbar" -rmkey -ask Delta toolbar -->"C:\Program Files (x86)\Delta\delta\1.8.10.0\GUninstaller.exe" -uprtc /tbGen= -key "delta" Diablo III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=diablo3_engb --displayname="Diablo III" DirectX 9 Runtime-->MsiExec.exe /I{3A9527CF-4E91-4683-A03F-F1AD022126E5} DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com D-Link DWA-131 Wireless N Nano USB Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{D9198056-A296-4583-A790-C0E73694CFE8}\setup.exe -runfromtemp -l0x0009 -removeonly DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe" ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe Express Burn-->"C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe" -uninstall Face Filter-->MsiExec.exe /I{CE86D656-C887-4EF1-B2D7-2A1075435964} Fallout New Vegas-->"D:\Program Files (x86)\Bethesda Softworks\Fallout New Vegas\unins000.exe" Far Cry 3-->\"C:\Program Files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe\" -runfromtemp -l0x0409 -removeonly FarCry 3 version 5.1-->"D:\Program Files (x86)\FarCry 3\unins000.exe" Fraps (remove only)-->"D:\Fraps\uninstall.exe" FXAA Post Process Injector-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Uninstall.exe Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Hellgate-->MsiExec.exe /X{65DF3688-6EF3-4C86-83DE-54AB46029F07} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotspot Shield 3.09-->C:\Program Files (x86)\Hotspot Shield\Uninstall.exe Hotspot Shield Toolbar-->C:\Program Files (x86)\Hotspot_Shield\uninstall.exe toolbar Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall iTunes-->MsiExec.exe /I{F73A118B-8271-47E2-8790-0C636B2539C5} Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF} Logitech Gaming Software 8.45-->C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=ENU /downgrade=no Logitech Gaming Software-->MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD} Mafia II-->"D:\Program Files (x86)\2K Games\Mafia II\unins000.exe" Malwarebytes Anti-Malware version 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Matrix-ks-->"C:\Program Files (x86)\KellySoftware\Matrix-ks\Uninstall.exe" "C:\Program Files (x86)\KellySoftware\Matrix-ks\install.log" Metro Last Light-->"D:\Program Files\Steam\steamapps\common\Metro Last Light\unins000.exe" Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\\Setup.exe /repair /x86 /x64 Microsoft .NET Framework 4.5-->MsiExec.exe /X{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF} Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C} Microsoft Security Client-->MsiExec.exe /X{D954C6C2-544B-4091-A47F-11E77162883E} Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65} Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F} Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} MiPony 2.0.2-->C:\Program Files (x86)\MiPony\uninst.exe Mumble 1.2.3-->MsiExec.exe /I{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1} Nexus Mod Manager-->"D:\Program Files\Skyrim mod manager\Nexus Mod Manager\uninstall\unins000.exe" NVIDIA 3D Vision Controller Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.NVIRUSB NVIDIA 3D Vision Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.3DVision NVIDIA GeForce Experience 1.8.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{421974B2-1FE4-460D-A004-ECEF723133EE}\NVI2.DLL",UninstallPackage Display.GFExperience NVIDIA Graphics Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.Driver NVIDIA HD Audio Driver 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage HDAudio.Driver NVIDIA PhysX System Software 9.13.0725-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /I{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask NVIDIA Virtual Audio 1.2.20-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{421974B2-1FE4-460D-A004-ECEF723133EE}\NVI2.DLL",UninstallPackage VirtualAudio.Driver Origin-->D:\Program Files (x86)\Origin\OriginUninstall.exe Path of Exile-->MsiExec.exe /X{90A4562F-D4A1-4B65-906D-41F236CF6902} PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} Prism Video File Converter-->"C:\Program Files (x86)\NCH Software\Prism\prism.exe" -uninstall PunkBuster Services-->D:\PROGRAM FILES (X86)\GAMERSFIRST\APB RELOADED\Binaries\pbsvc_apb.exe -u QuickTime-->MsiExec.exe /I{B67BAFBA-4C9F-48FA-9496-933E3B255044} Razer Game Booster-->"C:\Program Files (x86)\Razer\Razer Game