brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Helaas, heeft het uninstallen van razer software niets gehlopen. Heeft u nog meer suggesties?
-
Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
Reageren op andermans discussie is daarom uitgeschakeld. -
De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.
Problemen met mijn PC
- Onderwerp starter brentman123
- Startdatum
- Status
A
Abraham54
Gast
Doe het volgende:
System File Checker
Ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.
In het zwarte venster typ je nu sfc /scannow gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie je vervolgens de voortgang van de scan.
SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zo nodig volgt reparatie.
Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.
Is de scan klaar en hoeft er niet gerebooted te worden, typ je Exit gevolgd door indrukken van de Entertoets.
Laat wel weten wat de melding in het zwarte venster na de scan was.
System File Checker
Ga naar Start en typ in de zoekregel cmd - bovenaan in het startmenu zie je nu de betreffende snelkoppeling.
Klik deze snelkoppeling met rechts aan en kies voor Als administrator uitvoeren.
In het zwarte venster typ je nu sfc /scannow gevolgd door indrukken van de Entertoets.
Denk wel aan de spatie na 'sfc'.
In het zwarte venster zie je vervolgens de voortgang van de scan.
SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zo nodig volgt reparatie.
Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.
Is de scan klaar en hoeft er niet gerebooted te worden, typ je Exit gevolgd door indrukken van de Entertoets.
Laat wel weten wat de melding in het zwarte venster na de scan was.
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
"Er zijn geen schendingen van de integriteit gevonden"
Dat staat er nadat de verificatie 100% is voltooid.
Dat staat er nadat de verificatie 100% is voltooid.
A
Abraham54
Gast
Dat is dan mooi.
Ik wil graag dat jij nu een Schijfcontrole gaat doen.
Klik daarvoor Computer open en vraag vervolgens de Eigenschappen van --> "C" op.
Klik nu op de tab Extra
Klik vervolgens op de knop Nu controleren in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".
In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.
Doe dat dan ook.
Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.
Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
Ik wil graag dat jij nu een Schijfcontrole gaat doen.
Klik daarvoor Computer open en vraag vervolgens de Eigenschappen van --> "C" op.
Klik nu op de tab Extra
Klik vervolgens op de knop Nu controleren in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".
In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.
Doe dat dan ook.
Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.
Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Dat heeft gedeeltelijk gewerkt 
Nog niet goed genoeg helaas. Heb nu rond de 50 FPS op Battlefield 4 met drops naar 20 FPS, wat ik normaal nooit had (op low settings). Tevens staat er nog steeds bij speccy dat mijn CPU 100 graden is.
Nog niet goed genoeg helaas. Heb nu rond de 50 FPS op Battlefield 4 met drops naar 20 FPS, wat ik normaal nooit had (op low settings). Tevens staat er nog steeds bij speccy dat mijn CPU 100 graden is.
A
Abraham54
Gast
Vreemd.
Download
OTL.exe
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters!
OTL.exe gebruiken:
Notabene: indien het log niet in n bericht past, spreidt het dan over twee of meer berichten.
Download
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters!
OTL.exe gebruiken:
- Windows 2000 en Windows XP: dubbelklik op OTL.exe.
- Windows Vista, Windows 7 en Windows 8: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".
- Zet een vinkje bij Scan All Users, LOP Check en bij PURITY Check.
- Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder
Code:services.* explorer.exe winlogon.exe Userinit.exe svchost.exe netsvcs BASESERVICES DRIVES msconfig %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\system32\*.exe /lockedfiles %PROGRAMFILES%\* hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs CREATERESTOREPOINT - Klik vervolgens op de knop .
- Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
- De scan zal niet heel erg lang duren.
- Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
- Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.
Notabene: indien het log niet in n bericht past, spreidt het dan over twee of meer berichten.
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
OTL logfile created on: 1-8-2014 10:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-08-01 10:54:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
PRC - [2014-07-27 13:15:26 | 001,178,168 | ---- | M] (Spotify Ltd) -- C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014-07-26 12:53:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-07-25 16:02:45 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-07-25 16:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-07-25 13:56:31 | 001,815,920 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\OriginClientService.exe
PRC - [2014-07-25 13:56:30 | 003,595,608 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2014-07-09 15:57:54 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014-07-02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014-06-23 11:41:22 | 000,585,560 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014-06-01 14:15:31 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2012-10-23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012-02-26 21:01:56 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2009-11-26 19:35:02 | 001,642,496 | ---- | M] (Sitecom Europe BV) -- C:\Program Files (x86)\Sitecom\Common\RaUI.exe
PRC - [2009-10-20 13:13:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
========== Modules (No Company Name) ==========
MOD - [2014-07-25 13:56:42 | 001,041,408 | ---- | M] () -- C:\Program Files (x86)\Origin\twitchsdk_32_release.dll
MOD - [2014-07-25 13:56:41 | 000,113,171 | ---- | M] () -- C:\Program Files (x86)\Origin\swresample-ttv-0.dll
MOD - [2014-07-25 13:56:30 | 000,394,810 | ---- | M] () -- C:\Program Files (x86)\Origin\libmp3lame-ttv.dll
MOD - [2014-07-25 13:56:30 | 000,246,332 | ---- | M] () -- C:\Program Files (x86)\Origin\avutil-ttv-51.dll
MOD - [2014-07-25 13:56:29 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
MOD - [2014-07-25 13:56:29 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
MOD - [2014-07-25 13:56:29 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
MOD - [2014-07-25 13:56:29 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
MOD - [2014-07-25 13:56:29 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
MOD - [2014-07-25 13:56:29 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
MOD - [2014-07-25 13:56:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
MOD - [2014-07-25 13:56:29 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
MOD - [2014-06-05 13:51:04 | 000,107,520 | R--- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2014-06-02 18:19:48 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014-06-02 18:19:48 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014-06-02 18:19:13 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014-06-02 18:19:09 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014-06-02 15:42:54 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014-06-02 15:42:51 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014-06-02 15:42:50 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014-06-02 15:42:50 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014-06-02 15:42:46 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014-06-02 15:42:45 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014-06-02 15:42:44 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014-06-02 15:42:44 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014-06-02 15:42:43 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014-06-02 15:42:43 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014-06-02 15:42:42 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014-06-02 15:42:41 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014-06-02 15:42:41 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014-06-02 15:42:40 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014-06-02 15:42:39 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014-06-02 15:42:35 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014-06-01 14:15:32 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-11-09 12:35:18 | 000,913,408 | ---- | M] () -- C:\Program Files (x86)\Sitecom\Common\RaWLAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014-07-26 12:57:03 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2014-07-25 16:02:38 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014-06-19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-06-01 14:15:31 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-08-01 10:42:37 | 000,215,416 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014-07-31 14:37:14 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-07-26 12:53:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-07-25 16:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-07-16 13:26:13 | 000,345,984 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2014-07-16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-07-02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-10-20 13:13:44 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009-10-20 13:13:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014-08-01 10:37:16 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-07-25 16:02:38 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014-06-09 11:49:00 | 000,032,768 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys -- (RZMAELSTROMVADService)
DRV:64bit: - [2014-06-05 13:52:55 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014-06-01 14:17:09 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014-06-01 14:17:09 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014-06-01 14:17:09 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014-06-01 14:15:35 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-06-01 14:15:35 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-06-01 14:15:35 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-06-01 14:15:35 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-06-01 14:15:35 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014-05-20 04:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014-05-19 08:47:30 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014-05-19 08:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014-04-18 17:02:50 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:64bit: - [2014-04-18 17:02:50 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-26 21:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-02-26 21:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-02-26 21:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-02-03 15:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-09 17:45:12 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bulkrazer_x64.sys -- (bulkadi)
DRV:64bit: - [2010-12-28 19:55:30 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-07-30 14:18:35 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 16 E0 79 92 7D CF 01 [binary data]
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brent\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.nl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR - plugin: Error reading preferences file
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000..\Run: [Spotify Web Helper] C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02ECD6BE-B051-46F5-ADD6-A64A7A246A0D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A0531EC-8221-4006-9715-CD18B8DC19D0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Spotify - hkey= - key= - C:\Users\Brent\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014-08-01 10:54:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
[2014-08-01 02:38:08 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-08-01 02:38:08 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-08-01 02:38:08 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-08-01 02:37:49 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-08-01 02:37:49 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014-08-01 02:37:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-08-01 02:37:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014-07-31 22:10:27 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Adobe
[2014-07-31 00:57:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-07-30 21:11:35 | 005,221,938 | R--- | C] (Swearware) -- C:\Users\Brent\Desktop\ComboFix.exe
[2014-07-30 15:54:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014-07-30 15:54:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014-07-30 15:54:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014-07-30 15:48:16 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014-07-30 14:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2014-07-30 14:23:36 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Innovative Solutions
[2014-07-30 14:18:35 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2014-07-30 14:18:35 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\eSupport.com
