Jump to content

Adware - Pup Optional Superfish

Noxene
 Share

Recommended Posts

Noxene

Noxene

Posted
Posted

Hey,

 

Lately i've been getting ads whenever I press on some series or "play" on Netflix, so I use malwarebytes & ccleaner to remove the adware.

That works for about 1-2 days, and then it returns again. This has been going on for about a month now and it doesn't seem to stop, it returns everytime.

How do I fix this?  :unsure:

If you need any translations just ask  :)

 

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by marco (administrator) on MARCO-HP on 27-05-2014 19:53:11
Running from C:\Users\marco\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch Standard
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Flux Software LLC) C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe [957840 2010-12-30] (Razer USA Ltd)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585048 2014-04-17] (Razer Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-05-13] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-909820617-2155926707-2901132751-1000\...\Run: [F.lux] => C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-909820617-2155926707-2901132751-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-909820617-2155926707-2901132751-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-909820617-2155926707-2901132751-1000\...\Run: [Google Update] => C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-18] (Google Inc.)
AppInit_DLLs: => File Not Found
Startup: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-03-05] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.com/RCplugin - C:\Users\marco\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\marco\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\marco\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\marco\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Extension: WoW Forum Bastard Mode - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\Extensions\jid1-OJBHGHRogDgOnQ@jetpack.xpi [2012-12-24]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2013-03-17]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.nl/
CHR StartupUrls: "https://www.google.nl/"
CHR Plugin: (Shockwave Flash) - C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Simple Pass 2011) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpgfhihjicjofdejkbjgnjlaglaciobe\1.0_0\npwebsitelogon.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Raidcall plugin) - C:\Users\marco\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
CHR Plugin: (Google Update) - C:\Users\marco\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Raidcall plugin) - C:\Users\marco\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-21]
CHR Extension: (YouTube) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google Zoeken) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (Pandora) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-04-23]
CHR Extension: (AdBlock) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-15]
CHR Extension: (Hola Beter Internet) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-04-05]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2012-12-30]
CHR Extension: (Google Wallet) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR HKCU\...\Chrome\Extension: [ndgonipadfipmlmdfofnjnhhlgojnjdn] - C:\Users\marco\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx [2012-12-21]
CHR HKLM-x32\...\Chrome\Extension: [jpgfhihjicjofdejkbjgnjlaglaciobe] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-06-03]
CHR HKLM-x32\...\Chrome\Extension: [ndgonipadfipmlmdfofnjnhhlgojnjdn] - C:\Users\marco\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx [2011-06-03]
CHR StartMenuInternet: Google Chrome - C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-30] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-27] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-03-05] ()
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2010-12-16] (Razer USA Ltd)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-27 19:49 - 2014-05-27 19:49 - 00063208 _____ () C:\Users\marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 19:48 - 2014-05-27 19:53 - 00021040 _____ () C:\Users\marco\Downloads\FRST.txt
2014-05-27 19:48 - 2014-05-27 19:49 - 00034765 _____ () C:\Users\marco\Downloads\Addition.txt
2014-05-27 19:47 - 2014-05-27 19:53 - 00000000 ____D () C:\FRST
2014-05-27 19:46 - 2014-05-27 19:46 - 02066944 _____ (Farbar) C:\Users\marco\Downloads\FRST64.exe
2014-05-26 11:03 - 2014-05-27 08:01 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleFormarco.job
2014-05-26 11:03 - 2014-05-26 11:03 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormarco
2014-05-23 20:21 - 2014-05-27 14:31 - 00148390 ____N () C:\Windows\WindowsUpdate.log
2014-05-23 00:40 - 2014-05-23 20:17 - 00000042 _____ () C:\Users\marco\Documents\debts.txt
2014-05-20 20:41 - 2014-05-20 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia OT
2014-05-20 20:41 - 2014-05-20 20:41 - 00000000 ____D () C:\Program Files (x86)\Tibia OT
2014-05-20 20:40 - 2014-05-20 20:40 - 23950599 _____ (CipSoft GmbH ) C:\Users\marco\Downloads\tibia860.exe
2014-05-20 17:54 - 2014-05-20 17:54 - 00844037 _____ () C:\Users\marco\Downloads\tibiacast_3_1_26_0.zip
2014-05-16 14:20 - 2014-05-16 14:20 - 00000000 ____D () C:\Users\marco\AppData\Roaming\DropboxMaster
2014-05-14 23:51 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 23:51 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 23:51 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 23:51 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 23:51 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 23:51 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 17:44 - 2014-05-23 14:53 - 00002388 _____ () C:\Users\marco\Desktop\Google Chrome.lnk
2014-05-14 17:09 - 2014-05-14 17:09 - 790214754 _____ () C:\Users\marco\Downloads\MaF_Updated May 7th 2014.zip
2014-05-14 13:12 - 2014-05-14 14:12 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 11:39 - 2014-05-14 11:39 - 00021030 _____ () C:\Users\marco\Downloads\person-of-interest-third-season_english-914467.zip
2014-05-14 08:57 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 08:57 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 08:57 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 08:57 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 08:57 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 08:57 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 08:57 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 08:57 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 08:57 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 08:57 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 08:57 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 08:57 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 08:56 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 08:56 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 08:56 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 08:56 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 08:56 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 08:56 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 08:56 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 08:56 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 08:56 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 08:56 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 08:56 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 08:56 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 08:56 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 08:56 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 08:56 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 08:56 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 08:56 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 08:56 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:19 - 2014-05-12 19:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-05-12 19:18 - 2014-05-12 19:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-05-12 19:18 - 2014-05-12 19:18 - 00000000 ____D () C:\Windows\Razer Core
2014-05-12 19:18 - 2014-04-18 17:02 - 00129472 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzDxgk.sys
2014-05-12 19:18 - 2014-04-18 17:02 - 00074432 _____ (Razer, Inc.) C:\Windows\system32\Drivers\RzFilter.sys
2014-05-12 19:16 - 2014-05-12 19:16 - 00000000 ____D () C:\Users\marco\AppData\Local\Razer
2014-05-12 19:15 - 2014-05-12 19:18 - 00000000 ____D () C:\ProgramData\Razer
2014-05-12 19:15 - 2014-05-12 19:15 - 18155960 _____ (Razer Inc.) C:\Users\marco\Downloads\Razer_Synapse_Framework_V1.18.02.exe
2014-05-12 16:47 - 2014-05-12 16:49 - 00001468 _____ () C:\Users\marco\Desktop\Druid.lnk
2014-05-10 18:49 - 2014-05-10 18:49 - 00000025 _____ () C:\Users\marco\Desktop\geld leen.txt
2014-05-10 17:12 - 2014-05-10 17:12 - 13084896 _____ (Microsoft Corporation) C:\Users\marco\Downloads\Silverlight_x64.exe
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-07 00:39 - 2014-05-15 09:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 16:56 - 2014-05-06 16:56 - 00000396 _____ () C:\Users\marco\Documents\priest.txt
2014-05-01 19:19 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-01 19:19 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Day 1 Studios
2014-04-28 14:19 - 2014-04-28 14:19 - 00844228 _____ () C:\Users\marco\Downloads\tibiacast_3_1_25_0.zip
 