Booster\unins000.exe" RBVirtualFolder64Inst-->MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} Realm of the Mad God-->"D:\Program Files\Steam\steam.exe" steam://uninstall/200210 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Roxio BackOnTrack-->MsiExec.exe /I{729B89D0-946A-407E-A121-343BD3320C40} Roxio BackOnTrackPE-->MsiExec.exe /I{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022} Roxio Burn - Secure-->MsiExec.exe /I{9569E6BC-326A-432F-97AB-35263A327BF1} Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{FFAC39DA-CF79-434B-A6E0-4055689667D9} Roxio CinePlayer-->MsiExec.exe /I{302763FD-5CEA-4DFF-80C8-9B41414C4822} Roxio Creator 2012 Pro-->C:\ProgramData\Uninstall\{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}\setup.exe /x {AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52} {lang}=ENU Roxio Creator 2012 Pro-->MsiExec.exe /I{77CDA026-3860-4C95-8233-34F3CEF121FB} Roxio Creator 2012 Pro-->MsiExec.exe /I{F53529E7-07B1-409A-ACE0-3910D2338D12} Roxio System Rollback Recovery Disk-->MsiExec.exe /I{2B682751-E749-441C-A4B3-1F538E26E56E} Roxio System Rollback-->MsiExec.exe /I{0517F875-BBB2-4812-A63E-733B33CEF215} Roxio Video Capture USB-->MsiExec.exe /I{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29} Samsung Data Migration-->"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\setup.exe" -runfromtemp -l0x0009 -removeonly Samsung Magician-->"D:\Samsung SSD Magician\unins000.exe" SketchUp Pro 8-->MsiExec.exe /X{045D5A51-F07E-4350-8642-B85772A2876B} Skype™ 6.11-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} Skyrim Dawnguard DLC+Update v1.7706-=AviaRa=- 1.7706-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Skyrim Dawnguard DLC+Update v1.7706-=AviaRa=-\Uninstall.exe SmartSound Common Data-->"C:\Program Files (x86)\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe" -runfromtemp -l0x0409 -removeonly SmartSound Common Data-->MsiExec.exe /I{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} SmartSound Quicktracks 5-->"C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} Sniper Ghost Warrior 2-->"C:\Users\Kevin\AppData\Roaming\Sniper Ghost Warrior 2\Uninstall\unins000.exe" SpeedRunners-->"D:\Program Files\Steam\steam.exe" steam://uninstall/207140 Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} SteelSeries Engine-->C:\Program Files\SteelSeries\SteelSeries Engine\uninst.exe TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe" TeamViewer 8-->D:\Program Files (x86)\TeamViewer\Version8\uninstall.exe TERA-->"C:\Program Files (x86)\TERA\unins000.exe" TERA-->"D:\Program Files (x86)\TERA\unins000.exe" The Elder Scrolls V Skyrim 1.0.2-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Uninstall.exe The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1-->"D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\unins000.exe" Titan Quest: Immortal Throne-->"D:\Program Files\Steam\steam.exe" steam://uninstall/4550 Titan Quest-->"D:\Program Files\Steam\steam.exe" steam://uninstall/4540 TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} TomTom HOME-->MsiExec.exe /I{99072AB4-D795-44D5-9D65-E3C9F8322C97} TorrentB 1.1.3.0-->"C:\Program Files (x86)\TorrentB\unins000.exe" TQVault-->MsiExec.exe /I{3CFC6D41-EC71-449D-9E12-2F4EAB3D4B83} Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421} VD64Inst-->MsiExec.exe /I{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E} Ventrilo Client for Windows x64-->MsiExec.exe /X{EEB3F6BB-318D-4CE5-989F-8191FCBFB578} VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169} VideoPad Video Editor-->"C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -uninstall VLC media player 2.0.5-->D:\Vlc\uninstall.exe War Thunder-->"D:\Program Files\Steam\steam.exe" steam://uninstall/236390 Windows Driver Package - Fedict SmartCard (10/04/2011 4.0.0.5)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_neutral_cd2534e986d35e30\beidmdrv.inf Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7} WinSoftMEsti-->MsiExec.exe /I{1FFB45AE-120B-4A9D-A914-BE466C6BBB0A} Yontoo 2.051-->C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe /remove /q0 ======Hosts File====== 127.0.0.1 localhost ::1 localhost #[iPv6] 127.0.0.1 fr.a2dfp.net 127.0.0.1 m.fr.a2dfp.net 127.0.0.1 ad.a8.net 127.0.0.1 asy.a8ww.net 127.0.0.1 abcstats.com 127.0.0.1 a.abv.bg 127.0.0.1 adserver.abv.bg 127.0.0.1 adv.abv.bg ======System event log====== Computer Name: Kevin-PC Event Code: 1116 Message: Microsoft Antimalware