Kevink
-
Items
9 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Kevink
-
-
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Kevin on Thu 02/20/2014 at 10:51:08.48.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kevin\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2014-02-19-214858.log 41200 bytes
==== Possible Rootkit Infection ======================
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\U
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L\00000004.@
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"BackgroundContainer"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BackgroundContainer"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=-
==== Deleting Files \ Folders ======================
C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer not found
C:\windows\SysNative\nvspcap64.dll,ShadowPlayOnSystemStart not found
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1055 folders=198 103044876 bytes)
==== EOF on Thu 02/20/2014 at 10:52:09.35 ======================
-
Zoek logje:
Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Kevin on Wed 02/19/2014 at 22:38:08.66.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kevin\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]
==== System Restore Info ======================
2/19/2014 10:39:09 PM Zoek.exe System Restore Point Created Succesfully.
==== Possible Rootkit Infection ======================
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\U
C:\Windows\installer\{2921c6a8-baf2-b926-bc15-42e6a729d82f}\L\00000004.@
==== Empty Folders Check ======================
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Kevin\AppData\Roaming\9A7C5E deleted successfully
C:\Users\Kevin\AppData\Roaming\DigitalSites deleted successfully
C:\Users\Kevin\AppData\Roaming\Nico Mak Computing deleted successfully
C:\Users\Kevin\AppData\Local\WarThunder deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{068887F4-6BF1-4480-845B-730C51CDFFEC} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c95a4e8e-816d-4655-8c79-d736da1adb6d} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Hshld deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hshld deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Hshld deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Hshld deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssTrayService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\HssWd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\HssWd deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Yontoo Desktop Updater deleted successfully
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
==== Deleting Files \ Folders ======================
C:\Users\Kevin\AppData\Roaming\DigitalSites not found
C:\Program Files (x86)\Hotspot_Shield deleted
C:\Program Files (x86)\Yontoo deleted
C:\Windows\syswow64\appdata deleted
C:\PROGRA~3\eSellerate deleted
C:\PROGRA~2\Delta deleted
C:\PROGRA~2\TorrentB deleted
C:\PROGRA~2\Conduit deleted
C:\Users\Kevin\AppData\Roaming\BreakingPoint_Options.ini deleted
C:\Users\Kevin\AppData\Roaming\Hotspot Shield deleted
C:\Users\Kevin\AppData\Roaming\BabSolution deleted
C:\Users\Kevin\AppData\Roaming\Babylon deleted
C:\Users\Kevin\AppData\Roaming\DSite deleted
C:\PROGRA~3\BrowserProtect deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\Adobe\1B67B01.vbe deleted
C:\PROGRA~3\Adobe\25065DF.vbe deleted
C:\PROGRA~3\Tarma Installer deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kevin\AppData\Local\newhb2.crx deleted
C:\Users\Kevin\AppData\Local\Conduit deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted
C:\windows\SysNative\Tasks\DSite deleted
C:\Users\Kevin\AppData\LocalLow\Hotspot_Shield deleted
C:\Users\Kevin\AppData\LocalLow\Delta deleted
C:\Users\Kevin\AppData\LocalLow\Conduit deleted
C:\windows\SysNative\Tasks\BrowserProtect deleted
C:\windows\SysNative\tasks\Digital Sites deleted
C:\Windows\tasks\Digital Sites.job deleted
C:\Windows\tasks\DSite.job deleted
C:\END deleted
C:\Windows\Syswow64\RegistryHelperLM.ocx deleted
C:\Windows\Syswow64\Hotspot Shield deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\settings.db" not deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\logs\ts3client_2014-02-19__22_36_35.723829.log" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com\unq3D.jpg" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\channel.html" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.html" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.txt" not deleted
"C:\PROGRA~2\Hotspot Shield\bin\af_proxy.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\cmw_srv.exe" deleted
"C:\PROGRA~2\Hotspot Shield\bin\HSSCP.exe" deleted
"C:\PROGRA~2\Hotspot Shield\bin\HssSrvlib.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\zlib1.dll" deleted
"C:\PROGRA~2\Hotspot Shield\bin\lang\gui-eng.dll" deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo" deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client" not deleted
"C:\PROGRA~2\Hotspot Shield" not deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo" deleted
"C:\PROGRA~3\Hotspot Shield" deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\dat" deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\cache" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\logs" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com" not deleted
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==" not deleted
"C:\PROGRA~2\Hotspot Shield\bin" not deleted
"C:\PROGRA~2\Hotspot Shield\bin\lang" deleted
"C:\Users\Kevin\AppData\Roaming\Yontoo\dat" deleted
"C:\PROGRA~3\Hotspot Shield\config" deleted
"C:\PROGRA~3\Hotspot Shield\config\hsspx" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2014-02-05 00:45:33 01A4FEEB9CB3E8C739CE62EB050D363D 262 ----a-w- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
====== C:\Users\Kevin\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-02-18 22:10:13 53DD53A3325EBD857E64CD3721590A49 599840 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
2014-02-18 22:08:12 EB43435428983B765F84E7AEFD8F53D3 863520 ----a-w- C:\Windows\SysWOW64\NvIFR.dll
2014-02-18 22:08:12 DDED1206C0F67CCA99E451C445229BA1 408352 ----a-w- C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-02-18 22:08:12 DBFAFBCFCE0724CFDF305C093407CD65 148528 ----a-w- C:\Windows\SysWOW64\nvinit.dll
2014-02-18 22:08:12 AF56825148F85742F3867BE7B1D36AB3 2956576 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll
2014-02-18 22:08:12 A09D95925DB75AF8E0EB9CCF9C64E1EA 17560352 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll
2014-02-18 22:08:12 9FC52654FE92A915556170B6143D9495 2410784 ----a-w- C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-18 22:08:12 9169E49ED45608F58DA4A6842F79A6FC 832424 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll
2014-02-18 22:08:12 7DC5F85DE8E0F2CC0812400CEBBE9284 15740232 ----a-w- C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-18 22:08:12 78E17F87A9C027B60F638A3EAEE11924 23683360 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll
2014-02-18 22:08:12 774C51EE5FC8DB1E7CEB84212AE3F3C6 305600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-18 22:08:12 6625501E3A3B35737B31B281A151585B 9728064 ----a-w- C:\Windows\SysWOW64\nvcuda.dll
2014-02-18 22:08:12 5477F6C607976A15E2E70599C647612C 844576 ----a-w- C:\Windows\SysWOW64\NvFBC.dll
2014-02-18 22:08:12 4748606583AC023E87FD50656802CF73 333600 ----a-w- C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-02-18 22:08:12 3482778F0F0ED7497602BF490A813886 9690424 ----a-w- C:\Windows\SysWOW64\nvopencl.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-02-18 22:08:12 FA777A854BA2C8DFA5FE48CF6190FB7B 875296 ----a-w- C:\Windows\Sysnative\NvFBC64.dll