[2014-07-30 13:54:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014-07-30 13:54:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014-07-30 12:53:22 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-30 12:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-07-30 12:51:56 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-30 12:51:56 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014-07-30 12:51:56 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014-07-30 12:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-07-30 12:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-07-30 11:22:34 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014-07-30 11:22:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014-07-30 11:22:33 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-07-30 11:22:33 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-07-30 01:46:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2014-07-29 23:40:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2014-07-29 23:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014-07-29 23:24:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014-07-29 23:24:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2014-07-29 23:24:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014-07-29 23:24:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014-07-29 23:24:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014-07-29 23:24:43 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014-07-29 23:24:43 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014-07-29 23:24:43 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014-07-29 23:24:43 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014-07-29 23:24:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014-07-29 23:24:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014-07-29 23:24:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014-07-29 23:24:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014-07-29 23:24:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014-07-29 23:24:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014-07-29 23:24:42 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014-07-29 23:24:42 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014-07-29 23:24:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014-07-29 23:24:12 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014-07-29 23:24:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014-07-29 23:24:10 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014-07-29 23:24:10 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014-07-29 23:22:29 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014-07-29 23:22:29 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014-07-29 23:22:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014-07-29 23:22:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014-07-29 16:21:07 | 000,609,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-07-29 16:18:38 | 031,512,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-07-29 16:18:38 | 024,196,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-07-29 16:18:38 | 013,922,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-07-29 16:18:38 | 011,283,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-07-29 16:18:38 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-07-29 16:18:38 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-07-29 16:18:38 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-07-29 16:18:38 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-07-29 16:18:38 | 000,846,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014-07-29 16:18:38 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014-07-29 16:18:38 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014-07-29 16:18:38 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014-07-29 16:18:38 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014-07-29 16:18:37 | 022,994,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-07-29 16:18:37 | 017,555,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-07-29 16:18:37 | 015,294,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-07-29 16:18:37 | 013,835,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-07-29 16:18:37 | 011,222,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-07-29 16:18:37 | 004,247,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-07-29 16:18:37 | 003,989,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-07-29 16:18:37 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014-07-29 16:18:37 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014-07-28 22:54:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\RenPy
[2014-07-28 22:42:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014-07-26 15:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RzMaelstromVAD_1.1.58.1854
[2014-07-26 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\Battlefield 4 CTE
[2014-07-26 12:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 CTE
[2014-07-25 22:56:16 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\EA Games
[2014-07-25 22:56:00 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\EA Games
[2014-07-25 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 3
[2014-07-23 23:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014-07-23 23:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014-07-23 23:25:57 | 000,000,000 | ---D | C] -- C:\Users\Brent\Desktop\Server Admin Icons
[2014-07-23 21:02:53 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\Streamtip
[2014-07-23 21:02:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Apple Computer
[2014-07-23 21:02:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Apple Computer
[2014-07-23 21:02:48 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\TideSDK
[2014-07-23 21:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamtip Alerter
[2014-07-23 21:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Streamtip Alerter
[2014-07-22 01:52:06 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014-07-22 01:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014-07-22 01:52:04 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Notepad++
[2014-07-22 01:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014-07-22 01:49:55 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\TeamViewer
[2014-07-22 01:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014-07-21 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\FIFA World
[2014-07-21 17:04:18 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\HeroesAndGeneralsDesktop
[2014-07-21 01:16:43 | 000,000,000 | -HSD | C] -- C:\Users\Brent\AppData\Local\EmieUserList
[2014-07-21 01:16:43 | 000,000,000 | -HSD | C] -- C:\Users\Brent\AppData\Local\EmieSiteList
[2014-07-19 15:25:27 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\BIS Core Engine Other Profiles
[2014-07-19 15:25:15 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\BIS Core Engine
[2014-07-14 13:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
[2014-07-14 01:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014-07-14 01:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014-07-14 00:06:05 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014-07-14 00:06:05 | 001,291,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014-07-12 00:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2014-07-12 00:55:19 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\My Games
[2014-07-11 00:15:40 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\CrashRpt
[2014-07-09 21:08:26 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-07-09 21:08:26 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-07-09 21:08:20 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014-07-09 21:08:20 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014-07-09 21:08:19 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014-07-09 21:08:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014-07-09 21:08:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014-07-09 21:08:11 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-07-09 21:08:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-07-09 21:08:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-07-09 21:08:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-07-09 21:08:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-07-09 21:08:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-07-09 21:08:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-07-09 21:08:11 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-07-09 21:08:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-07-09 21:08:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-07-09 21:08:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-07-09 21:08:09 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-07-09 21:08:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-07-09 21:08:09 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-07-09 21:08:09 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-07-09 21:08:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-07-09 21:08:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-07-09 21:08:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-07-09 21:08:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-07-09 21:08:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-07-09 21:08:08 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-07-09 21:08:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-07-09 21:08:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-07-09 21:08:07 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-07-09 21:08:07 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-07-09 21:08:07 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-07-09 21:08:07 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-07-09 21:08:07 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-07-09 21:08:07 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-07-09 21:08:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-07-09 21:08:06 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-07-09 21:08:06 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-07-09 21:08:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-07-09 21:08:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-07-09 21:08:06 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-07-09 21:07:57 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
========== Files - Modified Within 30 Days ==========
[2014-08-01 11:01:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-08-01 11:00:48 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-08-01 11:00:48 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-08-01 10:54:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
[2014-08-01 10:43:52 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-08-01 10:42:37 | 000,215,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-08-01 10:42:30 | 000,214,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-08-01 10:37:16 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-08-01 10:37:16 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-08-01 10:36:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-08-01 02:18:47 | 001,670,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-08-01 02:18:47 | 000,745,726 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2014-08-01 02:18:47 | 000,654,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-08-01 02:18:47 | 000,153,678 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2014-08-01 02:18:47 | 000,122,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-08-01 02:11:23 | 2111,283,199 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-31 22:42:29 | 000,058,475 | ---- | M] () -- C:\Users\Brent\Desktop\11009752.pdf
[2014-07-31 14:37:14 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-07-31 14:37:14 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-07-31 11:27:10 | 005,059,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-07-30 21:11:45 | 005,221,938 | R--- | M] (Swearware) -- C:\Users\Brent\Desktop\ComboFix.exe
[2014-07-30 14:18:35 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2014-07-30 12:52:34 | 000,007,605 | ---- | M] () -- C:\Users\Brent\AppData\Local\Resmon.ResmonCfg
[2014-07-30 12:52:00 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-30 12:27:06 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014-07-29 23:07:05 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-07-29 16:23:15 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-28 19:47:51 | 000,130,693 | ---- | M] () -- C:\Users\Brent\Documents\Naamloos.wma
[2014-07-26 12:57:03 | 000,076,152 | ---- | M] () -- C:\Windows\SysNative\PnkBstrA.exe
[2014-07-26 12:53:33 | 000,001,239 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
[2014-07-26 12:53:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-07-25 16:01:55 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014-07-25 16:01:55 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-07-25 16:01:32 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014-07-25 16:01:32 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-07-25 15:37:15 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2014-07-25 12:32:22 | 000,000,132 | ---- | M] () -- C:\Users\Brent\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014-07-23 21:02:34 | 000,002,549 | ---- | M] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2014-07-22 01:52:06 | 000,001,071 | ---- | M] () -- C:\Users\Brent\Desktop\Notepad++.lnk
[2014-07-22 01:49:52 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-07-20 17:26:53 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-14 13:34:11 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2014-07-14 01:46:34 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-09 16:06:39 | 004,978,786 | ---- | M] () -- C:\Users\Brent\Desktop\launcher^FTB_Launcher.exe
[2014-07-02 22:48:32 | 031,512,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-07-02 22:48:32 | 024,196,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-07-02 22:48:32 | 022,994,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-07-02 22:48:32 | 018,626,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-07-02 22:48:32 | 017,555,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-07-02 22:48:32 | 016,122,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-07-02 22:48:32 | 015,294,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-07-02 22:48:32 | 014,498,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-07-02 22:48:32 | 013,922,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-07-02 22:48:32 | 013,835,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-07-02 22:48:32 | 011,283,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-07-02 22:48:32 | 011,222,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-07-02 22:48:32 | 004,247,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-07-02 22:48:32 | 003,989,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-07-02 22:48:32 | 003,196,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-07-02 22:48:32 | 002,814,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-07-02 22:48:32 | 001,890,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014-07-02 22:48:32 | 001,539,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014-07-02 22:48:32 | 000,965,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014-07-02 22:48:32 | 000,944,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-07-02 22:48:32 | 000,907,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-07-02 22:48:32 | 000,903,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-07-02 22:48:32 | 000,869,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-07-02 22:48:32 | 000,846,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014-07-02 22:48:32 | 000,354,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014-07-02 22:48:32 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014-07-02 22:48:32 | 000,166,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014-07-02 22:48:32 | 000,146,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014-07-02 22:48:32 | 000,075,040 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014-07-02 22:48:32 | 000,061,912 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014-07-02 22:48:32 | 000,026,353 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014-07-02 20:55:43 | 006,783,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-07-02 20:55:43 | 003,522,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-07-02 20:55:41 | 000,386,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-07-02 20:55:41 | 000,062,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-07-02 19:44:45 | 000,609,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-07-02 12:14:12 | 003,826,628 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
========== Files Created - No Company Name ==========
[2014-07-31 22:42:19 | 000,058,475 | ---- | C] () -- C:\Users\Brent\Desktop\11009752.pdf
[2014-07-30 15:54:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014-07-30 15:54:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014-07-30 15:54:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014-07-30 15:54:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014-07-30 15:54:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014-07-30 12:52:34 | 000,007,605 | ---- | C] () -- C:\Users\Brent\AppData\Local\Resmon.ResmonCfg
[2014-07-30 12:52:00 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-29 12:06:03 | 000,098,304 | ---- | C] () -- C:\Windows\SysNative\cpbo.exe
[2014-07-28 19:47:51 | 000,130,693 | ---- | C] () -- C:\Users\Brent\Documents\Naamloos.wma