has detected malware or other potentially unwanted software. For more information please see the following: HackTool:Win32/Keygen Name: HackTool:Win32/Keygen ID: 2147593794 Severity: Medium Category: Tool Path: file:_D:\Users\Kevin\Downloads\Titan Quest + Immortal Throne\Game Keys\TitanQuestKeygen.exe;webfile:_D:\Users\Kevin\Downloads\Titan Quest + Immortal Throne\Game Keys\TitanQuestKeygen.exe|about:internet Detection Origin: Internet Detection Type: Concrete Detection Source: System User: NT AUTHORITY\SYSTEM Process Name: Unknown Signature Version: AV: 1.157.1259.0, AS: 1.157.1259.0, NIS: 108.1.0.0 Engine Version: AM: 1.1.9800.0, NIS: 2.1.9900.0 Record Number: 84818 Source Name: Microsoft Antimalware Time Written: 20130906191931.000000-000 Event Type: Warning User: Computer Name: Kevin-PC Event Code: 11 Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Record Number: 84808 Source Name: Microsoft-Windows-Wininit Time Written: 20130906191929.868111-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kevin-PC Event Code: 7000 Message: The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure. Record Number: 84775 Source Name: Service Control Manager Time Written: 20130906191922.236015-000 Event Type: Error User: Computer Name: Kevin-PC Event Code: 7038 Message: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Record Number: 84774 Source Name: Service Control Manager Time Written: 20130906191922.236015-000 Event Type: Error User: Computer Name: Kevin-PC Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 84690 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20130905235217.698174-000 Event Type: Warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: Kevin-PC Event Code: 33 Message: Activation context generation failed for "D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2Launcher.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 313 Source Name: SideBySide Time Written: 20130111005234.000000-000 Event Type: Error User: Computer Name: Kevin-PC Event Code: 1 Message: The application (Daemon Tools, from vendor DT Soft Ltd.) has the following problem: Daemon Tools is incompatible with this version of Windows. For more information, contact DT Soft Ltd.. Record Number: 290 Source Name: Microsoft-Windows-ApplicationExperienceInfrastructure Time Written: 20130111004942.686020-000 Event Type: Warning User: Kevin-PC\Kevin Computer Name: Kevin-PC Event Code: 1530 Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 1 user registry handles leaked from \Registry\User\S-1-5-21-2201358601-1718601949-3330357416-1000: Process 548 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2201358601-1718601949-3330357416-1000 Record Number: 242 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20130111004021.479208-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Kevin-PC Event Code: 33 Message: Activation context generation failed for "C:\Windows.old\Program Files\Samsung SSD Magician\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Record Number: 231 Source Name: SideBySide Time Written: 20130111003743.000000-000 Event Type: Error User: Computer Name: Kevin-PC Event Code: 1008 Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}. Record Number: 211 Source Name: Microsoft-Windows-Search Time Written: 20130111003649.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: Kevin-PC Event Code: 4907 Message: Auditing settings on object were changed. Subject: Security ID: S-1-5-18 Account Name: KEVIN-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\en-US\Licenses\OEM\EnterpriseE\license.rtf Handle ID: 0x18 Process Information: Process ID: 0x7f8 Process Name: C:\Windows\System32\poqexec.exe Auditing Settings: Original Security Descriptor: New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 9507 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130320122100.291006-000 Event Type: Audit Success User: Computer Name: Kevin-PC Event Code: 4907 Message: Auditing settings on object were changed. Subject: Security ID: S-1-5-18 Account Name: KEVIN-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\en-US\Licenses\OEM\HomePremiumN\license.rtf Handle ID: 0x18 Process Information: Process ID: 0x7f8 Process Name: C:\Windows\System32\poqexec.exe Auditing Settings: Original Security Descriptor: New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 9506 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130320122100.291006-000 