2014-02-18 22:08:12 F75741DA002D660107AFBADD1DC6257E 353504 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll
2014-02-18 22:08:12 EE45DE08249907C6A60E6A26FC1C19DD 2782496 ----a-w- C:\Windows\Sysnative\nvcuvenc.dll
2014-02-18 22:08:12 E16A03F0F19D9FFC141EC8BEAF8D1BB5 1885472 ----a-w- C:\Windows\Sysnative\nvdispco6433489.dll
2014-02-18 22:08:12 C959A65F734FD6BF549A2B40A97D0032 11636176 ----a-w- C:\Windows\Sysnative\nvcuda.dll
2014-02-18 22:08:12 859816390C1E2ED105D6E1E0BEFA4E8B 25256224 ----a-w- C:\Windows\Sysnative\nvcompiler.dll
2014-02-18 22:08:12 66DB72CC7E8D2DE53EF28204B07531A2 3142432 ----a-w- C:\Windows\Sysnative\nvcuvid.dll
2014-02-18 22:08:12 5D09FA65DB21CCA31D30AFB51F9A63AF 11589272 ----a-w- C:\Windows\Sysnative\nvopencl.dll
2014-02-18 22:08:12 5C06001B0688F59BD6BAB0BBCCA871C0 892192 ----a-w- C:\Windows\Sysnative\NvIFR64.dll
2014-02-18 22:08:12 53B1A6B1A88AE290BFCA62EA97D98B45 378656 ----a-w- C:\Windows\Sysnative\NvIFROpenGL.dll
2014-02-18 22:08:12 2913EC6B84DC8698ACCE19F9B1976936 483104 ----a-w- C:\Windows\Sysnative\nvEncodeAPI64.dll
2014-02-18 22:08:12 1BAAA2BAE54265A8B3D1EF1341CB28F7 1515296 ----a-w- C:\Windows\Sysnative\nvdispgenco6433489.dll
====== C:\Windows\Sysnative\drivers =====
2014-02-18 22:08:12 52B33E12FF8C9E219CAEC1BB4A5F5E4C 12324640 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
2014-01-27 15:13:26 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys
2014-01-23 00:37:11 939C0FAE9CC0CDD69E6508BDE4C11FE5 39200 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-02-15 13:42:38 -------- d-----w- C:\Program Files\trend micro
2014-02-05 00:45:33 -------- d-----w- C:\Program Files\Ventrilo
======= C:\PROGRA~2 =====
2014-02-15 18:40:46 -------- d-----w- C:\PROGRA~2\Soul's Software
2014-02-15 13:38:22 -------- d-----w- C:\PROGRA~2\Razer
2014-02-05 00:45:24 -------- d-----w- C:\PROGRA~2\COMMON~1\Wise Installation Wizard
======= C: =====
====== C:\Users\Kevin\AppData\Roaming ======
2014-02-15 13:38:34 -------- d-----w- C:\Users\Kevin\AppData\Local\Razer
2014-02-05 00:45:49 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Ventrilo
2014-02-05 00:45:33 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
2014-01-23 00:37:55 -------- d-----w- C:\Users\Kevin\AppData\Local\NVIDIA Corporation
====== C:\Users\Kevin ======
2014-02-16 18:09:40 4E4D3567955C124829B4096A7B426EA2 4149856 ----a-w- C:\Users\Kevin\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-15 18:40:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soul's Software
2014-02-15 13:42:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Kevin\Downloads\RSITx64.exe
2014-02-15 13:38:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-02-15 13:38:22 -------- d-----w- C:\ProgramData\Razer
2014-02-15 13:37:49 BAD8ECC0BA7C02BE719A303A335D5388 41363400 ----a-w- C:\Users\Kevin\Downloads\RazerGameBoosterSetup_4.1.59.0_1.exe
====== C: exe-files ==
2014-02-19 21:41:12 AE27CA4454D2B0DC278A369D0399ED21 302184 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\00005711\drsupdate.17681648_RUNASUSER.exe
2014-02-18 22:10:14 581766A01C183189932D0D1D35F2EF52 8342304 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2014-02-18 22:10:13 AE8922CFD4D7BDB8DFB573F5C19CE3D5 1091360 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2014-02-18 22:10:13 9D8681918A448254BA538B6071FE8094 897312 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2014-02-18 22:10:13 97817724E974748CE92D0195E39F00EF 1892128 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2014-02-18 22:10:13 89B053626586E1DD8A8731BF5944F767 2603296 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2014-02-18 22:10:13 53DD53A3325EBD857E64CD3721590A49 599840 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
2014-02-18 22:10:13 520E20D45DA1CA709AB74D1A1B131D8E 817952 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2014-02-18 22:10:13 22B5EC30D5F834A7DDA16091517A4322 438560 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2014-02-18 22:10:12 B5D2F4BF587FD60AF75B09EFC1AD0E0A 411936 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2014-02-18 22:09:41 CEF4BE9ABE7F6346DC425CD0221AD260 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvSmartMaxapp64.exe
2014-02-18 22:09:41 BDA6857D08E2E74FB9C19AEB2EA9C079 63264 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvSmartMaxapp.exe
2014-02-18 22:09:41 734D6058A77CE70EE554F3DC3861C3EB 1203488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvxdsync.exe
2014-02-18 22:09:41 63CFF01EC86EC446B29D5CA958720E0B 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\setup.exe
2014-02-18 22:09:41 33FF7ECD3BA2A9259FBFB7E8937505BA 2448160 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\NvTray.exe
2014-02-18 22:09:41 2B47EDD27365F9F5D8E87648BECF52C4 923936 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvvsvc.exe
2014-02-18 22:09:41 0E2120E0C294CFA5894C9941EC76E921 6867232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.ControlPanel.{11EA1CEA-3E6A-4508-A648-315ED1709460}\nvcplui.exe
2014-02-18 22:09:33 63CFF01EC86EC446B29D5CA958720E0B 412960 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{9932DA19-E7C7-4A8D-9757-B4C4B19FCAA6}\setup.exe
2014-02-18 22:08:13 AAF0FA0DC0AD5B536B7826026355F355 18687232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{600390CD-E87A-432F-BA3B-C1234F61D3B2}\3DVision_334.89.exe
2014-02-18 22:08:12 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{27A1C261-169C-4B61-82E2-AD3935BB349A}\dbInstaller.exe
2014-02-18 22:08:12 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2014-02-18 22:08:12 B967F05D5A8319679A521877F120B378 32592752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{27A1C261-169C-4B61-82E2-AD3935BB349A}\nvcplsetupeng.exe
2014-02-18 22:07:31 FC98D37EF375B83BB1506B1FE26C039D 413472 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{3F0E3AD8-1CA4-4D3F-8997-DA92C74A05F5}\setup.exe
2014-02-18 22:07:24 FC98D37EF375B83BB1506B1FE26C039D 413472 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\setup.exe
2014-02-18 22:07:24 D8034ECA85CC95AAC3E884F33A7421E3 2728736 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nwiz.exe
2014-02-18 22:07:24 99842AD5AF3AADC7D30BD18E3D228F54 479520 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nvTaskBar.exe
2014-02-18 22:07:24 5F1370051C50BA8FE24553388FF82590 197408 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Update.Core\WLMerger.exe
2014-02-18 22:07:23 DA09A1DAEBD38226C0CB22BA8D967F63 15904544 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2014-02-18 22:07:22 FB362290F6601E04A16AB972417FE89A 638752 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2014-02-18 22:07:22 D2FE0376285A783693469422678E878B 1593632 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Network.Service\NVNetworkService.exe
2014-02-18 22:07:22 C2576A06D7BA0ED0CB6F6A62D311A0EF 4277536 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2014-02-18 22:07:22 C022B05EBD190802B540FFE1DA7AD0DA 127264 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\LEDVisualizer\NvLedVisualizer.exe
2014-02-18 22:07:22 BE6FCD1CCBE6D63B106B3DD25F308890 87328 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\LEDVisualizer\NvLedServiceHost.exe
2014-02-18 22:07:22 92F7D33128AF3F00C6AE74C15EC90DF0 1499936 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\nvspcaps.exe
2014-02-18 22:07:22 80F7E00C80C66949779C5E3967F6E795 3323680 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2014-02-18 22:07:22 4F0E2990DB12849D428DE7B0AC5D92B9 16941856 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2014-02-18 22:07:22 011E9C480CAAA228D2712116F2653B99 1823008 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\nvspcaps64.exe
2014-02-18 22:07:19 F6C8952A33B0052DEE6330AC5B96BF00 540448 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\ShadowPlay\DXSETUP.exe