==================== One Month Modified Files and Folders =======
 
2014-05-27 19:53 - 2014-05-27 19:48 - 00021040 _____ () C:\Users\marco\Downloads\FRST.txt
2014-05-27 19:53 - 2014-05-27 19:47 - 00000000 ____D () C:\FRST
2014-05-27 19:51 - 2013-02-17 16:04 - 00000000 ____D () C:\Users\marco\AppData\Roaming\BitTorrent
2014-05-27 19:49 - 2014-05-27 19:49 - 00063208 _____ () C:\Users\marco\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 19:49 - 2014-05-27 19:48 - 00034765 _____ () C:\Users\marco\Downloads\Addition.txt
2014-05-27 19:49 - 2013-05-23 11:03 - 00000000 ____D () C:\Users\marco\Downloads\ass-effect
2014-05-27 19:46 - 2014-05-27 19:46 - 02066944 _____ (Farbar) C:\Users\marco\Downloads\FRST64.exe
2014-05-27 19:23 - 2012-06-03 19:13 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForMARCO-HP$.job
2014-05-27 19:23 - 2012-05-19 15:02 - 00003218 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMARCO-HP$
2014-05-27 19:22 - 2012-05-18 17:08 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job
2014-05-27 19:11 - 2013-03-16 18:21 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 19:06 - 2012-05-18 21:38 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Skype
2014-05-27 18:53 - 2013-11-17 14:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-27 18:52 - 2014-04-18 11:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 18:52 - 2012-06-16 16:22 - 00000000 ____D () C:\Users\marco\AppData\Local\CrashDumps
2014-05-27 18:04 - 2012-07-17 19:21 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-27 14:31 - 2014-05-23 20:21 - 00148390 ____N () C:\Windows\WindowsUpdate.log
2014-05-27 12:09 - 2012-10-18 14:59 - 00000000 ____D () C:\Program Files (x86)\Tibia
2014-05-27 11:44 - 2012-05-18 17:04 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{33FFD9C6-9FD0-419D-9525-176740E202ED}
2014-05-27 10:22 - 2012-05-18 17:08 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job
2014-05-27 08:09 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 08:09 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 08:02 - 2013-04-20 22:11 - 00000000 ___RD () C:\Users\marco\Dropbox
2014-05-27 08:02 - 2013-04-20 22:10 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Dropbox
2014-05-27 08:02 - 2012-05-18 17:08 - 00000000 ____D () C:\Users\marco\AppData\Local\Deployment
2014-05-27 08:02 - 2012-03-05 17:55 - 00000000 ____D () C:\ProgramData\PDFC
2014-05-27 08:01 - 2014-05-26 11:03 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleFormarco.job
2014-05-27 08:01 - 2012-03-05 17:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-27 08:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 00:28 - 2012-03-05 18:00 - 00000000 ____D () C:\ProgramData\truesuite
2014-05-26 11:03 - 2014-05-26 11:03 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormarco
2014-05-26 00:31 - 2013-08-22 20:04 - 00000000 ____D () C:\Users\marco\AppData\Local\Battle.net
2014-05-25 15:36 - 2013-10-09 12:20 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-24 22:00 - 2012-05-26 14:53 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-24 22:00 - 2012-05-19 15:02 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-23 20:17 - 2014-05-23 00:40 - 00000042 _____ () C:\Users\marco\Documents\debts.txt
2014-05-23 14:53 - 2014-05-14 17:44 - 00002388 _____ () C:\Users\marco\Desktop\Google Chrome.lnk
2014-05-22 20:41 - 2012-06-07 17:08 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-05-22 20:41 - 2012-05-19 03:52 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-05-22 20:40 - 2013-10-09 12:21 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-22 17:18 - 2013-04-23 21:09 - 00000000 ____D () C:\Users\marco\AppData\Roaming\vlc
2014-05-20 20:42 - 2013-05-29 14:09 - 00000000 ____D () C:\Users\marco\AppData\Local\OtLand
2014-05-20 20:41 - 2014-05-20 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia OT
2014-05-20 20:41 - 2014-05-20 20:41 - 00000000 ____D () C:\Program Files (x86)\Tibia OT
2014-05-20 20:40 - 2014-05-20 20:40 - 23950599 _____ (CipSoft GmbH ) C:\Users\marco\Downloads\tibia860.exe