[2014-07-26 12:53:33 | 000,001,239 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
[2014-07-25 15:37:15 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2014-07-24 00:39:33 | 000,000,132 | ---- | C] () -- C:\Users\Brent\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014-07-23 23:42:13 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2014-07-23 23:41:18 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2014-07-23 23:40:18 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2014-07-23 23:39:46 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2014-07-23 23:37:27 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2014-07-23 23:37:24 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2014-07-23 21:02:34 | 000,002,549 | ---- | C] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2014-07-22 01:52:06 | 000,001,071 | ---- | C] () -- C:\Users\Brent\Desktop\Notepad++.lnk
[2014-07-22 01:49:52 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014-07-22 01:49:52 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-07-14 13:34:11 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2014-07-14 01:46:34 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-12 14:50:45 | 000,076,152 | ---- | C] () -- C:\Windows\SysNative\PnkBstrA.exe
[2014-06-11 14:54:18 | 000,000,600 | ---- | C] () -- C:\Users\Brent\AppData\Local\PUTTY.RND
[2014-06-06 16:47:55 | 000,215,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-06-06 16:47:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-06-06 16:47:54 | 003,894,632 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2014-06-06 14:30:15 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2014-06-06 14:30:14 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2014-06-06 14:30:14 | 000,001,990 | ---- | C] () -- C:\Windows\unins000.dat
[2014-06-01 16:01:22 | 000,041,990 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2014-06-01 15:51:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014-06-01 15:51:41 | 000,031,650 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2014-06-01 14:21:29 | 001,644,528 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-06-01 13:59:58 | 000,014,051 | R--- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
========== ZeroAccess Check ==========
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014-07-31 13:10:14 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\.minecraft
[2014-06-02 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\.technic
[2014-06-01 14:17:41 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\AVAST Software
[2014-06-08 14:30:07 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\DAEMON Tools Pro
[2014-06-01 14:30:35 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Dropbox
[2014-06-01 14:30:34 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\DropboxMaster
[2014-07-29 23:08:39 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\FileZilla
[2014-07-09 16:06:56 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\ftblauncher
[2014-07-21 17:04:19 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\HeroesAndGeneralsDesktop
[2014-07-22 21:33:20 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Notepad++
[2014-06-24 00:07:56 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\OBS
[2014-06-02 22:17:20 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Origin
[2014-07-28 22:54:50 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\RenPy
[2014-06-01 23:50:11 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\SIX Networks
[2014-07-31 13:31:42 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Spotify
[2014-07-22 03:19:46 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TeamViewer
[2014-07-23 21:02:50 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TideSDK
[2014-08-01 11:06:22 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TS3Client
[2014-07-29 23:08:40 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\uTorrent
[2014-06-12 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\WorldPainter
========== Purity Check ==========
========== Custom Scans ==========
< services.* >
[2009-07-14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 07:08:49 | 000,023,964 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014-06-01 14:11:17 | 000,001,050 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014-06-01 14:11:18 | 000,001,054 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014-06-10 10:27:47 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< explorer.exe >
< winlogon.exe >
< Userinit.exe >
< svchost.exe >
========== Base Services ==========
SRV:64bit: - [2009-07-14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013-02-27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009-07-14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010-11-21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009-07-14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012-07-05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013-07-09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013-07-09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010-11-21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010-11-21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011-03-03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009-07-14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009-07-14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009-07-14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010-11-21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009-07-14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009-07-14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009-07-14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009-07-14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012-10-03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009-07-14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011-05-24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012-02-11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009-07-14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010-11-21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010-11-21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009-07-14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010-11-21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010-11-21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010-11-21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010-11-21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010-11-21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010-11-21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012-05-01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010-11-21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010-11-21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010-11-21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010-11-21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010-11-21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010-11-21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010-11-21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009-07-14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014-05-14 18:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010-11-21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009-07-14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010-11-21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST31000524AS ATA Device
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: WD My Book 1140 USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931,00GB
Starting Offset: 105906176
Hidden sectors: 0
DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931,00GB
Starting Offset: 1048576
Hidden sectors: 0
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %PROGRAMFILES%\* >
[2009-07-14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014-06-20 22:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2014-06-20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014-06-20 22:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2014-06-20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation)
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014-08-01 10:54:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
PRC - [2014-07-27 13:15:26 | 001,178,168 | ---- | M] (Spotify Ltd) -- C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014-07-26 12:53:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014-07-25 16:02:45 | 002,403,104 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014-07-25 16:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014-07-25 13:56:31 | 001,815,920 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\OriginClientService.exe
PRC - [2014-07-25 13:56:30 | 003,595,608 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
PRC - [2014-07-09 15:57:54 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014-07-02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014-06-23 11:41:22 | 000,585,560 | ---- | M] (Razer Inc.) -- C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
PRC - [2014-06-01 14:15:31 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014-05-12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2012-10-23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2012-02-26 21:01:56 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2009-11-26 19:35:02 | 001,642,496 | ---- | M] (Sitecom Europe BV) -- C:\Program Files (x86)\Sitecom\Common\RaUI.exe
PRC - [2009-10-20 13:13:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe
========== Modules (No Company Name) ==========
MOD - [2014-07-25 13:56:42 | 001,041,408 | ---- | M] () -- C:\Program Files (x86)\Origin\twitchsdk_32_release.dll
MOD - [2014-07-25 13:56:41 | 000,113,171 | ---- | M] () -- C:\Program Files (x86)\Origin\swresample-ttv-0.dll
MOD - [2014-07-25 13:56:30 | 000,394,810 | ---- | M] () -- C:\Program Files (x86)\Origin\libmp3lame-ttv.dll
MOD - [2014-07-25 13:56:30 | 000,246,332 | ---- | M] () -- C:\Program Files (x86)\Origin\avutil-ttv-51.dll
MOD - [2014-07-25 13:56:29 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll
MOD - [2014-07-25 13:56:29 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll
MOD - [2014-07-25 13:56:29 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll
MOD - [2014-07-25 13:56:29 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
MOD - [2014-07-25 13:56:29 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll
MOD - [2014-07-25 13:56:29 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll
MOD - [2014-07-25 13:56:29 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll
MOD - [2014-07-25 13:56:29 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
MOD - [2014-06-05 13:51:04 | 000,107,520 | R--- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\BRD.dll
MOD - [2014-06-02 18:19:48 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll
MOD - [2014-06-02 18:19:48 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\0d3cb1df8b6af32cebdc6e2cc4948c69\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014-06-02 18:19:13 | 000,399,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
MOD - [2014-06-02 18:19:09 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014-06-02 15:42:54 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014-06-02 15:42:51 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014-06-02 15:42:50 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014-06-02 15:42:50 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014-06-02 15:42:46 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014-06-02 15:42:45 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014-06-02 15:42:44 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
MOD - [2014-06-02 15:42:44 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
MOD - [2014-06-02 15:42:43 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014-06-02 15:42:43 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
MOD - [2014-06-02 15:42:42 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014-06-02 15:42:41 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014-06-02 15:42:41 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014-06-02 15:42:40 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014-06-02 15:42:39 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014-06-02 15:42:35 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014-06-01 14:15:32 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010-01-21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010-01-09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009-11-09 12:35:18 | 000,913,408 | ---- | M] () -- C:\Program Files (x86)\Sitecom\Common\RaWLAPI.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014-07-26 12:57:03 | 000,076,152 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2014-07-25 16:02:38 | 018,956,064 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014-06-19 02:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014-06-01 14:15:31 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014-08-01 10:42:37 | 000,215,416 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2014-07-31 14:37:14 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014-07-26 12:53:01 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014-07-25 16:02:40 | 001,720,608 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014-07-16 13:26:13 | 000,345,984 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2014-07-16 04:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014-07-02 19:44:41 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014-07-02 11:45:03 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014-05-12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014-05-12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014-04-03 20:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013-09-11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-10-20 13:13:44 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Sitecom\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009-10-20 13:13:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Sitecom\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014-08-01 10:37:16 | 000,122,584 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014-07-25 16:02:38 | 000,020,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014-06-09 11:49:00 | 000,032,768 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RzMaelstromVAD.sys -- (RZMAELSTROMVADService)
DRV:64bit: - [2014-06-05 13:52:55 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014-06-01 14:17:09 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014-06-01 14:17:09 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014-06-01 14:17:09 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014-06-01 14:15:35 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014-06-01 14:15:35 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014-06-01 14:15:35 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014-06-01 14:15:35 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014-06-01 14:15:35 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014-05-20 04:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014-05-19 08:47:30 | 000,039,080 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:64bit: - [2014-05-19 08:47:28 | 000,155,816 | ---- | M] (Razer Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:64bit: - [2014-05-12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014-05-12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014-04-18 17:02:50 | 000,129,472 | ---- | M] (Razer, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RzDxgk.sys -- (RzDxgk)