2014-02-18 22:07:19 EE73B56ED71EB6383F25FA5468923BB2 2234144 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Update.Core\NvBackend.exe
2014-02-18 22:07:19 E724C530E08C1AC2ABC6D14FBFA1C3CD 744736 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.NView\nvAppBar.exe
2014-02-18 22:07:19 BB784DA9F5158763109ADCC4750BFB75 441120 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.Driver\dbInstaller.exe
2014-02-18 22:07:19 B967F05D5A8319679A521877F120B378 32592752 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\Display.Driver\nvcplsetupeng.exe
2014-02-18 22:07:19 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\MS.NET\dotNetFx40_Full_setup.exe
2014-02-18 22:07:19 39F106593F6D20498C21F0E695D8E116 596768 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\7z.exe
2014-02-18 22:07:19 2A36A4B4462540D8CF8F522C73C37E25 1015584 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\GFExperience\GFExperience.exe
2014-02-18 22:07:17 AAF0FA0DC0AD5B536B7826026355F355 18687232 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVision\3DVision_334.89.exe
2014-02-18 21:40:40 88EA223EB49E4A63A6FB593970D3079A 232660160 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\334.89-desktop-win8-win7-winvista-64bit-english-whql-g.exe
2014-02-18 21:40:28 EB63BEF2EFC3884C288AE5F1454A2D32 3278528 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\00005825\DAO.17882696.exe
2014-02-16 21:31:29 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe
2014-02-16 21:31:29 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe
2014-02-16 21:31:28 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe
2014-02-16 21:31:18 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
2014-02-16 21:31:18 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
2014-02-16 21:31:18 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe
2014-02-16 21:31:16 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe
2014-02-16 18:09:40 4E4D3567955C124829B4096A7B426EA2 4149856 ----a-w- C:\Users\Kevin\Downloads\Nexus Mod Manager-0.47.3.exe
2014-02-15 13:42:38 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Kevin.exe
2014-02-15 13:42:10 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Kevin\Downloads\RSITx64.exe
2014-02-15 13:38:25 FD30BD50CCA1CE094986A4EB8DC3B569 23552 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\SetupSystemStart.exe
2014-02-15 13:38:25 BC2CE9027C7F98B3365A64AB413D2845 61152 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe
2014-02-15 13:38:25 962503AA7DFFB1D00D8664CD3A1FC40B 105448 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
2014-02-15 13:38:25 4C0A23925B7E4535B958E16B54BE060A 17352 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\UninstallPowerPlans.exe
2014-02-15 13:38:24 FA7C15A9C87A3BFB654C83850B91F228 127072 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\ProcessCapturer.exe
2014-02-15 13:38:24 54218B2F19E0B84AD34A612AC5063C17 364272 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\RzUpdateManager.exe
2014-02-15 13:38:24 3FA014715A3F5A48D88B452853F423F5 1484624 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
2014-02-15 13:38:22 F0A7FDCC3EE8C30A31B7407E9AA3026C 1306464 ----a-w- C:\Program Files (x86)\Razer\Razer Game Booster\unins000.exe
2014-02-15 13:37:49 BAD8ECC0BA7C02BE719A303A335D5388 41363400 ----a-w- C:\Users\Kevin\Downloads\RazerGameBoosterSetup_4.1.59.0_1.exe
2014-02-14 19:36:03 A937F2D5A6AF690047D2DB8C34F94981 33792 ----a-w- C:\SteamLibrary\SteamApps\common\ARMA 2 Operation Arrowhead\@I44\invasion 44.exe
2014-02-14 19:36:03 5E6E252E236F2FC90484206399D6104F 33792 ----a-w- C:\SteamLibrary\SteamApps\common\ARMA 2 Operation Arrowhead\@I44\invasion 44 (beta).exe
2014-02-13 20:29:46 B0AB350E3E98C7FB1E4930F762D0477B 3273016 ----a-w- C:\Users\Kevin\AppData\Local\NVIDIA\NvBackend\Packages\000057eb\DAO.17845377.exe
=== C: other files ==
2014-02-18 22:08:12 F4992A26D629288ADBBDC3A715629FA1 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda64.sys
2014-02-18 22:08:12 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda64v.sys
2014-02-18 22:08:12 9F8EE4948B7ADD9D12F778F61A2758A4 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda32v.sys
2014-02-18 22:08:12 52B33E12FF8C9E219CAEC1BB4A5F5E4C 12324640 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2014-02-18 22:08:12 47FEB587AAE06F6717FCABF8BCF184FD 129312 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{4CA874A7-B56E-4557-9E58-24631DD60537}\nvhda32.sys
2014-02-18 22:08:12 0D24482F9513F2AA5A961EB9F1BA0CFA 435232 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{8A84D9E4-F13F-46AC-9326-C9A794AACD37}\nvstusb32.sys
2014-02-18 22:08:12 063BD34A095C88CC2E69CF0B93C0ECA6 451872 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{8A84D9E4-F13F-46AC-9326-C9A794AACD37}\nvstusb64.sys
2014-02-18 22:07:29 F4992A26D629288ADBBDC3A715629FA1 163104 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda64.sys
2014-02-18 22:07:29 E366A5681C50785D4ED04FCFD65C3415 197408 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda64v.sys
2014-02-18 22:07:29 D230D757C084FB8D7BC4936E3D6334B8 34080 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NvVAD\nvvad32v.sys
2014-02-18 22:07:29 9F8EE4948B7ADD9D12F778F61A2758A4 162592 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda32v.sys
2014-02-18 22:07:29 939C0FAE9CC0CDD69E6508BDE4C11FE5 39200 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NvVAD\nvvad64v.sys
2014-02-18 22:07:29 47FEB587AAE06F6717FCABF8BCF184FD 129312 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\HDAudio\nvhda32.sys
2014-02-18 22:07:29 0D24482F9513F2AA5A961EB9F1BA0CFA 435232 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVisionUSB.Driver\nvstusb32.sys
2014-02-18 22:07:29 063BD34A095C88CC2E69CF0B93C0ECA6 451872 ----a-w- C:\NVIDIA\DisplayDriver\GeForce334.89Driver\NV3DVisionUSB.Driver\nvstusb64.sys
2014-02-15 18:40:26 84EA7982D700D1F95CD68D787364E290 628174 ----a-w- C:\Users\Kevin\Downloads\SSTQDefilerNETSetup.zip
2014-02-15 13:37:05 3EE381632B1D1AD1557B3BC409BF80F9 15350450 ----a-w- C:\ProgramData\Samsung\SSD Magician\Site Link\Samsung_Magician_v43.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="D:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"DAEMON Tools Lite"="D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"uTorrent"="C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler"
"CPMonitor"="D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
"Desktop Disc Tool"="D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="D:\Program Files (x86)\iTunes\iTunesHelper.exe"
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"="D:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"DAEMON Tools Lite"="D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe -autorun"
"Steam"="D:\Program Files\Steam\Steam.exe -silent"
"SteelSeries Engine"="C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"
"uTorrent"="C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"
"BackgroundContainer"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll,DllRun"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe -f C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
"MSC"="C:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey"
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"
==== Startup Folders ======================
2013-06-08 22:52:04 654 ----a-w- C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
2013-01-11 01:07:48 279 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02/05/2014 12:24 PM]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/07/2013 09:41 PM]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Kevin\AppData\Roaming\TomTom\HOME\Profiles\soz6r5po.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\Kevin\AppData\Local\newhb2.crx[]
niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[05/23/2011 07:24 PM]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bakijjialdiiboeaknfpmflphhmljfkd - C:\Users\Kevin\AppData\Local\newhb2.crx[]
Google Docs - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Fun Dial - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
YouTube - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
DivX Plus Web Player HTML5 \u003Cvideo\u003E - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
Gmail - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage deleted successfully
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bakijjialdiiboeaknfpmflphhmljfkd_0.localstorage-journal deleted successfully
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{068887F4-6BF1-4480-845B-730C51CDFFEC}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{068887F4-6BF1-4480-845B-730C51CDFFEC}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2201358601-1718601949-3330357416-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1055 folders=198 103044876 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\fbwuser\AppData\Local\Temp emptied successfully
C:\Users\Kevin\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Kevin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Kevin\AppData\Roaming\TS3Client\settings.db" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client\logs\ts3client_2014-02-19__22_36_35.723829.log" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client\cache\remote\i.imgur.com\unq3D.jpg" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\channel.html" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.html" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client\chats\VnYzUnpjaUFPa1l2WFR4TW1jb0NnZXlFY3djPQ==\server.txt" not found
"C:\Users\Kevin\AppData\Roaming\TS3Client" not found
"C:\PROGRA~2\Hotspot Shield" not found
==== EOF on Wed 02/19/2014 at 22:48:58.32 ======================
-
Bij het opstarten van bvb. een game zoals arma, krijg ik na enige tijd last van haperen, mijn pc slaat volledig vast.
"display driver stopped responding and has recovered"
Heb reeds men drivers van men grafische kaart opnieuw geïnstalleerd, maar het blijft gebeuren.
Iemand enig idee wat ik hieraan kan doen?
mvg kevin
-
dankje voor je snelle reactie, RSIT-log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kevin at 2014-02-19 11:43:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 7 GB (6%) free of 114 GB
Total RAM: 8078 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:43:29 AM, on 2/19/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe
D:\wirelesscm.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Kevin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost #[iPv6]
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13740 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe"
"C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
taskeng.exe {6A03F123-3BCB-44A1-9B96-90B40D67BBEF}
"D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
D:\WlanWpsSvc.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1497997933-1326760821-1287065954-18913637631339321364-310950238-11854003831608150903
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
WLIDSvcM.exe 2440
"C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"D:\wirelesscm.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
"D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe" /silent
"D:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
-nolaunchurl
C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\wuauclt.exe"
wmiadap.exe /F /T /R
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4828.0.1861434800\2105229249" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x1189 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3489 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.1.1564790786\60927414" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --extension-process --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.2.1054520887\1978375620" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-1-Percent/group_38/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="4828.4.612946118\113073143" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Kevin\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Digital Sites.job
C:\Windows\tasks\DSite.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [2013-06-21 287048]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-05-23 115072]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14 175776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-17 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
Hotspot Shield Toolbar - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll [2013-07-16 231712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll [2013-06-21 233288]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{c95a4e8e-816d-4655-8c79-d736da1adb6d} - Hotspot Shield Toolbar - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll [2013-07-16 231712]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14 4372120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe -f C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat []
"MSC"=C:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey []
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-02-28 7468784]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-31 12446824]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-01-21 2234144]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-01-21 1179576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=D:\Program Files (x86)\Origin\Origin.exe [2013-06-04 3456080]
"DAEMON Tools Lite"=D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"Steam"=D:\Program Files\Steam\Steam.exe [2014-02-11 1824000]
"SteelSeries Engine"=C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2013-06-12 241152]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"uTorrent"=C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe [2013-11-15 900440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
""= []
"RoxWatchTray"=C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe [2011-07-13 293360]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2010-05-21 324976]
"CPMonitor"=D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe [2011-07-08 84464]
"Desktop Disc Tool"=D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe [2011-06-12 506352]
"beid"=C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"iTunesHelper"=D:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Wireless Connection Manager.lnk - D:\wirelesscm.exe
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
Samsung Magician.lnk - D:\Samsung SSD Magician\Samsung Magician.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-18 23:10:54 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-02-18 23:10:13 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-02-18 23:08:12 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvopencl.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvIFR64.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\NvFBC64.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvdispgenco6433489.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvdispco6433489.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuvid.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcuda.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\nvcompiler.dll
2014-02-18 23:08:12 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-02-15 19:40:46 ----D---- C:\Program Files (x86)\Soul's Software
2014-02-15 14:42:38 ----D---- C:\Program Files\trend micro
2014-02-15 14:42:37 ----D---- C:\rsit
2014-02-15 14:38:22 ----D---- C:\ProgramData\Razer
2014-02-15 14:38:22 ----D---- C:\Program Files (x86)\Razer
2014-02-12 15:35:59 ----D---- C:\Users\Kevin\AppData\Roaming\DigitalSites