2014-05-20 17:55 - 2014-03-04 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibiacast
2014-05-20 17:55 - 2014-03-04 21:12 - 00000000 ____D () C:\Program Files (x86)\Tibiacast
2014-05-20 17:54 - 2014-05-20 17:54 - 00844037 _____ () C:\Users\marco\Downloads\tibiacast_3_1_26_0.zip
2014-05-20 09:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-19 12:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-18 22:43 - 2013-11-17 18:06 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-05-16 14:20 - 2014-05-16 14:20 - 00000000 ____D () C:\Users\marco\AppData\Roaming\DropboxMaster
2014-05-16 14:20 - 2013-04-20 22:11 - 00001021 _____ () C:\Users\marco\Desktop\Dropbox.lnk
2014-05-16 14:20 - 2013-04-20 22:10 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 14:20 - 2012-05-18 17:04 - 00000000 ___RD () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 10:38 - 2012-05-18 18:01 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-15 09:52 - 2012-05-18 17:04 - 00000000 ___RD () C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 09:49 - 2014-05-07 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 23:51 - 2013-08-15 00:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 23:50 - 2013-04-19 21:48 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:09 - 2014-05-14 17:09 - 790214754 _____ () C:\Users\marco\Downloads\MaF_Updated May 7th 2014.zip
2014-05-14 14:12 - 2014-05-14 13:12 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-14 14:12 - 2013-03-16 18:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 14:12 - 2013-03-16 18:21 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 14:12 - 2012-03-05 17:50 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-14 11:39 - 2014-05-14 11:39 
2014-05-13 08:58 - 2009-07-14 07:08 - 00032522 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-12 19:19 - 2014-05-12 19:19 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-05-12 19:18 - 2014-05-12 19:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_RzFilter_01009.Wdf
2014-05-12 19:18 - 2014-05-12 19:18 - 00000000 ____D () C:\Windows\Razer Core
2014-05-12 19:18 - 2014-05-12 19:15 - 00000000 ____D () C:\ProgramData\Razer
2014-05-12 19:18 - 2012-07-26 16:22 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-05-12 19:16 - 2014-05-12 19:16 - 00000000 ____D () C:\Users\marco\AppData\Local\Razer
2014-05-12 19:15 - 2014-05-12 19:15 - 18155960 _____ (Razer Inc.) C:\Users\marco\Downloads\Razer_Synapse_Framework_V1.18.02.exe
2014-05-12 19:15 - 2012-07-26 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-05-12 16:49 - 2014-05-12 16:47 - 00001468 _____ () C:\Users\marco\Desktop\Druid.lnk
2014-05-12 16:45 - 2014-01-04 16:58 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Tibia
2014-05-10 18:49 - 2014-05-10 18:49 - 00000025 _____ () C:\Users\marco\Desktop\geld leen.txt
2014-05-10 17:12 - 2014-05-10 17:12 - 13084896 _____ (Microsoft Corporation) C:\Users\marco\Downloads\Silverlight_x64.exe
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-10 17:12 - 2014-05-10 17:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-05-09 08:14 - 2014-05-14 08:57 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 08:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 10:17 - 2012-05-18 17:08 - 00004036 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA
2014-05-07 10:17 - 2012-05-18 17:08 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core
2014-05-06 16:56 - 2014-05-06 16:56 - 00000396 _____ () C:\Users\marco\Documents\priest.txt
2014-05-06 06:40 - 2014-05-14 23:51 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 23:51 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 23:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 23:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-01 19:19 - 2012-03-05 17:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Users\marco\AppData\Roaming\Day 1 Studios
2014-04-28 16:41 - 2014-04-28 16:41 
2014-04-28 14:19 - 2014-04-28 14:19 - 00844228 _____ () C:\Users\marco\Downloads\tibiacast_3_1_25_0.zip
 