DRV:64bit: - [2014-04-18 17:02:50 | 000,074,432 | ---- | M] (Razer, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RzFilter.sys -- (RzFilter)
DRV:64bit: - [2014-03-31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013-10-02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-08-23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012-07-17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-26 21:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012-02-26 21:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012-02-26 21:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012-02-03 15:01:20 | 000,677,480 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-09 17:45:12 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bulkrazer_x64.sys -- (bulkadi)
DRV:64bit: - [2010-12-28 19:55:30 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014-07-30 14:18:35 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 03 16 E0 79 92 7D CF 01 [binary data]
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Brent\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: https://www.google.nl/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR - plugin: Error reading preferences file
O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000..\Run: [Dxtory Update Checker 2.0] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe (Dxtory Software)
O4 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000..\Run: [Spotify Web Helper] C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02ECD6BE-B051-46F5-ADD6-A64A7A246A0D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A0531EC-8221-4006-9715-CD18B8DC19D0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: Spotify - hkey= - key= - C:\Users\Brent\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\Brent\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014-08-01 10:54:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
[2014-08-01 02:38:08 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014-08-01 02:38:08 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014-08-01 02:38:08 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014-08-01 02:37:49 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014-08-01 02:37:49 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014-08-01 02:37:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014-08-01 02:37:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014-07-31 22:10:27 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Adobe
[2014-07-31 00:57:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014-07-30 21:11:35 | 005,221,938 | R--- | C] (Swearware) -- C:\Users\Brent\Desktop\ComboFix.exe
[2014-07-30 15:54:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014-07-30 15:54:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014-07-30 15:54:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014-07-30 15:48:16 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014-07-30 14:33:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2014-07-30 14:23:36 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Innovative Solutions
[2014-07-30 14:18:35 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2014-07-30 14:18:35 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\eSupport.com
[2014-07-30 13:54:32 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014-07-30 13:54:31 | 000,000,000 | ---D | C] -- C:\rsit
[2014-07-30 12:53:22 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-07-30 12:52:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014-07-30 12:51:56 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014-07-30 12:51:56 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014-07-30 12:51:56 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014-07-30 12:51:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014-07-30 12:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014-07-30 11:22:34 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014-07-30 11:22:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014-07-30 11:22:33 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014-07-30 11:22:33 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014-07-30 01:46:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2014-07-29 23:40:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2014-07-29 23:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014-07-29 23:24:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014-07-29 23:24:47 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2014-07-29 23:24:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014-07-29 23:24:44 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014-07-29 23:24:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014-07-29 23:24:43 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014-07-29 23:24:43 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014-07-29 23:24:43 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014-07-29 23:24:43 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014-07-29 23:24:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014-07-29 23:24:43 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014-07-29 23:24:43 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014-07-29 23:24:43 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014-07-29 23:24:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014-07-29 23:24:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014-07-29 23:24:42 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014-07-29 23:24:42 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014-07-29 23:24:12 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014-07-29 23:24:12 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014-07-29 23:24:11 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014-07-29 23:24:10 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014-07-29 23:24:10 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014-07-29 23:22:29 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014-07-29 23:22:29 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014-07-29 23:22:25 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014-07-29 23:22:25 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014-07-29 16:21:07 | 000,609,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-07-29 16:18:38 | 031,512,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-07-29 16:18:38 | 024,196,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-07-29 16:18:38 | 013,922,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-07-29 16:18:38 | 011,283,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-07-29 16:18:38 | 000,944,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-07-29 16:18:38 | 000,907,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-07-29 16:18:38 | 000,903,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-07-29 16:18:38 | 000,869,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-07-29 16:18:38 | 000,846,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014-07-29 16:18:38 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014-07-29 16:18:38 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014-07-29 16:18:38 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014-07-29 16:18:38 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014-07-29 16:18:37 | 022,994,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-07-29 16:18:37 | 017,555,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-07-29 16:18:37 | 015,294,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-07-29 16:18:37 | 013,835,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-07-29 16:18:37 | 011,222,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-07-29 16:18:37 | 004,247,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-07-29 16:18:37 | 003,989,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-07-29 16:18:37 | 001,890,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014-07-29 16:18:37 | 001,539,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014-07-28 22:54:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\RenPy
[2014-07-28 22:42:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2014-07-26 15:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\RzMaelstromVAD_1.1.58.1854
[2014-07-26 12:55:26 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\Battlefield 4 CTE
[2014-07-26 12:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 CTE
[2014-07-25 22:56:16 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\EA Games
[2014-07-25 22:56:00 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\EA Games
[2014-07-25 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space 3
[2014-07-23 23:40:14 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014-07-23 23:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014-07-23 23:25:57 | 000,000,000 | ---D | C] -- C:\Users\Brent\Desktop\Server Admin Icons
[2014-07-23 21:02:53 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\Streamtip
[2014-07-23 21:02:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Apple Computer
[2014-07-23 21:02:50 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\Apple Computer
[2014-07-23 21:02:48 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\TideSDK
[2014-07-23 21:02:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamtip Alerter
[2014-07-23 21:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Streamtip Alerter
[2014-07-22 01:52:06 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014-07-22 01:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014-07-22 01:52:04 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\Notepad++
[2014-07-22 01:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014-07-22 01:49:55 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\TeamViewer
[2014-07-22 01:49:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014-07-21 19:06:28 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\FIFA World
[2014-07-21 17:04:18 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Roaming\HeroesAndGeneralsDesktop
[2014-07-21 01:16:43 | 000,000,000 | -HSD | C] -- C:\Users\Brent\AppData\Local\EmieUserList
[2014-07-21 01:16:43 | 000,000,000 | -HSD | C] -- C:\Users\Brent\AppData\Local\EmieSiteList
[2014-07-19 15:25:27 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\BIS Core Engine Other Profiles
[2014-07-19 15:25:15 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\BIS Core Engine
[2014-07-14 13:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
[2014-07-14 01:46:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2014-07-14 01:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2014-07-14 00:06:05 | 001,715,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014-07-14 00:06:05 | 001,291,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014-07-12 00:56:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls
[2014-07-12 00:55:19 | 000,000,000 | ---D | C] -- C:\Users\Brent\Documents\My Games
[2014-07-11 00:15:40 | 000,000,000 | ---D | C] -- C:\Users\Brent\AppData\Local\CrashRpt
[2014-07-09 21:08:26 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014-07-09 21:08:26 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014-07-09 21:08:20 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014-07-09 21:08:20 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014-07-09 21:08:19 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014-07-09 21:08:19 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014-07-09 21:08:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014-07-09 21:08:11 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014-07-09 21:08:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014-07-09 21:08:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014-07-09 21:08:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014-07-09 21:08:11 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014-07-09 21:08:11 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014-07-09 21:08:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014-07-09 21:08:11 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014-07-09 21:08:10 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014-07-09 21:08:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014-07-09 21:08:09 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014-07-09 21:08:09 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014-07-09 21:08:09 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014-07-09 21:08:09 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014-07-09 21:08:09 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014-07-09 21:08:09 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014-07-09 21:08:09 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014-07-09 21:08:09 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014-07-09 21:08:08 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014-07-09 21:08:08 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014-07-09 21:08:08 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014-07-09 21:08:08 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014-07-09 21:08:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014-07-09 21:08:07 | 005,721,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014-07-09 21:08:07 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014-07-09 21:08:07 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014-07-09 21:08:07 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014-07-09 21:08:07 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014-07-09 21:08:07 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014-07-09 21:08:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014-07-09 21:08:06 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014-07-09 21:08:06 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014-07-09 21:08:06 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014-07-09 21:08:06 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014-07-09 21:08:06 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014-07-09 21:07:57 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
========== Files - Modified Within 30 Days ==========
[2014-08-01 11:01:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014-08-01 11:00:48 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014-08-01 11:00:48 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014-08-01 10:54:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brent\Desktop\OTL.exe
[2014-08-01 10:43:52 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014-08-01 10:42:37 | 000,215,416 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-08-01 10:42:30 | 000,214,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014-08-01 10:37:16 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014-08-01 10:37:16 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014-08-01 10:36:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014-08-01 02:18:47 | 001,670,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014-08-01 02:18:47 | 000,745,726 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2014-08-01 02:18:47 | 000,654,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014-08-01 02:18:47 | 000,153,678 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2014-08-01 02:18:47 | 000,122,104 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014-08-01 02:11:23 | 2111,283,199 | -HS- | M] () -- C:\hiberfil.sys