2014-02-05 01:45:49 ----D---- C:\Users\Kevin\AppData\Roaming\Ventrilo
2014-02-05 01:45:33 ----D---- C:\Program Files\Ventrilo
2014-02-05 01:45:33 ----A---- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvhdap64.dll
2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvdispgenco6433221.dll
2014-01-27 16:13:26 ----A---- C:\Windows\system32\nvdispco6433221.dll
2014-01-27 16:13:26 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-01-23 01:37:35 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-01-23 01:37:35 ----A---- C:\Windows\system32\nvspcap64.dll
2014-01-23 01:37:11 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-01-23 01:37:11 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-01-23 01:37:11 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
======List of files/folders modified in the last 1 month======
2014-02-19 11:42:57 ----D---- C:\Users\Kevin\AppData\Roaming\uTorrent
2014-02-19 11:39:50 ----D---- C:\Windows\Temp
2014-02-19 11:38:50 ----D---- C:\Users\Kevin\AppData\Roaming\Yontoo
2014-02-19 11:38:24 ----D---- C:\Users\Kevin\AppData\Roaming\TS3Client
2014-02-19 11:37:51 ----D---- C:\Windows\system32\Tasks
2014-02-19 11:37:45 ----D---- C:\ProgramData\NVIDIA
2014-02-19 00:42:09 ----D---- C:\Windows\system32\config
2014-02-19 00:26:40 ----D---- C:\Windows\System32
2014-02-19 00:26:40 ----D---- C:\Windows\inf
2014-02-19 00:26:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-19 00:19:58 ----D---- C:\Users\Kevin\AppData\Roaming\Skype
2014-02-18 23:38:55 ----D---- C:\Windows
2014-02-18 23:38:16 ----D---- C:\Windows\SysWOW64
2014-02-18 23:10:56 ----SHD---- C:\Windows\Installer
2014-02-18 23:10:54 ----RD---- C:\Program Files (x86)
2014-02-18 23:10:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-02-18 23:10:12 ----D---- C:\Temp
2014-02-18 23:10:10 ----D---- C:\Windows\system32\DriverStore
2014-02-18 23:10:10 ----D---- C:\Windows\system32\catroot
2014-02-18 23:09:06 ----D---- C:\Windows\system32\drivers
2014-02-18 11:45:03 ----D---- C:\Windows\system32\catroot2
2014-02-16 12:24:29 ----SHD---- C:\System Volume Information
2014-02-15 14:42:38 ----RD---- C:\Program Files
2014-02-15 14:38:22 ----D---- C:\ProgramData
2014-02-13 17:30:14 ----D---- C:\Users\Kevin\AppData\Roaming\vlc
2014-02-12 15:35:59 ----D---- C:\Windows\Tasks
2014-02-12 06:17:46 ----D---- C:\ProgramData\CanonIJPLM
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-02-08 19:34:51 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvoglv64.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvinitx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-02-08 19:34:51 ----A---- C:\Windows\system32\nvapi64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvsvc64.dll
2014-02-08 18:42:36 ----A---- C:\Windows\system32\nvcpl.dll
2014-02-08 18:42:33 ----A---- C:\Windows\system32\nvvsvc.exe
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvshext.dll
2014-02-08 18:42:32 ----A---- C:\Windows\system32\nvmctray.dll
2014-02-05 12:24:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-02-05 01:45:24 ----D---- C:\Program Files (x86)\Common Files
2014-01-27 16:15:00 ----D---- C:\ProgramData\NVIDIA Corporation
2014-01-23 01:37:35 ----D---- C:\Program Files\NVIDIA Corporation
2014-01-23 01:37:31 ----D---- C:\Windows\Microsoft.NET
2014-01-23 01:37:12 ----RD---- C:\Users
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-05-24 55952]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Sahdad64;HDD Filter Driver; C:\Windows\System32\Drivers\Sahdad64.sys [2011-02-09 27120]
R0 Saibad64;Volume Filter Driver; C:\Windows\System32\Drivers\Saibad64.sys [2011-02-09 19952]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-11 564824]
R0 SysCow;SysCow; C:\Windows\system32\drivers\syscowad64v.sys [2010-05-23 164848]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-11 283200]
R1 HssDRV6;Hotspot Shield Routing Driver 6; C:\Windows\system32\DRIVERS\hssdrv6.sys [2013-06-21 46792]
R1 SaibVdAd64;Virtual Disk Driver; C:\Windows\System32\Drivers\SaibVdAd64.sys [2011-02-09 27632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys [2013-04-26 134656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-31 4739304]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-09 425000]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 66800]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
R3 LVUSBS64;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBS64.sys [2007-10-12 50072]
R3 LVUVC64;Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel® Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-27 39200]
R3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-06-21 42184]
S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usb.sys [2012-10-03 45056]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys [2009-06-10 707072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2007-10-12 582680]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RTL8192su;%RTL8192su.DeviceDesc.DispName%; C:\Windows\system32\DRIVERS\RTL8192su.sys [2009-08-20 664576]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2011-02-09 457200]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BOT4Service;BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2011-07-15 21488]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hshld;Hotspot Shield Service; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2013-06-21 831272]
R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2013-06-21 548136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2012-03-28 140456]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-01-21 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-01-21 16939296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-02 76888]
R2 RzKLService;RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [2013-11-22 105448]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 TeamViewer8;TeamViewer 8; D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-07-08 4153184]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
R2 WlanWpsSvc;WlanWpsSvc; D:\WlanWpsSvc.exe [2008-06-26 167936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 116648]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2011-07-13 340976]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-05-26 49152]
S3 cphs;Intel® Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-01-21 654848]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-07 116648]
S3 HssTrayService;Hotspot Shield Tray Service; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [2013-06-21 78512]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB13;RoxMediaDB13; C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2011-07-13 1095664]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-01-27 571816]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-12 1255736]
S4 BOTService;BOTService; C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe [2011-07-14 211440]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
-
Heb last van reclamepop-ups en onderlijnde woorden :/
als iemand zo vriendelijk zou willen zijn om mijn logje na te kijken!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:00:40 AM, on 2/19/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\rundll32.exe
D:\wirelesscm.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost #[iPv6]
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\Run: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [steelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Kevin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [backgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Kevin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - AnchorFree Inc. - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14677 bytes
-
hallo, iemand zin om dit logje even na te kijken?