Some content of TEMP:
====================
C:\Users\marco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfrlipf.dll
C:\Users\marco\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7szbc.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-20 09:27
 
==================== End Of Log ============================
 
 
Addition
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by marco at 2014-05-27 19:53:27
Running from C:\Users\marco\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
.sol Editor 1.1.0.1 (HKLM-x32\...\.sol Editor) (Version: 1.1.0.1 - alexisisaac.net)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AuthenTec TrueAPI (Version: 1.3.0.116 - AuthenTec, Inc.) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3469 - AVG Technologies)
AVG 2013 (Version: 13.0.3469 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3722 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.18 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
f.lux (HKCU\...\Flux) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{00FF4EB6-6AAC-4E9D-A60A-8F388691BB27}) (Version: 5.3.0.194 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware versie 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.5.2 (HKLM-x32\...\Minecraft1.5.2) (Version:  - )
Mozilla Firefox 19.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 19.0 (x86 nl)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision controllerstuurprogramma 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.22 (Version: 1.2.22 - NVIDIA Corporation) Hidden
NVIDIA-configuratiescherm 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Naga (HKLM-x32\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.00.25 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.02 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
Tibia (HKLM-x32\...\Tibia_is1) (Version: 8.60 - CipSoft GmbH)
Tibiacast (HKLM-x32\...\{EDEF3C1F-3E12-421D-B65D-884EB525F352}) (Version: 3.1.02600 - Silver Squirrel Software HB)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VIP Access SDK (1.0.1.4)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version: 5.0.5.16048 - Blizzard Entertainment)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
17-05-2014 08:15:46 Removed puush
20-05-2014 15:54:36 Installed Tibiacast
 