[2014-07-31 22:42:29 | 000,058,475 | ---- | M] () -- C:\Users\Brent\Desktop\11009752.pdf
[2014-07-31 14:37:14 | 000,699,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014-07-31 14:37:14 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014-07-31 11:27:10 | 005,059,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014-07-30 21:11:45 | 005,221,938 | R--- | M] (Swearware) -- C:\Users\Brent\Desktop\ComboFix.exe
[2014-07-30 14:18:35 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
[2014-07-30 12:52:34 | 000,007,605 | ---- | M] () -- C:\Users\Brent\AppData\Local\Resmon.ResmonCfg
[2014-07-30 12:52:00 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-30 12:27:06 | 000,280,792 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2014-07-29 23:07:05 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014-07-29 16:23:15 | 000,001,347 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2014-07-28 19:47:51 | 000,130,693 | ---- | M] () -- C:\Users\Brent\Documents\Naamloos.wma
[2014-07-26 12:57:03 | 000,076,152 | ---- | M] () -- C:\Windows\SysNative\PnkBstrA.exe
[2014-07-26 12:53:33 | 000,001,239 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
[2014-07-26 12:53:01 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-07-25 16:01:55 | 001,291,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2014-07-25 16:01:55 | 001,126,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014-07-25 16:01:32 | 001,715,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2014-07-25 16:01:32 | 001,283,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014-07-25 15:37:15 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2014-07-25 12:32:22 | 000,000,132 | ---- | M] () -- C:\Users\Brent\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014-07-23 21:02:34 | 000,002,549 | ---- | M] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2014-07-22 01:52:06 | 000,001,071 | ---- | M] () -- C:\Users\Brent\Desktop\Notepad++.lnk
[2014-07-22 01:49:52 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-07-20 17:26:53 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014-07-14 13:34:11 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2014-07-14 01:46:34 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-09 16:06:39 | 004,978,786 | ---- | M] () -- C:\Users\Brent\Desktop\launcher^FTB_Launcher.exe
[2014-07-02 22:48:32 | 031,512,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014-07-02 22:48:32 | 024,196,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014-07-02 22:48:32 | 022,994,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014-07-02 22:48:32 | 018,626,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014-07-02 22:48:32 | 017,555,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014-07-02 22:48:32 | 016,122,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014-07-02 22:48:32 | 015,294,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014-07-02 22:48:32 | 014,498,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014-07-02 22:48:32 | 013,922,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014-07-02 22:48:32 | 013,835,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014-07-02 22:48:32 | 011,283,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014-07-02 22:48:32 | 011,222,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014-07-02 22:48:32 | 004,247,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014-07-02 22:48:32 | 003,989,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014-07-02 22:48:32 | 003,196,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014-07-02 22:48:32 | 002,814,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014-07-02 22:48:32 | 001,890,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434052.dll
[2014-07-02 22:48:32 | 001,539,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434052.dll
[2014-07-02 22:48:32 | 000,965,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014-07-02 22:48:32 | 000,944,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014-07-02 22:48:32 | 000,907,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014-07-02 22:48:32 | 000,903,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014-07-02 22:48:32 | 000,869,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014-07-02 22:48:32 | 000,846,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014-07-02 22:48:32 | 000,354,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014-07-02 22:48:32 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014-07-02 22:48:32 | 000,166,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014-07-02 22:48:32 | 000,146,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014-07-02 22:48:32 | 000,075,040 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014-07-02 22:48:32 | 000,061,912 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014-07-02 22:48:32 | 000,026,353 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014-07-02 20:55:43 | 006,783,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014-07-02 20:55:43 | 003,522,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014-07-02 20:55:41 | 000,386,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014-07-02 20:55:41 | 000,062,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014-07-02 19:44:45 | 000,609,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014-07-02 12:14:12 | 003,826,628 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
========== Files Created - No Company Name ==========
[2014-07-31 22:42:19 | 000,058,475 | ---- | C] () -- C:\Users\Brent\Desktop\11009752.pdf
[2014-07-30 15:54:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014-07-30 15:54:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014-07-30 15:54:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014-07-30 15:54:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014-07-30 15:54:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014-07-30 12:52:34 | 000,007,605 | ---- | C] () -- C:\Users\Brent\AppData\Local\Resmon.ResmonCfg
[2014-07-30 12:52:00 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014-07-29 12:06:03 | 000,098,304 | ---- | C] () -- C:\Windows\SysNative\cpbo.exe
[2014-07-28 19:47:51 | 000,130,693 | ---- | C] () -- C:\Users\Brent\Documents\Naamloos.wma
[2014-07-26 12:53:33 | 000,001,239 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 4 CTE.lnk
[2014-07-25 15:37:15 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\Dead Space 3.lnk
[2014-07-24 00:39:33 | 000,000,132 | ---- | C] () -- C:\Users\Brent\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2014-07-23 23:42:13 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2014-07-23 23:41:18 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2014-07-23 23:40:18 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2014-07-23 23:39:46 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2014-07-23 23:37:27 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2014-07-23 23:37:24 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2014-07-23 21:02:34 | 000,002,549 | ---- | C] () -- C:\Users\Public\Desktop\Streamtip Alerter.lnk
[2014-07-22 01:52:06 | 000,001,071 | ---- | C] () -- C:\Users\Brent\Desktop\Notepad++.lnk
[2014-07-22 01:49:52 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014-07-22 01:49:52 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014-07-14 13:34:11 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Battlefield 4.lnk
[2014-07-14 01:46:34 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2014-07-12 14:50:45 | 000,076,152 | ---- | C] () -- C:\Windows\SysNative\PnkBstrA.exe
[2014-06-11 14:54:18 | 000,000,600 | ---- | C] () -- C:\Users\Brent\AppData\Local\PUTTY.RND
[2014-06-06 16:47:55 | 000,215,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014-06-06 16:47:55 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014-06-06 16:47:54 | 003,894,632 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2014-06-06 14:30:15 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2014-06-06 14:30:14 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2014-06-06 14:30:14 | 000,001,990 | ---- | C] () -- C:\Windows\unins000.dat
[2014-06-01 16:01:22 | 000,041,990 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2014-06-01 15:51:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014-06-01 15:51:41 | 000,031,650 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2014-06-01 14:21:29 | 001,644,528 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014-06-01 13:59:58 | 000,014,051 | R--- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
========== ZeroAccess Check ==========
[2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-03-25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-03-25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014-07-31 13:10:14 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\.minecraft
[2014-06-02 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\.technic
[2014-06-01 14:17:41 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\AVAST Software
[2014-06-08 14:30:07 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\DAEMON Tools Pro
[2014-06-01 14:30:35 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Dropbox
[2014-06-01 14:30:34 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\DropboxMaster
[2014-07-29 23:08:39 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\FileZilla
[2014-07-09 16:06:56 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\ftblauncher
[2014-07-21 17:04:19 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\HeroesAndGeneralsDesktop
[2014-07-22 21:33:20 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Notepad++
[2014-06-24 00:07:56 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\OBS
[2014-06-02 22:17:20 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Origin
[2014-07-28 22:54:50 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\RenPy
[2014-06-01 23:50:11 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\SIX Networks
[2014-07-31 13:31:42 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\Spotify
[2014-07-22 03:19:46 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TeamViewer
[2014-07-23 21:02:50 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TideSDK
[2014-08-01 11:06:22 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\TS3Client
[2014-07-29 23:08:40 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\uTorrent
[2014-06-12 20:45:47 | 000,000,000 | ---D | M] -- C:\Users\Brent\AppData\Roaming\WorldPainter
========== Purity Check ==========
========== Custom Scans ==========
< services.* >
[2009-07-14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009-07-14 07:08:49 | 000,023,964 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014-06-01 14:11:17 | 000,001,050 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014-06-01 14:11:18 | 000,001,054 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2014-06-10 10:27:47 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< explorer.exe >
< winlogon.exe >
< Userinit.exe >
< svchost.exe >
========== Base Services ==========
SRV:64bit: - [2009-07-14 03:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013-02-27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009-07-14 03:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010-11-21 05:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010-11-21 05:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009-07-14 03:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009-07-14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012-07-05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013-07-09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013-07-09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010-11-21 05:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010-11-21 05:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011-03-03 08:24:16 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009-07-14 03:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009-07-14 03:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009-07-14 03:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009-07-14 03:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010-11-21 05:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009-07-14 03:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009-07-14 03:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009-07-14 03:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009-07-14 03:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009-07-14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012-10-03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009-07-14 03:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011-05-24 13:42:55 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012-02-11 08:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009-07-14 03:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010-11-21 05:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010-11-21 05:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010-11-21 05:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2014-04-12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009-07-14 03:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010-11-21 05:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010-11-21 05:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010-11-21 05:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010-11-21 05:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010-11-21 05:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010-11-21 05:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009-07-14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012-05-01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010-11-21 05:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010-11-21 05:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010-11-21 05:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013-05-27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010-11-21 05:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010-11-21 05:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010-11-21 05:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010-11-21 05:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010-11-21 05:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009-07-14 03:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2014-05-14 18:23:46 | 002,477,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010-11-21 05:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009-07-14 03:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010-11-21 05:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST31000524AS ATA Device
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Multi Flash Reader USB Device
Partitions: 0
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE2 - External hard disk media
Interface type: USB
Media Type: External hard disk media
Model: WD My Book 1140 USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100,00MB
Starting Offset: 1048576
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931,00GB
Starting Offset: 105906176
Hidden sectors: 0
DeviceID: Disk #2, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 931,00GB
Starting Offset: 1048576
Hidden sectors: 0
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\system32\*.exe /lockedfiles >
< %PROGRAMFILES%\* >