info.txt logfile of random's system information tool 1.09 2014-02-15 14:42:40
======Uninstall list======
-->C:\Windows\SysWOW64\\MSIEXEC.EXE /x {7B91CBFD-0671-4819-9724-CABE3014E886}
-->MsiExec /X{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
7 Days to Die - Alpha version 0.9.1-->"C:\Program Files (x86)\7DaysToDie-Alpha\unins000.exe"
7-Zip 9.20 (x64 edition)-->MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{D92B72E2-C854-4738-8ED6-4C3661CC17AE}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 12 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_44_ActiveX.exe -maintain activex
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe InDesign CS3 Icon Handler-->MsiExec.exe /I{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}
Adobe InDesign CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\0afb6829baf354bd3bebf7d31585b38\Setup.exe
Adobe InDesign CS3-->MsiExec.exe /I{0F005E22-4D14-4E7E-AD03-234B2FCB876C}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Reader XI (11.0.06) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AB0000000001}
Adobe Setup-->MsiExec.exe /I{CBFBA159-6E98-4FAA-B0D8-0A61CE5226BE}
Adobe SING CS3-->MsiExec.exe /I{3F9B2FD2-1C83-4401-9967-C3636638E958}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
APB Reloaded-->"D:\Program Files (x86)\GamersFirst\APB Reloaded\Uninstall.exe"
Apple Application Support-->MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D}
Apple Mobile Device Support-->MsiExec.exe /I{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
ARMA 2 Army of The Czech Republic - Data cache removal-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\ACR\datacacheremoval.exe
ARMA 2: British Armed Forces - Data cache removal-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\BAF\datacacheremoval.exe
Arma 2: British Armed Forces-->"D:\Program Files\Steam\steam.exe" steam://uninstall/65700
Arma 2: Operation Arrowhead-->"D:\Program Files\Steam\steam.exe" steam://uninstall/33930
Arma 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/33900
Assassin's Creed II-->"C:\Program Files (x86)\InstallShield Installation Information\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}\setup.exe" -runfromtemp -l0x0013 -removeonly
Battlefield 3™-->"C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging
Battlelog Web Plugins-->C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
BattlEye for OA Uninstall-->D:\Program Files\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
BattlEye Uninstall-->C:\SteamLibrary\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
Belgium e-ID middleware 4.0.5 (build 7363)-->MsiExec.exe /I{824563DE-75AD-4166-9DC0-B6482F207363}
BioShock Infinite-->"D:\Program Files (x86)\BioShock Infinite\unins000.exe"
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Broadcom NetLink Controller-->MsiExec.exe /X{C91DCB72-F5BB-410D-A91A-314F5D1B4284}
Call of Duty: Black Ops-->"D:\Program Files\Steam\steam.exe" steam://uninstall/42700
Call of Duty: Modern Warfare 2 - Multiplayer-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10190
Canon Easy-WebPrint EX-->"C:\Program Files (x86)\Canon\Easy-WebPrint EX\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\Easy-WebPrint EX\uninst.ini
Canon IJ Network Scanner Selector EX-->"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\uninst.ini
Canon IJ Network Tool-->C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon IJ Scan Utility-->"C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini
Canon Inkjet Printer/Scanner/Fax Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R
Canon MG3200 series MP Drivers-->"C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series /L0x0009
Canon MG3200 series On-screen Manual-->C:\Program Files (x86)\Canon\IJ Manual\Canon MG3200 series\uninstall.exe
Canon MG3200 series User Registration-->C:\Program Files (x86)\Canon\IJEREG\MG3200 series\UNINST.EXE
Canon My Image Garden Design Files-->"C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\AddOn\uninst.ini
Canon My Image Garden-->"C:\Program Files (x86)\Canon\My Image Garden\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\My Image Garden\uninst.ini
Canon My Printer-->"C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini
Canon Quick Menu-->"C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini
CDBurnerXP-->"D:\Program Files\Dvd burner\CDBurnerXP\unins000.exe"
Cheat Engine 6.2-->"D:\Program Files\Cheat engine\Cheat Engine 6.2\unins000.exe"
ConvertXtoDVD 4.2.0.0-->"D:\Program Files (x86)\VSO\ConvertX\4\unins000.exe"
Core Temp 1.0 RC5-->"C:\Program Files\Core Temp\unins000.exe"
Counter-Strike: Global Offensive-->"D:\Program Files\Steam\steam.exe" steam://uninstall/730
Crysis 3 version 5.1-->"D:\Program Files (x86)\Crysis 3\unins000.exe"
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
DAEMON Tools Lite-->D:\Program Files\Daemon tools\DAEMON Tools Lite\uninst.exe
Dark Souls Prepare to Die Edition-->MsiExec.exe /I{4E4D0FA1-F880-4CCB-999A-501000008200}
Dark Souls Prepare to Die Edition-->MsiExec.exe /X{4E4D0FA1-F880-4CCB-999A-501000008200}
DayZ Commander-->MsiExec.exe /I{D7ECDD70-EBAB-42AD-8BE3-2F4D1CEC70A7}
DayZ-->"D:\Program Files\Steam\steam.exe" steam://uninstall/221100
Debut Video Capture Software-->"C:\Program Files (x86)\NCH Software\Debut\debut.exe" -uninstall
DEFIANCE-->"C:\Users\Kevin\AppData\Local\Defiance\unins000.exe"
DefianceRuntimes-->MsiExec.exe /I{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}
Delta Chrome Toolbar-->"C:\Users\Kevin\AppData\Roaming\BabSolution\Shared\GUninstaller.exe" -key "Delta Chrome Toolbar" -rmkey -ask
Delta toolbar -->"C:\Program Files (x86)\Delta\delta\1.8.10.0\GUninstaller.exe" -uprtc /tbGen= -key "delta"
Diablo III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=diablo3_engb --displayname="Diablo III"
DirectX 9 Runtime-->MsiExec.exe /I{3A9527CF-4E91-4683-A03F-F1AD022126E5}
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
D-Link DWA-131 Wireless N Nano USB Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{D9198056-A296-4583-A790-C0E73694CFE8}\setup.exe -runfromtemp -l0x0009 -removeonly
DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
ESN Sonar-->C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
Express Burn-->"C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe" -uninstall
Face Filter-->MsiExec.exe /I{CE86D656-C887-4EF1-B2D7-2A1075435964}
Fallout New Vegas-->"D:\Program Files (x86)\Bethesda Softworks\Fallout New Vegas\unins000.exe"
Far Cry 3-->\"C:\Program Files (x86)\InstallShield Installation Information\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}\setup.exe\" -runfromtemp -l0x0409 -removeonly
FarCry 3 version 5.1-->"D:\Program Files (x86)\FarCry 3\unins000.exe"
Fraps (remove only)-->"D:\Fraps\uninstall.exe"
FXAA Post Process Injector-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Uninstall.exe
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hellgate-->MsiExec.exe /X{65DF3688-6EF3-4C86-83DE-54AB46029F07}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotspot Shield 3.09-->C:\Program Files (x86)\Hotspot Shield\Uninstall.exe
Hotspot Shield Toolbar-->C:\Program Files (x86)\Hotspot_Shield\uninstall.exe toolbar
Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall
iTunes-->MsiExec.exe /I{F73A118B-8271-47E2-8790-0C636B2539C5}
Java 7 Update 45-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217045FF}
Logitech Gaming Software 8.45-->C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=ENU /downgrade=no
Logitech Gaming Software-->MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD}
Mafia II-->"D:\Program Files (x86)\2K Games\Mafia II\unins000.exe"
Malwarebytes Anti-Malware version 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Matrix-ks-->"C:\Program Files (x86)\KellySoftware\Matrix-ks\Uninstall.exe" "C:\Program Files (x86)\KellySoftware\Matrix-ks\install.log"