==================== Hosts content: ==========================
 
2009-07-14 04:34 - 2014-02-16 21:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {37302B0F-4A44-4F10-AFB3-B77A1DCE8C6A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {416389BC-9439-48D6-9E85-DCC6C65FBAC0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core => C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
Task: {55AD58A5-D324-4CE9-AA00-2C43DB4B635D} - System32\Tasks\{50226896-ABED-4C5A-9018-4960634FD046} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115.396/en/abandoninstall?page=tsMain
Task: {58518AD5-AA7D-462A-8893-EFD9B40EF1F8} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-21] (CyberLink)
Task: {5C860DD6-F7C8-4C9C-87ED-09169D7B2D9B} - System32\Tasks\HPCeeScheduleForMARCO-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {5FFE0EF6-1335-459D-B64D-FFB6FEAE98A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {7BBE3041-802F-40E9-B7E1-D36336C92C48} - System32\Tasks\HPCeeScheduleFormarco => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {8D8635E8-F8EC-42DA-90F1-685E76E84F76} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {8DAC46E0-E4D0-4481-BEF3-22510BC8A374} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {96405235-53DB-4067-AC81-B2E6AA6495D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA => C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18] (Google Inc.)
Task: {B4BD2292-79B7-4298-88BF-24D5E0DD586A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B7B0FF79-549E-41EA-8318-EBB4C070CBB4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {E9F11066-8C80-4159-A9D4-40865B1F6765} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job => C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job => C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMARCO-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleFormarco.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-05-18 18:19 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-13 13:02 - 2013-11-30 16:34 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-05-23 21:59 - 2011-12-22 15:03 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2013-04-19 21:21 - 2014-05-23 10:06 - 05464568 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\LoLLauncher.exe
2013-07-10 15:40 - 2013-07-10 15:40 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\LolClient.exe
2014-05-27 08:02 - 2014-05-27 08:02 - 00041984 _____ () c:\users\marco\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7szbc.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\marco\AppData\Roaming\Dropbox\bin\libcef.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2013-09-04 16:15 - 2014-05-23 10:06 - 01531896 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.208\deploy\RiotLauncher.dll
2013-07-10 15:40 - 2013-07-10 15:40 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-05-22 13:25 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 09:28 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 13:25 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 22:32 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-12-10 19:17 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 13:25 - 2014-04-29 02:37 - 02198720 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 13:25 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-12-10 19:17 - 2014-05-21 19:39 - 01145536 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-12-10 19:17 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-12-10 19:17 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-12-10 19:17 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-12-10 19:17 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-23 14:53 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\marco\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: LinksysbyCisco Internet Gateway Device
Description: LinksysbyCisco Internet Gateway Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2014 11:29:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/27/2014 10:49:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/27/2014 08:02:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1' niet maken.
Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
 
Error: (05/26/2014 04:46:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/26/2014 04:30:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma chrome.exe, versie 35.0.1916.114 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.
 
Proces-id: 1f24
 
Starttijd: 01cf78e87a8641bb
 
Eindtijd: 3
 
Toepassingspad: C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
 
Rapport-id: 45596fea-e4e2-11e3-9348-e8393542fdfe
 
Error: (05/26/2014 03:32:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/26/2014 10:54:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Kan activeringscontext voor 'Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1' niet maken.
Kan afhankelijke assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" niet vinden.
Gebruik sxstrace.exe voor een gedetailleerde diagnose.
 
Error: (05/25/2014 09:33:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/25/2014 08:22:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/25/2014 04:26:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Explorer.EXE, versie: 6.1.7601.17567, tijdstempel: 0x4d672ee4
Naam van module met fout: DropboxExt64.22.dll, versie: 1.0.0.22, tijdstempel: 0x522fb12c
Uitzonderingscode: 0xc0000005
Foutoffset: 0x0000000000008e77
Id van proces met fout: 0xa5c
Starttijd van toepassing met fout: 0xExplorer.EXE0
Pad naar toepassing met fout: Explorer.EXE1
Pad naar module met fout: Explorer.EXE2
Rapport-id: Explorer.EXE3
 
 
System errors:
=============
Error: (05/27/2014 01:21:48 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/26/2014 00:35:09 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/25/2014 02:11:42 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/24/2014 01:58:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/23/2014 08:18:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/23/2014 08:32:16 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/23/2014 00:41:23 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureActions is niet geslaagd vanwege deze fout: 
%%5.
 