Event Type: Audit Success User: Computer Name: Kevin-PC Event Code: 4907 Message: Auditing settings on object were changed. Subject: Security ID: S-1-5-18 Account Name: KEVIN-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\en-US\Licenses\OEM\UltimateE\license.rtf Handle ID: 0x18 Process Information: Process ID: 0x7f8 Process Name: C:\Windows\System32\poqexec.exe Auditing Settings: Original Security Descriptor: New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 9505 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130320122100.291006-000 Event Type: Audit Success User: Computer Name: Kevin-PC Event Code: 4907 Message: Auditing settings on object were changed. Subject: Security ID: S-1-5-18 Account Name: KEVIN-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\en-US\Licenses\OEM\Enterprise\license.rtf Handle ID: 0x18 Process Information: Process ID: 0x7f8 Process Name: C:\Windows\System32\poqexec.exe Auditing Settings: Original Security Descriptor: New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 9504 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130320122100.291006-000 Event Type: Audit Success User: Computer Name: Kevin-PC Event Code: 4907 Message: Auditing settings on object were changed. Subject: Security ID: S-1-5-18 Account Name: KEVIN-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\en-US\Licenses\OEM\HomePremiumE\license.rtf Handle ID: 0x18 Process Information: Process ID: 0x7f8 Process Name: C:\Windows\System32\poqexec.exe Auditing Settings: Original Security Descriptor: New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD) Record Number: 9503 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20130320122100.275406-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\DLLShared\;C:\Program Files (x86)\Belgium Identity Card;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=3a09 "HellgateEnv"=C:\T3Fun\Hellgate\ "asl.log"=Destination=file "RCAUTOPLAY"=D:\Program Files (x86)\Roxio 2012\Roxio Central\ "EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\ "BURN_AUTOPLAY"=D:\Program Files (x86)\Roxio 2012\Roxio Burn\ "CLASSPATH"=.;C:\Program Files (x86)\Belgium Identity Card;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip -----------------EOF-----------------

Mbam log: Malwarebytes Anti-Malware (Trial) 1.75.0.1300 Malwarebytes : Free anti-malware download Database version: v2013.06.10.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Kevin :: KEVIN-PC [administrator] Protection: Enabled 6/10/2013 10:39:43 AM mbam-log-2013-06-10 (10-39-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 232822 Time elapsed: 1 minute(s), 36 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Hijackthis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:44:13 AM, on 6/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe D:\Program Files (x86)\Origin\Origin.exe D:\wirelesscm.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost #[iPv6] O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11537 bytes

Denk dat er het een en ander is binnengelopen, kan iemand dit logje nakijken? vriendelijk dank Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:01:24 AM, on 6/9/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16537) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe D:\Program Files (x86)\Origin\Origin.exe C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe D:\wirelesscm.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe D:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe D:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe D:\Samsung SSD Magician\Samsung Magician.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: 178.73.210.219 thepiratebay.se O1 - Hosts: 178.73.210.219 Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site O1 - Hosts: 178.73.210.219 thepiratebay.org O1 - Hosts: 178.73.210.219 Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe] C:\ProgramData\Adobe\25065DF.vbe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe" O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe" O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" O4 - HKCU\..\Run: [502136] C:\Users\Kevin\AppData\Local\Temp\502136\svhost.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe O4 - Global Startup: Wireless Connection Manager.lnk = ? O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12764 bytes