Metro Last Light-->"D:\Program Files\Steam\steamapps\common\Metro Last Light\unins000.exe"
Microsoft .NET Framework 4.5-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5-->MsiExec.exe /X{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Security Client-->MsiExec.exe /X{D954C6C2-544B-4091-A47F-11E77162883E}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106-->"C:\ProgramData\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106-->MsiExec.exe /X{6C772996-BFF3-3C8C-860B-B3D48FF05D65}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106-->MsiExec.exe /X{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}
Microsoft XNA Framework Redistributable 4.0 Refresh-->MsiExec.exe /I{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
MiPony 2.0.2-->C:\Program Files (x86)\MiPony\uninst.exe
Mumble 1.2.3-->MsiExec.exe /I{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}
Nexus Mod Manager-->"D:\Program Files\Skyrim mod manager\Nexus Mod Manager\uninstall\unins000.exe"
NVIDIA 3D Vision Controller Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA 3D Vision Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA GeForce Experience 1.8.2-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{421974B2-1FE4-460D-A004-ECEF723133EE}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Graphics Driver 332.21-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA HD Audio Driver 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA PhysX System Software 9.13.0725-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{CCDB4533-AC98-412A-BC61-E745A07D78BA}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /I{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Virtual Audio 1.2.20-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{421974B2-1FE4-460D-A004-ECEF723133EE}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
Origin-->D:\Program Files (x86)\Origin\OriginUninstall.exe
Path of Exile-->MsiExec.exe /X{90A4562F-D4A1-4B65-906D-41F236CF6902}
PDF Settings-->MsiExec.exe /I{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}
Prism Video File Converter-->"C:\Program Files (x86)\NCH Software\Prism\prism.exe" -uninstall
PunkBuster Services-->D:\PROGRAM FILES (X86)\GAMERSFIRST\APB RELOADED\Binaries\pbsvc_apb.exe -u
QuickTime-->MsiExec.exe /I{B67BAFBA-4C9F-48FA-9496-933E3B255044}
Razer Game Booster-->"C:\Program Files (x86)\Razer\Razer Game Booster\unins000.exe"
RBVirtualFolder64Inst-->MsiExec.exe /I{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}
Realm of the Mad God-->"D:\Program Files\Steam\steam.exe" steam://uninstall/200210
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Roxio BackOnTrack-->MsiExec.exe /I{729B89D0-946A-407E-A121-343BD3320C40}
Roxio BackOnTrackPE-->MsiExec.exe /I{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}
Roxio Burn - Secure-->MsiExec.exe /I{9569E6BC-326A-432F-97AB-35263A327BF1}
Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{FFAC39DA-CF79-434B-A6E0-4055689667D9}
Roxio CinePlayer-->MsiExec.exe /I{302763FD-5CEA-4DFF-80C8-9B41414C4822}
Roxio Creator 2012 Pro-->C:\ProgramData\Uninstall\{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}\setup.exe /x {AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52} {lang}=ENU
Roxio Creator 2012 Pro-->MsiExec.exe /I{77CDA026-3860-4C95-8233-34F3CEF121FB}
Roxio Creator 2012 Pro-->MsiExec.exe /I{F53529E7-07B1-409A-ACE0-3910D2338D12}
Roxio System Rollback Recovery Disk-->MsiExec.exe /I{2B682751-E749-441C-A4B3-1F538E26E56E}
Roxio System Rollback-->MsiExec.exe /I{0517F875-BBB2-4812-A63E-733B33CEF215}
Roxio Video Capture USB-->MsiExec.exe /I{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}
Samsung Data Migration-->"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\setup.exe" -runfromtemp -l0x0009 -removeonly
Samsung Magician-->"D:\Samsung SSD Magician\unins000.exe"
SketchUp Pro 8-->MsiExec.exe /X{045D5A51-F07E-4350-8642-B85772A2876B}
Skype™ 6.11-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
Skyrim Dawnguard DLC+Update v1.7706-=AviaRa=- 1.7706-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Skyrim Dawnguard DLC+Update v1.7706-=AviaRa=-\Uninstall.exe
SmartSound Common Data-->"C:\Program Files (x86)\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Common Data-->MsiExec.exe /I{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}
SmartSound Quicktracks 5-->"C:\Program Files (x86)\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly
SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}
Sniper Ghost Warrior 2-->"C:\Users\Kevin\AppData\Roaming\Sniper Ghost Warrior 2\Uninstall\unins000.exe"
SpeedRunners-->"D:\Program Files\Steam\steam.exe" steam://uninstall/207140
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SteelSeries Engine-->C:\Program Files\SteelSeries\SteelSeries Engine\uninst.exe
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
TeamViewer 8-->D:\Program Files (x86)\TeamViewer\Version8\uninstall.exe
TERA-->"C:\Program Files (x86)\TERA\unins000.exe"
TERA-->"D:\Program Files (x86)\TERA\unins000.exe"
The Elder Scrolls V Skyrim 1.0.2-->D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\Uninstall.exe
The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1-->"D:\Program Files\Skyrim\The Elder Scrolls V Skyrim\unins000.exe"
Titan Quest: Immortal Throne-->"D:\Program Files\Steam\steam.exe" steam://uninstall/4550
Titan Quest-->"D:\Program Files\Steam\steam.exe" steam://uninstall/4540
TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
TomTom HOME-->MsiExec.exe /I{99072AB4-D795-44D5-9D65-E3C9F8322C97}
TorrentB 1.1.3.0-->"C:\Program Files (x86)\TorrentB\unins000.exe"
TQVault-->MsiExec.exe /I{3CFC6D41-EC71-449D-9E12-2F4EAB3D4B83}
Uplay-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VD64Inst-->MsiExec.exe /I{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}
Ventrilo Client for Windows x64-->MsiExec.exe /X{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}
VIA Platform Device Manager-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VideoPad Video Editor-->"C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe" -uninstall
VLC media player 2.0.5-->D:\Vlc\uninstall.exe
War Thunder-->"D:\Program Files\Steam\steam.exe" steam://uninstall/236390
Windows Driver Package - Fedict SmartCard (10/04/2011 4.0.0.5)-->rundll32.exe C:\PROGRA~1\DIFX\4CBAA680AB78144E\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\beidmdrv.inf_amd64_neutral_cd2534e986d35e30\beidmdrv.inf
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinSoftMEsti-->MsiExec.exe /I{1FFB45AE-120B-4A9D-A914-BE466C6BBB0A}
Yontoo 2.051-->C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe /remove /q0
======Hosts File======
127.0.0.1 localhost
::1 localhost #[iPv6]
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
======System event log======
Computer Name: Kevin-PC
Event Code: 1116
Message: Microsoft Antimalware has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/Keygen
ID: 2147593794
Severity: Medium
Category: Tool
Path: file:_D:\Users\Kevin\Downloads\Titan Quest + Immortal Throne\Game Keys\TitanQuestKeygen.exe;webfile:_D:\Users\Kevin\Downloads\Titan Quest + Immortal Throne\Game Keys\TitanQuestKeygen.exe|about:internet
Detection Origin: Internet
Detection Type: Concrete
Detection Source: System
User: NT AUTHORITY\SYSTEM
Process Name: Unknown
Signature Version: AV: 1.157.1259.0, AS: 1.157.1259.0, NIS: 108.1.0.0
Engine Version: AM: 1.1.9800.0, NIS: 2.1.9900.0
Record Number: 84818
Source Name: Microsoft Antimalware
Time Written: 20130906191931.000000-000
Event Type: Warning
User:
Computer Name: Kevin-PC
Event Code: 11
Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.
Record Number: 84808
Source Name: Microsoft-Windows-Wininit
Time Written: 20130906191929.868111-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Kevin-PC
Event Code: 7000
Message: The NVIDIA Update Service Daemon service failed to start due to the following error:
The service did not start due to a logon failure.