[2009-07-14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --hide-icons [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --show-icons [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2014-06-20 22:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2014-06-20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --MAKE-DEFAULT-BROWSER [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --HIDE-ICONS [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" --SHOW-ICONS [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE" [2014-07-15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2014-06-19 01:39:30 | 000,608,768 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2014-06-20 22:14:31 | 000,810,160 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2014-06-20 21:39:54 | 000,812,216 | ---- | M] (Microsoft Corporation)
< End of report >
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Sorry, het posten van grote berichten doet een beetje raar :s
Laatst bewerkt door een moderator:
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
OTL Extras logfile created on: 1-8-2014 10:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA3A62D-B5BF-41A9-ABF6-A5DF5169814E}" = rport=445 | protocol=6 | dir=out | app=system |
"{11C702EE-EB7C-4074-A7E3-D249B619C7C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{121516EC-2F76-4D15-ACA6-E2400E0E3687}" = rport=138 | protocol=17 | dir=out | app=system |
"{12BE9044-39B2-4C88-AC23-25DA9D1B3365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{185AC041-F3DF-4C54-9BEC-769CB1326C59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1CE8EED8-6803-45F9-84EA-31996D0803BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A34D8C6-EEEB-4E36-8823-857885DEDEDA}" = lport=137 | protocol=17 | dir=in | app=system |
"{2AC129DB-2EBC-463F-B17A-B9DD5B646C5B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2E0017F3-5EE1-4187-88B3-39B887D65626}" = lport=138 | protocol=17 | dir=in | app=system |
"{62727537-129E-4565-B1DD-55B570418E9F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{741892CD-60F1-4DD8-B766-2A6CDEC2914B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{804F4B4E-B19C-4D90-BEEF-20752F121C22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{875531A4-2F27-4E42-BC73-2F673C756E07}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{89EDF25B-3993-463C-8E07-7C9A79C4D5F2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{910217F6-3381-430E-A44A-FFA7B1CBA4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AA197B-5DBC-4933-A2BA-90A59FB09245}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{961CBEFE-EDBC-4B0A-A49A-4C81250294C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{980C23C5-2BC8-46D3-9BE5-DA1D3EFEE6B1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A444E01C-4FBD-4539-84D1-25680076FF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7F2E3E3-9311-4F55-BAF1-E32B6AF34ABE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC6C0775-0B41-42DA-B443-81D928BD2541}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B60124B0-6085-4BEC-8809-0A3672F71AB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEDF63A9-FF0B-46FA-8F0D-02B1944778D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4F9F267-DDE9-4EFE-9025-7497B2C01C61}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C71C08B4-35EF-4D93-93B8-7A77D10D5EBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C95951F6-20F2-4B94-A8B0-8128E532FBAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D6ACBC1B-A61F-4567-9C5C-88311DEF55DA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F0937643-7CAD-4FE0-AAEC-3082E0963498}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3EBB6BE-4A64-43CD-82BA-B5ADF1380618}" = lport=139 | protocol=6 | dir=in | app=system |
"{FED0B16A-5587-417F-801A-B5F4B3E8E775}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD07FEA-5A08-416B-B2AA-11B20EDB7563}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023FD90-05CB-45E5-BFC3-978B25E84D22}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{01DC9677-5EC8-4CB9-9B70-6B081BC2BC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{04FFF823-9308-4096-A1AB-9091A22BAEBE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0525FBE5-864E-4D59-98DC-597B1B627248}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{0B2DB5DF-250A-446C-9E96-437504EA0B58}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{148B0041-DB05-4F34-9B3A-DF7665122F45}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1593CAA3-2C50-4967-A337-EFDB438F0428}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A9DAC58-41FA-484A-BCE7-C122202DF00B}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{1BD6EE75-AEA8-4A27-90A1-F6A44BAE534C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F202C66-3D26-40A6-9357-9A3D5D3B8969}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{1FCD0F46-D2DE-4737-B802-EA9D3B6816BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20745A7C-AC72-4753-98A8-5D826F02E89D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{2431FFAD-3E13-4A4D-B8DA-4E4C934F1525}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{3484A267-B1C1-47F1-89B4-1197DFEFA960}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{39D62EA5-E38A-4B5C-967E-89A9919B0BB1}" = protocol=6 | dir=out | app=system |
"{3D4D310F-AAC3-413D-BA4E-F9FA9A5BB496}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{3E698DFA-9706-4233-AEEA-FBEB2D012D5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49B54AFB-28FF-4A21-82C8-154C6B132F3B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{4A21EBAD-0FB8-4953-805D-11D42BDC9965}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4B3A3702-F231-417E-BD38-41EF8376177D}" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{4B80E77C-7713-4E73-AB88-05AB9C3399EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{4E654BAA-9B8E-4B5A-9AC9-85D834A5B21D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F0DF294-5C02-43BD-9A4E-8CF72FC3A736}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{51607C57-FCEF-431F-A1A8-9D09208101C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{55384E55-E493-4EB9-9525-7CDDB1B5BC88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{57A38D3D-856E-4CEB-909D-8BFE1435E950}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{57D8282B-AB82-4651-B5D1-42ADF522E8EF}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{5964EE3E-F508-4B1B-BA43-845C1A44BD91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{61310EDB-6401-4650-B77C-CDEC10507900}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61341478-17D4-4E7E-946F-88514E14563C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{655E5DBB-1F8F-4862-8CA3-B4857827EE3F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{661785AA-E04C-4E73-907F-8E610544C9A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6948D826-7564-44F2-B400-0590D3007F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{6C0E1C9F-EA84-416C-9AB0-BCA6C3EA7682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6CF4888A-4F39-48F2-8FD5-B21ED410A7BE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6DEF3340-2330-46D4-B76C-EF714274987D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{7013FE3B-3B72-4CCF-96E9-9A97C2DF59F2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{7347FCBF-06BF-40F0-8FBD-99BF7F72F716}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{74724049-93FE-49D3-BB66-04554F7A8350}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74CBA264-381E-4362-B378-4346CDA87465}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{77CCF54D-19C4-4AE5-92B0-6A41AE103966}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{7A4480AD-0B91-45EB-86C4-252AD33DD58A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F388670-FF3B-4980-843C-C81BD1C3B081}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{86C04D09-7E56-49E1-A75E-485D63DA2B2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{911F9871-03C6-44BB-97D6-2979AC7FCEC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92B7AF31-733E-46F0-9CED-52AA166F3F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{931A700C-1065-46DF-8566-FC02C417F072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{94E01DC8-5029-400A-B027-7AAFDA4258A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97893884-3FBD-4679-A367-2F118FEEE65C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{991AF1A1-F0BC-4D82-8050-BB2EBEBB8C00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{9EB7F07B-AD52-42BD-9F95-A156AF9A546E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FB75522-93AC-4DE0-812D-98051C864996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{A16BD240-A1DE-446F-978D-724481F899FF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{A59D94E9-3366-45EA-BED6-66C68B0EE2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8A215F9-9972-4753-881B-F4F382970CEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{A9FC62C3-5B79-41D6-952F-26E4E2A47058}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{AECA775E-18F5-41FD-AA66-0F8185A423B1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF4D1162-01B3-4CB9-AA3A-DC3911B75EA6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B2F8D79E-1814-49D9-884F-4D7977AF2DF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B4A0854F-2EFA-447E-BD96-F3E49D3EDB16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B87ECC90-5362-4C30-A577-8875EA260575}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5980C31-AF89-4512-9C51-755E47BF28D5}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{CB2D8DCF-ABA1-4E17-9F15-7AA1A3A213F5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{D0AF8ED6-52A3-41AB-9D54-3F7DBA93CE9E}" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{DEE20BBD-113E-4137-AC7A-5EBD56D90EA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DF3E6171-1E97-4FD9-90D9-9CB7F6975E71}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DF51060C-2806-46EB-A809-8C8146DB017F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E0B6A155-4F11-40F5-BC48-4313C8C948FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E3A2D3C3-55EF-490E-B95C-1BF9469ED33A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E4BF5576-04B4-4F74-BB2D-ED60AC9D8DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{E7ED66C6-9B78-4DDE-A88F-DB85C4190B4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9E812EB-679C-43F5-825A-625D8BC2578F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{ECDDF925-B16A-48CF-B372-17E41D1F9539}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{EE632B27-1F5C-438D-84E9-6000F7A766AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{F0486642-3562-4545-ACD5-3EA116CE3EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{F8C1D29C-09A5-43A8-BBFA-36C72B598D53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{F975C01A-FC6D-4EA9-A5B0-07A2164B51C1}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{FD18F101-C523-49DB-84F6-C0F81926017A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{FE8AF2A9-1F5C-43FE-8B98-F4810134EA90}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFBDE4A4-6A9F-47DB-BEBD-498C7E4FD8EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{059F6220-BB20-42CC-9038-360BEE259197}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{77F445D8-E66F-480F-A21B-9E4FD5242058}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"TCP Query User{7BC40416-E34B-4C61-A415-6C74014631C0}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"TCP Query User{8871DD43-BB4B-4DAF-8938-29491EBC6453}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4FEA79B2-A651-4D1D-A3D9-78C1A5022061}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{836A4ED7-8535-4876-B2CB-5F5876207917}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"UDP Query User{96A8E205-0013-4AB8-8B1F-CD2C1212496B}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"UDP Query User{CE01F453-C512-4B3F-9F25-6F653944E3BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands)
"{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"4144-4862-0472-7103" = WorldPainter 1.8.5
"CCleaner" = CCleaner
"Chunky" = Chunky
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{551A08D1-B60E-4DED-9B67-C3B38258CCA3}" = Battlefield 4 CTE
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3653588-3AC0-4A1D-950F-D96531E84374}" = DayZ Commander
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{D3E50127-DBBE-4689-9EEB-E157463248B5}" = Streamtip Alerter
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space 3
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}" = Sitecom Wireless Network 300N Adapter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dxtory2.0_is1" = Dxtory version 2.0.127
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.8.1
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.0.2.1012
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Razer Core" = Razer Core
"Steam" = Steam
"Steam App 221100" = DayZ
"Steam App 224540" = Ace of Spades
"Steam App 227940" = Heroes & Generals
"Steam App 242760" = The Forest
"Steam App 242860" = Verdun
"Steam App 304930" = Unturned
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 9" = TeamViewer 9
"Uplay" = Uplay
"Uplay Install 274" = Watch_Dogs
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = Torrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30-7-2014 6:53:40 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel:
0x53518532 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode:
0xc0000005 Foutoffset: 0x00650074 Id van proces met fout: 0x909c Starttijd van toepassing
met fout: 0x01cfabe47a0e4cdb Pad naar toepassing met fout: C:\Program Files (x86)\Malwarebytes
Anti-Malware\mbam.exe Pad naar module met fout: unknown Rapport-id: c37fc582-17d7-11e4-bc49-3085a945493a
Error - 30-7-2014 21:17:53 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:50:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:58:28 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: RzSynapse.exe, versie: 1.18.15.20888,
tijdstempel: 0x53a87450 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel:
0x00000000 Uitzonderingscode: 0xc0000005 Foutoffset: 0x29007300 Id van proces met
fout: 0xe98 Starttijd van toepassing met fout: 0x01cfac9c7bfaa2d8 Pad naar toepassing
met fout: C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe Pad naar module met
fout: unknown Rapport-id: d5f845ae-1890-11e4-9fc4-3085a945493a
Error - 31-7-2014 5:02:08 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 5:23:02 | Computer Name = Brent-PC | Source = RzOvlMon | ID = 0
Description =
Error - 31-7-2014 5:27:33 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:10:19 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:42:27 | Computer Name = Brent-PC | Source = Application Hang | ID = 1002
Description = Het programma withSIX-Play.exe, versie 1.15.613.1 reageert niet meer
op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem
beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum
in het Configuratiescherm. Proces-id: 176c Starttijd: 01cfacffe54766cc Eindtijd: 2
Toepassingspad:
C:\Program Files (x86)\Six Networks\Play withSIX\withSIX-Play.exe Rapport-id: 2c59b0e0-18f3-11e4-be6b-3085a945493a
Error - 31-7-2014 20:11:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 29-7-2014 15:38:35 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De Razer Surround Audio Service-service is onverwacht beindigd. Dit
is nu 1 keer gebeurd.
Error - 29-7-2014 15:39:32 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beindigd.
Dit is nu 1 keer gebeurd.
Error - 30-7-2014 10:07:39 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 14:35:16 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 15:31:43 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 21:00:43 | Computer Name = Brent-PC | Source = volsnap | ID = 393236
Description = De schaduwkopien van volume C: zijn afgebroken omdat het berekenen