Error: (05/22/2014 08:22:14 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Het apparaat \Device\Ide\iaStor0 heeft niet binnen de tijd voor time-out gereageerd.
 
Error: (05/22/2014 01:25:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Steam Client Service-service kan vanwege de volgende fout niet worden gestart: 
%%1053
 
Error: (05/22/2014 01:25:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Steam Client Service.
 
 
Microsoft Office Sessions:
=========================
Error: (05/27/2014 11:29:10 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/27/2014 10:49:02 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/27/2014 08:02:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll
 
Error: (05/26/2014 04:46:19 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/26/2014 04:30:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe35.0.1916.1141f2401cf78e87a8641bb3C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe45596fea-e4e2-11e3-9348-e8393542fdfe
 
Error: (05/26/2014 03:32:57 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/26/2014 10:54:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll
 
Error: (05/25/2014 09:33:16 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/25/2014 08:22:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
 
Error: (05/25/2014 04:26:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DropboxExt64.22.dll1.0.0.22522fb12cc00000050000000000008e77a5c01cf77e314c56738C:\Windows\Explorer.EXEC:\Users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll92472747-e418-11e3-815a-e8393542fdfe
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-16 20:54:49.742
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
  Date: 2014-02-16 20:54:49.698
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 66%
Total physical RAM: 6124.82 MB
Available physical RAM: 2032.16 MB
Total Pagefile: 12247.81 MB
Available Pagefile: 7731.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:452.76 GB) (Free:211.52 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.9 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8B64912B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Hello Noxene and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Threat Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.
Link to post
Share on other sites
Noxene

Noxene

Posted
  • Author
Posted
Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 30-5-2014

Scan Time: 13:25:30

Logfile: 

Administrator: Yes

 

Version: 2.00.1.1004

Malware Database: 

Rootkit Database: 

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: marco

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 307245

Time Elapsed: 26 min, 3 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: 

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 2

PUP.Optional.Superfish.A, C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Delete-on-Reboot, [bbd2c097ef8cb383b94eade508faf60a], 

PUP.Optional.Superfish.A, C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Delete-on-Reboot, [612c98bf84f7c67030d7eda516ec48b8], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites
Noxene

Noxene

Posted
  • Author
Posted

Hello, I did another scan because the one I send before was from yesterday, this time it found another PUP called Betterdeals.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 31-5-2014
Scan Time: 19:30:59
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.05.31.08
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: marco
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311283
Time Elapsed: 59 min, 52 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.BetterDeals.A, C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Quarantined, [e113a6b1f883b08654f97f0fa35f37c9], 
PUP.Optional.BetterDeals.A, C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Quarantined, [8e665304423986b0d17cc3cb689ad52b], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
Link to post
Share on other sites
Noxene

Noxene

Posted
  • Author
Posted
JRT

 

 

 

Ran by marco on zo 01-06-2014 at 15:51:34,47

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on zo 01-06-2014 at 15:55:04,79

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites
Noxene

Noxene

Posted
  • Author
Posted
# AdwCleaner v3.211 - Rapport aangemaakt 01/06/2014 op 15:56:25

# Laatste Update 26/05/2014 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruikersnaam : marco - MARCO-HP

# Gestart vanuit : C:\Users\marco\Downloads\AdwCleaner.exe

# Optie : Verwijderen

 

***** [ Services ] *****

 

 

***** [ Bestanden / Mappen ] *****

 

 

***** [ Snelkoppelingen ] *****

 

 

***** [ Register ] *****

 

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17041

 

 

-\\ Mozilla Firefox v

 

[ Bestand : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

 

 

-\\ Google Chrome v

 

[ Bestand : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R4].txt - [1433 octets] - [01/06/2014 15:56:07]

AdwCleaner[s4].txt - [1359 octets] - [01/06/2014 15:56:25]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1419 octets] ##########
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Glad I could help! :)

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2

Please uninstall ESET Online Scanner .

Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.