Record Number: 84775
Source Name: Service Control Manager
Time Written: 20130906191922.236015-000
Event Type: Error
User:
Computer Name: Kevin-PC
Event Code: 7038
Message: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
Logon failure: the specified account password has expired.
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Record Number: 84774
Source Name: Service Control Manager
Time Written: 20130906191922.236015-000
Event Type: Error
User:
Computer Name: Kevin-PC
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.
Record Number: 84690
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20130905235217.698174-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Kevin-PC
Event Code: 33
Message: Activation context generation failed for "D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2Launcher.exe". Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 313
Source Name: SideBySide
Time Written: 20130111005234.000000-000
Event Type: Error
User:
Computer Name: Kevin-PC
Event Code: 1
Message: The application (Daemon Tools, from vendor DT Soft Ltd.) has the following problem: Daemon Tools is incompatible with this version of Windows. For more information, contact DT Soft Ltd..
Record Number: 290
Source Name: Microsoft-Windows-ApplicationExperienceInfrastructure
Time Written: 20130111004942.686020-000
Event Type: Warning
User: Kevin-PC\Kevin
Computer Name: Kevin-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2201358601-1718601949-3330357416-1000:
Process 548 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2201358601-1718601949-3330357416-1000
Record Number: 242
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20130111004021.479208-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Kevin-PC
Event Code: 33
Message: Activation context generation failed for "C:\Windows.old\Program Files\Samsung SSD Magician\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 231
Source Name: SideBySide
Time Written: 20130111003743.000000-000
Event Type: Error
User:
Computer Name: Kevin-PC
Event Code: 1008
Message: The Windows Search Service is starting up and attempting to remove the old search index {Reason: Full Index Reset}.
Record Number: 211
Source Name: Microsoft-Windows-Search
Time Written: 20130111003649.000000-000
Event Type: Warning
User:
=====Security event log=====
Computer Name: Kevin-PC
Event Code: 4907
Message: Auditing settings on object were changed.
Subject:
Security ID: S-1-5-18
Account Name: KEVIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\System32\en-US\Licenses\OEM\EnterpriseE\license.rtf
Handle ID: 0x18
Process Information:
Process ID: 0x7f8
Process Name: C:\Windows\System32\poqexec.exe
Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9507
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130320122100.291006-000
Event Type: Audit Success
User:
Computer Name: Kevin-PC
Event Code: 4907
Message: Auditing settings on object were changed.
Subject:
Security ID: S-1-5-18
Account Name: KEVIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\System32\en-US\Licenses\OEM\HomePremiumN\license.rtf
Handle ID: 0x18
Process Information:
Process ID: 0x7f8
Process Name: C:\Windows\System32\poqexec.exe
Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9506
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130320122100.291006-000
Event Type: Audit Success
User:
Computer Name: Kevin-PC
Event Code: 4907
Message: Auditing settings on object were changed.
Subject:
Security ID: S-1-5-18
Account Name: KEVIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\System32\en-US\Licenses\OEM\UltimateE\license.rtf
Handle ID: 0x18
Process Information:
Process ID: 0x7f8
Process Name: C:\Windows\System32\poqexec.exe
Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9505
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130320122100.291006-000
Event Type: Audit Success
User:
Computer Name: Kevin-PC
Event Code: 4907
Message: Auditing settings on object were changed.
Subject:
Security ID: S-1-5-18
Account Name: KEVIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\System32\en-US\Licenses\OEM\Enterprise\license.rtf
Handle ID: 0x18
Process Information:
Process ID: 0x7f8
Process Name: C:\Windows\System32\poqexec.exe
Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9504
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130320122100.291006-000
Event Type: Audit Success
User:
Computer Name: Kevin-PC
Event Code: 4907
Message: Auditing settings on object were changed.
Subject:
Security ID: S-1-5-18
Account Name: KEVIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Object:
Object Server: Security
Object Type: File
Object Name: C:\Windows\System32\en-US\Licenses\OEM\HomePremiumE\license.rtf
Handle ID: 0x18
Process Information:
Process ID: 0x7f8
Process Name: C:\Windows\System32\poqexec.exe
Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 9503
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130320122100.275406-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\DLLShared\;C:\Program Files (x86)\Belgium Identity Card;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"HellgateEnv"=C:\T3Fun\Hellgate\
"asl.log"=Destination=file
"RCAUTOPLAY"=D:\Program Files (x86)\Roxio 2012\Roxio Central\
"EMC_AUTOPLAY"=C:\Program Files (x86)\Common Files\Roxio Shared\
"BURN_AUTOPLAY"=D:\Program Files (x86)\Roxio 2012\Roxio Burn\
"CLASSPATH"=.;C:\Program Files (x86)\Belgium Identity Card;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
-----------------EOF-----------------
-
Mbam log:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
Malwarebytes : Free anti-malware download
Database version: v2013.06.10.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
Kevin :: KEVIN-PC [administrator]
Protection: Enabled
6/10/2013 10:39:43 AM
mbam-log-2013-06-10 (10-39-43).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232822
Time elapsed: 1 minute(s), 36 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Hijackthis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:44:13 AM, on 6/10/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
D:\Program Files (x86)\Origin\Origin.exe
D:\wirelesscm.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost #[iPv6]
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11537 bytes
-
Denk dat er het een en ander is binnengelopen, kan iemand dit logje nakijken?
vriendelijk dank
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:01:24 AM, on 6/9/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
D:\Program Files (x86)\Origin\Origin.exe
C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe
D:\wirelesscm.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
D:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe
C:\Users\Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
D:\Program Files (x86)\Roxio 2012\Roxio Burn\Roxio Burn.exe
D:\Samsung SSD Magician\Samsung Magician.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 178.73.210.219 thepiratebay.se
O1 - Hosts: 178.73.210.219 Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site
O1 - Hosts: 178.73.210.219 thepiratebay.org
O1 - Hosts: 178.73.210.219 Download music, movies, games, software! The Pirate Bay - The galaxy's most resilient BitTorrent site
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe] C:\ProgramData\Adobe\25065DF.vbe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [starter] C:\Program Files (x86)\Driver-Soft\DriverGenius\StarterW3i.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [CPMonitor] "D:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "D:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKCU\..\Run: [EADM] "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\Daemon tools\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\Kevin\AppData\Roaming\Yontoo\YontooDesktop.exe"
O4 - HKCU\..\Run: [502136] C:\Users\Kevin\AppData\Local\Temp\502136\svhost.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: GamersFirst LIVE!.lnk = Kevin\AppData\Local\GamersFirst\LIVE!\Live.exe
O4 - Startup: Samsung Magician.lnk = D:\Samsung SSD Magician\Samsung Magician.exe
O4 - Global Startup: Wireless Connection Manager.lnk = ?
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1358191722211
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BOT4Service - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB13 - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Rovi Corporation - C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WlanWpsSvc - Unknown owner - D:\WlanWpsSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12764 bytes
Hijackthis logje
in Archief Bestrijding malware & virussen
Geplaatst:
alles is weg!
Had ook problemen met een foutmelding "Display driver has stopped responding but has recovered"
Heb ik voorlopig ook geen last meer van!
Vriendelijk bedankt
Kevin