van de beschikbare ruimte is mislukt.
Error - 30-7-2014 22:18:07 | Computer Name = Brent-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopien van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 1-8-2014 4:37:00 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: MBAMScheduler.
Error - 1-8-2014 4:37:04 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
Error - 1-8-2014 4:37:16 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
< End of report >
---------- Bericht toegevoegd op 11:26 ---------- Vorige bericht was op 11:26 ----------
OTL Extras logfile created on: 1-8-2014 10:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA3A62D-B5BF-41A9-ABF6-A5DF5169814E}" = rport=445 | protocol=6 | dir=out | app=system |
"{11C702EE-EB7C-4074-A7E3-D249B619C7C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{121516EC-2F76-4D15-ACA6-E2400E0E3687}" = rport=138 | protocol=17 | dir=out | app=system |
"{12BE9044-39B2-4C88-AC23-25DA9D1B3365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{185AC041-F3DF-4C54-9BEC-769CB1326C59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1CE8EED8-6803-45F9-84EA-31996D0803BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A34D8C6-EEEB-4E36-8823-857885DEDEDA}" = lport=137 | protocol=17 | dir=in | app=system |
"{2AC129DB-2EBC-463F-B17A-B9DD5B646C5B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2E0017F3-5EE1-4187-88B3-39B887D65626}" = lport=138 | protocol=17 | dir=in | app=system |
"{62727537-129E-4565-B1DD-55B570418E9F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{741892CD-60F1-4DD8-B766-2A6CDEC2914B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{804F4B4E-B19C-4D90-BEEF-20752F121C22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{875531A4-2F27-4E42-BC73-2F673C756E07}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{89EDF25B-3993-463C-8E07-7C9A79C4D5F2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{910217F6-3381-430E-A44A-FFA7B1CBA4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AA197B-5DBC-4933-A2BA-90A59FB09245}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{961CBEFE-EDBC-4B0A-A49A-4C81250294C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{980C23C5-2BC8-46D3-9BE5-DA1D3EFEE6B1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A444E01C-4FBD-4539-84D1-25680076FF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7F2E3E3-9311-4F55-BAF1-E32B6AF34ABE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC6C0775-0B41-42DA-B443-81D928BD2541}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B60124B0-6085-4BEC-8809-0A3672F71AB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEDF63A9-FF0B-46FA-8F0D-02B1944778D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4F9F267-DDE9-4EFE-9025-7497B2C01C61}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C71C08B4-35EF-4D93-93B8-7A77D10D5EBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C95951F6-20F2-4B94-A8B0-8128E532FBAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D6ACBC1B-A61F-4567-9C5C-88311DEF55DA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F0937643-7CAD-4FE0-AAEC-3082E0963498}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3EBB6BE-4A64-43CD-82BA-B5ADF1380618}" = lport=139 | protocol=6 | dir=in | app=system |
"{FED0B16A-5587-417F-801A-B5F4B3E8E775}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD07FEA-5A08-416B-B2AA-11B20EDB7563}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023FD90-05CB-45E5-BFC3-978B25E84D22}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{01DC9677-5EC8-4CB9-9B70-6B081BC2BC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{04FFF823-9308-4096-A1AB-9091A22BAEBE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0525FBE5-864E-4D59-98DC-597B1B627248}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{0B2DB5DF-250A-446C-9E96-437504EA0B58}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{148B0041-DB05-4F34-9B3A-DF7665122F45}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1593CAA3-2C50-4967-A337-EFDB438F0428}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A9DAC58-41FA-484A-BCE7-C122202DF00B}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{1BD6EE75-AEA8-4A27-90A1-F6A44BAE534C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F202C66-3D26-40A6-9357-9A3D5D3B8969}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{1FCD0F46-D2DE-4737-B802-EA9D3B6816BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20745A7C-AC72-4753-98A8-5D826F02E89D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{2431FFAD-3E13-4A4D-B8DA-4E4C934F1525}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{3484A267-B1C1-47F1-89B4-1197DFEFA960}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{39D62EA5-E38A-4B5C-967E-89A9919B0BB1}" = protocol=6 | dir=out | app=system |
"{3D4D310F-AAC3-413D-BA4E-F9FA9A5BB496}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{3E698DFA-9706-4233-AEEA-FBEB2D012D5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49B54AFB-28FF-4A21-82C8-154C6B132F3B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{4A21EBAD-0FB8-4953-805D-11D42BDC9965}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4B3A3702-F231-417E-BD38-41EF8376177D}" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{4B80E77C-7713-4E73-AB88-05AB9C3399EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{4E654BAA-9B8E-4B5A-9AC9-85D834A5B21D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F0DF294-5C02-43BD-9A4E-8CF72FC3A736}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{51607C57-FCEF-431F-A1A8-9D09208101C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{55384E55-E493-4EB9-9525-7CDDB1B5BC88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{57A38D3D-856E-4CEB-909D-8BFE1435E950}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{57D8282B-AB82-4651-B5D1-42ADF522E8EF}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{5964EE3E-F508-4B1B-BA43-845C1A44BD91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{61310EDB-6401-4650-B77C-CDEC10507900}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61341478-17D4-4E7E-946F-88514E14563C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{655E5DBB-1F8F-4862-8CA3-B4857827EE3F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{661785AA-E04C-4E73-907F-8E610544C9A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6948D826-7564-44F2-B400-0590D3007F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{6C0E1C9F-EA84-416C-9AB0-BCA6C3EA7682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6CF4888A-4F39-48F2-8FD5-B21ED410A7BE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6DEF3340-2330-46D4-B76C-EF714274987D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{7013FE3B-3B72-4CCF-96E9-9A97C2DF59F2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{7347FCBF-06BF-40F0-8FBD-99BF7F72F716}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{74724049-93FE-49D3-BB66-04554F7A8350}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74CBA264-381E-4362-B378-4346CDA87465}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{77CCF54D-19C4-4AE5-92B0-6A41AE103966}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{7A4480AD-0B91-45EB-86C4-252AD33DD58A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F388670-FF3B-4980-843C-C81BD1C3B081}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{86C04D09-7E56-49E1-A75E-485D63DA2B2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{911F9871-03C6-44BB-97D6-2979AC7FCEC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92B7AF31-733E-46F0-9CED-52AA166F3F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{931A700C-1065-46DF-8566-FC02C417F072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{94E01DC8-5029-400A-B027-7AAFDA4258A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97893884-3FBD-4679-A367-2F118FEEE65C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{991AF1A1-F0BC-4D82-8050-BB2EBEBB8C00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{9EB7F07B-AD52-42BD-9F95-A156AF9A546E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FB75522-93AC-4DE0-812D-98051C864996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{A16BD240-A1DE-446F-978D-724481F899FF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{A59D94E9-3366-45EA-BED6-66C68B0EE2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8A215F9-9972-4753-881B-F4F382970CEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{A9FC62C3-5B79-41D6-952F-26E4E2A47058}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{AECA775E-18F5-41FD-AA66-0F8185A423B1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF4D1162-01B3-4CB9-AA3A-DC3911B75EA6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B2F8D79E-1814-49D9-884F-4D7977AF2DF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B4A0854F-2EFA-447E-BD96-F3E49D3EDB16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B87ECC90-5362-4C30-A577-8875EA260575}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5980C31-AF89-4512-9C51-755E47BF28D5}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{CB2D8DCF-ABA1-4E17-9F15-7AA1A3A213F5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{D0AF8ED6-52A3-41AB-9D54-3F7DBA93CE9E}" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{DEE20BBD-113E-4137-AC7A-5EBD56D90EA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DF3E6171-1E97-4FD9-90D9-9CB7F6975E71}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DF51060C-2806-46EB-A809-8C8146DB017F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E0B6A155-4F11-40F5-BC48-4313C8C948FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E3A2D3C3-55EF-490E-B95C-1BF9469ED33A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E4BF5576-04B4-4F74-BB2D-ED60AC9D8DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{E7ED66C6-9B78-4DDE-A88F-DB85C4190B4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9E812EB-679C-43F5-825A-625D8BC2578F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{ECDDF925-B16A-48CF-B372-17E41D1F9539}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{EE632B27-1F5C-438D-84E9-6000F7A766AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{F0486642-3562-4545-ACD5-3EA116CE3EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{F8C1D29C-09A5-43A8-BBFA-36C72B598D53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{F975C01A-FC6D-4EA9-A5B0-07A2164B51C1}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{FD18F101-C523-49DB-84F6-C0F81926017A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{FE8AF2A9-1F5C-43FE-8B98-F4810134EA90}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFBDE4A4-6A9F-47DB-BEBD-498C7E4FD8EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{059F6220-BB20-42CC-9038-360BEE259197}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{77F445D8-E66F-480F-A21B-9E4FD5242058}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"TCP Query User{7BC40416-E34B-4C61-A415-6C74014631C0}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"TCP Query User{8871DD43-BB4B-4DAF-8938-29491EBC6453}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4FEA79B2-A651-4D1D-A3D9-78C1A5022061}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{836A4ED7-8535-4876-B2CB-5F5876207917}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"UDP Query User{96A8E205-0013-4AB8-8B1F-CD2C1212496B}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"UDP Query User{CE01F453-C512-4B3F-9F25-6F653944E3BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands)
"{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"4144-4862-0472-7103" = WorldPainter 1.8.5
"CCleaner" = CCleaner
"Chunky" = Chunky
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{551A08D1-B60E-4DED-9B67-C3B38258CCA3}" = Battlefield 4 CTE
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3653588-3AC0-4A1D-950F-D96531E84374}" = DayZ Commander
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{D3E50127-DBBE-4689-9EEB-E157463248B5}" = Streamtip Alerter
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space 3
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}" = Sitecom Wireless Network 300N Adapter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dxtory2.0_is1" = Dxtory version 2.0.127
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.8.1
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.0.2.1012
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Razer Core" = Razer Core
"Steam" = Steam
"Steam App 221100" = DayZ
"Steam App 224540" = Ace of Spades
"Steam App 227940" = Heroes & Generals
"Steam App 242760" = The Forest
"Steam App 242860" = Verdun
"Steam App 304930" = Unturned
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 9" = TeamViewer 9
"Uplay" = Uplay
"Uplay Install 274" = Watch_Dogs
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = Torrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30-7-2014 6:53:40 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel:
0x53518532 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode:
0xc0000005 Foutoffset: 0x00650074 Id van proces met fout: 0x909c Starttijd van toepassing
met fout: 0x01cfabe47a0e4cdb Pad naar toepassing met fout: C:\Program Files (x86)\Malwarebytes
Anti-Malware\mbam.exe Pad naar module met fout: unknown Rapport-id: c37fc582-17d7-11e4-bc49-3085a945493a
Error - 30-7-2014 21:17:53 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:50:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:58:28 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: RzSynapse.exe, versie: 1.18.15.20888,
tijdstempel: 0x53a87450 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel:
0x00000000 Uitzonderingscode: 0xc0000005 Foutoffset: 0x29007300 Id van proces met
fout: 0xe98 Starttijd van toepassing met fout: 0x01cfac9c7bfaa2d8 Pad naar toepassing
met fout: C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe Pad naar module met
fout: unknown Rapport-id: d5f845ae-1890-11e4-9fc4-3085a945493a
Error - 31-7-2014 5:02:08 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 5:23:02 | Computer Name = Brent-PC | Source = RzOvlMon | ID = 0
Description =
Error - 31-7-2014 5:27:33 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:10:19 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:42:27 | Computer Name = Brent-PC | Source = Application Hang | ID = 1002
Description = Het programma withSIX-Play.exe, versie 1.15.613.1 reageert niet meer
op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem
beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum
in het Configuratiescherm. Proces-id: 176c Starttijd: 01cfacffe54766cc Eindtijd: 2
Toepassingspad:
C:\Program Files (x86)\Six Networks\Play withSIX\withSIX-Play.exe Rapport-id: 2c59b0e0-18f3-11e4-be6b-3085a945493a
Error - 31-7-2014 20:11:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 29-7-2014 15:38:35 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De Razer Surround Audio Service-service is onverwacht beindigd. Dit
is nu 1 keer gebeurd.
Error - 29-7-2014 15:39:32 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beindigd.
Dit is nu 1 keer gebeurd.
Error - 30-7-2014 10:07:39 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 14:35:16 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 15:31:43 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 21:00:43 | Computer Name = Brent-PC | Source = volsnap | ID = 393236
Description = De schaduwkopien van volume C: zijn afgebroken omdat het berekenen
van de beschikbare ruimte is mislukt.
Error - 30-7-2014 22:18:07 | Computer Name = Brent-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopien van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 1-8-2014 4:37:00 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: MBAMScheduler.
Error - 1-8-2014 4:37:04 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
Error - 1-8-2014 4:37:16 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA3A62D-B5BF-41A9-ABF6-A5DF5169814E}" = rport=445 | protocol=6 | dir=out | app=system |
"{11C702EE-EB7C-4074-A7E3-D249B619C7C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{121516EC-2F76-4D15-ACA6-E2400E0E3687}" = rport=138 | protocol=17 | dir=out | app=system |
"{12BE9044-39B2-4C88-AC23-25DA9D1B3365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{185AC041-F3DF-4C54-9BEC-769CB1326C59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1CE8EED8-6803-45F9-84EA-31996D0803BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A34D8C6-EEEB-4E36-8823-857885DEDEDA}" = lport=137 | protocol=17 | dir=in | app=system |
"{2AC129DB-2EBC-463F-B17A-B9DD5B646C5B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2E0017F3-5EE1-4187-88B3-39B887D65626}" = lport=138 | protocol=17 | dir=in | app=system |
"{62727537-129E-4565-B1DD-55B570418E9F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{741892CD-60F1-4DD8-B766-2A6CDEC2914B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{804F4B4E-B19C-4D90-BEEF-20752F121C22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{875531A4-2F27-4E42-BC73-2F673C756E07}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{89EDF25B-3993-463C-8E07-7C9A79C4D5F2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{910217F6-3381-430E-A44A-FFA7B1CBA4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AA197B-5DBC-4933-A2BA-90A59FB09245}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{961CBEFE-EDBC-4B0A-A49A-4C81250294C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{980C23C5-2BC8-46D3-9BE5-DA1D3EFEE6B1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A444E01C-4FBD-4539-84D1-25680076FF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7F2E3E3-9311-4F55-BAF1-E32B6AF34ABE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC6C0775-0B41-42DA-B443-81D928BD2541}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B60124B0-6085-4BEC-8809-0A3672F71AB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEDF63A9-FF0B-46FA-8F0D-02B1944778D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4F9F267-DDE9-4EFE-9025-7497B2C01C61}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C71C08B4-35EF-4D93-93B8-7A77D10D5EBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C95951F6-20F2-4B94-A8B0-8128E532FBAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D6ACBC1B-A61F-4567-9C5C-88311DEF55DA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F0937643-7CAD-4FE0-AAEC-3082E0963498}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3EBB6BE-4A64-43CD-82BA-B5ADF1380618}" = lport=139 | protocol=6 | dir=in | app=system |
"{FED0B16A-5587-417F-801A-B5F4B3E8E775}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD07FEA-5A08-416B-B2AA-11B20EDB7563}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023FD90-05CB-45E5-BFC3-978B25E84D22}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{01DC9677-5EC8-4CB9-9B70-6B081BC2BC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{04FFF823-9308-4096-A1AB-9091A22BAEBE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0525FBE5-864E-4D59-98DC-597B1B627248}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{0B2DB5DF-250A-446C-9E96-437504EA0B58}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{148B0041-DB05-4F34-9B3A-DF7665122F45}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1593CAA3-2C50-4967-A337-EFDB438F0428}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A9DAC58-41FA-484A-BCE7-C122202DF00B}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{1BD6EE75-AEA8-4A27-90A1-F6A44BAE534C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F202C66-3D26-40A6-9357-9A3D5D3B8969}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{1FCD0F46-D2DE-4737-B802-EA9D3B6816BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20745A7C-AC72-4753-98A8-5D826F02E89D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{2431FFAD-3E13-4A4D-B8DA-4E4C934F1525}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{3484A267-B1C1-47F1-89B4-1197DFEFA960}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{39D62EA5-E38A-4B5C-967E-89A9919B0BB1}" = protocol=6 | dir=out | app=system |
"{3D4D310F-AAC3-413D-BA4E-F9FA9A5BB496}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{3E698DFA-9706-4233-AEEA-FBEB2D012D5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49B54AFB-28FF-4A21-82C8-154C6B132F3B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{4A21EBAD-0FB8-4953-805D-11D42BDC9965}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4B3A3702-F231-417E-BD38-41EF8376177D}" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{4B80E77C-7713-4E73-AB88-05AB9C3399EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{4E654BAA-9B8E-4B5A-9AC9-85D834A5B21D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F0DF294-5C02-43BD-9A4E-8CF72FC3A736}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{51607C57-FCEF-431F-A1A8-9D09208101C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{55384E55-E493-4EB9-9525-7CDDB1B5BC88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{57A38D3D-856E-4CEB-909D-8BFE1435E950}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{57D8282B-AB82-4651-B5D1-42ADF522E8EF}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{5964EE3E-F508-4B1B-BA43-845C1A44BD91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{61310EDB-6401-4650-B77C-CDEC10507900}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61341478-17D4-4E7E-946F-88514E14563C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{655E5DBB-1F8F-4862-8CA3-B4857827EE3F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{661785AA-E04C-4E73-907F-8E610544C9A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6948D826-7564-44F2-B400-0590D3007F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{6C0E1C9F-EA84-416C-9AB0-BCA6C3EA7682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6CF4888A-4F39-48F2-8FD5-B21ED410A7BE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6DEF3340-2330-46D4-B76C-EF714274987D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{7013FE3B-3B72-4CCF-96E9-9A97C2DF59F2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{7347FCBF-06BF-40F0-8FBD-99BF7F72F716}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{74724049-93FE-49D3-BB66-04554F7A8350}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74CBA264-381E-4362-B378-4346CDA87465}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{77CCF54D-19C4-4AE5-92B0-6A41AE103966}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{7A4480AD-0B91-45EB-86C4-252AD33DD58A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F388670-FF3B-4980-843C-C81BD1C3B081}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{86C04D09-7E56-49E1-A75E-485D63DA2B2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{911F9871-03C6-44BB-97D6-2979AC7FCEC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92B7AF31-733E-46F0-9CED-52AA166F3F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{931A700C-1065-46DF-8566-FC02C417F072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{94E01DC8-5029-400A-B027-7AAFDA4258A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97893884-3FBD-4679-A367-2F118FEEE65C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{991AF1A1-F0BC-4D82-8050-BB2EBEBB8C00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{9EB7F07B-AD52-42BD-9F95-A156AF9A546E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FB75522-93AC-4DE0-812D-98051C864996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{A16BD240-A1DE-446F-978D-724481F899FF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{A59D94E9-3366-45EA-BED6-66C68B0EE2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8A215F9-9972-4753-881B-F4F382970CEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{A9FC62C3-5B79-41D6-952F-26E4E2A47058}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{AECA775E-18F5-41FD-AA66-0F8185A423B1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF4D1162-01B3-4CB9-AA3A-DC3911B75EA6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B2F8D79E-1814-49D9-884F-4D7977AF2DF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B4A0854F-2EFA-447E-BD96-F3E49D3EDB16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B87ECC90-5362-4C30-A577-8875EA260575}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5980C31-AF89-4512-9C51-755E47BF28D5}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{CB2D8DCF-ABA1-4E17-9F15-7AA1A3A213F5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{D0AF8ED6-52A3-41AB-9D54-3F7DBA93CE9E}" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{DEE20BBD-113E-4137-AC7A-5EBD56D90EA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DF3E6171-1E97-4FD9-90D9-9CB7F6975E71}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DF51060C-2806-46EB-A809-8C8146DB017F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E0B6A155-4F11-40F5-BC48-4313C8C948FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E3A2D3C3-55EF-490E-B95C-1BF9469ED33A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E4BF5576-04B4-4F74-BB2D-ED60AC9D8DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{E7ED66C6-9B78-4DDE-A88F-DB85C4190B4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9E812EB-679C-43F5-825A-625D8BC2578F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{ECDDF925-B16A-48CF-B372-17E41D1F9539}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{EE632B27-1F5C-438D-84E9-6000F7A766AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{F0486642-3562-4545-ACD5-3EA116CE3EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{F8C1D29C-09A5-43A8-BBFA-36C72B598D53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{F975C01A-FC6D-4EA9-A5B0-07A2164B51C1}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{FD18F101-C523-49DB-84F6-C0F81926017A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{FE8AF2A9-1F5C-43FE-8B98-F4810134EA90}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFBDE4A4-6A9F-47DB-BEBD-498C7E4FD8EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{059F6220-BB20-42CC-9038-360BEE259197}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{77F445D8-E66F-480F-A21B-9E4FD5242058}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"TCP Query User{7BC40416-E34B-4C61-A415-6C74014631C0}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"TCP Query User{8871DD43-BB4B-4DAF-8938-29491EBC6453}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4FEA79B2-A651-4D1D-A3D9-78C1A5022061}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{836A4ED7-8535-4876-B2CB-5F5876207917}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"UDP Query User{96A8E205-0013-4AB8-8B1F-CD2C1212496B}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"UDP Query User{CE01F453-C512-4B3F-9F25-6F653944E3BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands)
"{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"4144-4862-0472-7103" = WorldPainter 1.8.5
"CCleaner" = CCleaner
"Chunky" = Chunky
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{551A08D1-B60E-4DED-9B67-C3B38258CCA3}" = Battlefield 4 CTE
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3653588-3AC0-4A1D-950F-D96531E84374}" = DayZ Commander
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{D3E50127-DBBE-4689-9EEB-E157463248B5}" = Streamtip Alerter
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space 3
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}" = Sitecom Wireless Network 300N Adapter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dxtory2.0_is1" = Dxtory version 2.0.127
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.8.1
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.0.2.1012
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Razer Core" = Razer Core
"Steam" = Steam
"Steam App 221100" = DayZ
"Steam App 224540" = Ace of Spades
"Steam App 227940" = Heroes & Generals
"Steam App 242760" = The Forest
"Steam App 242860" = Verdun
"Steam App 304930" = Unturned
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 9" = TeamViewer 9
"Uplay" = Uplay
"Uplay Install 274" = Watch_Dogs
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = Torrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30-7-2014 6:53:40 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel:
0x53518532 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode:
0xc0000005 Foutoffset: 0x00650074 Id van proces met fout: 0x909c Starttijd van toepassing
met fout: 0x01cfabe47a0e4cdb Pad naar toepassing met fout: C:\Program Files (x86)\Malwarebytes
Anti-Malware\mbam.exe Pad naar module met fout: unknown Rapport-id: c37fc582-17d7-11e4-bc49-3085a945493a
Error - 30-7-2014 21:17:53 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:50:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:58:28 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: RzSynapse.exe, versie: 1.18.15.20888,
tijdstempel: 0x53a87450 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel:
0x00000000 Uitzonderingscode: 0xc0000005 Foutoffset: 0x29007300 Id van proces met
fout: 0xe98 Starttijd van toepassing met fout: 0x01cfac9c7bfaa2d8 Pad naar toepassing
met fout: C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe Pad naar module met
fout: unknown Rapport-id: d5f845ae-1890-11e4-9fc4-3085a945493a
Error - 31-7-2014 5:02:08 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 5:23:02 | Computer Name = Brent-PC | Source = RzOvlMon | ID = 0
Description =
Error - 31-7-2014 5:27:33 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:10:19 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:42:27 | Computer Name = Brent-PC | Source = Application Hang | ID = 1002
Description = Het programma withSIX-Play.exe, versie 1.15.613.1 reageert niet meer
op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem
beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum
in het Configuratiescherm. Proces-id: 176c Starttijd: 01cfacffe54766cc Eindtijd: 2
Toepassingspad:
C:\Program Files (x86)\Six Networks\Play withSIX\withSIX-Play.exe Rapport-id: 2c59b0e0-18f3-11e4-be6b-3085a945493a
Error - 31-7-2014 20:11:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 29-7-2014 15:38:35 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De Razer Surround Audio Service-service is onverwacht beindigd. Dit
is nu 1 keer gebeurd.
Error - 29-7-2014 15:39:32 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beindigd.
Dit is nu 1 keer gebeurd.
Error - 30-7-2014 10:07:39 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 14:35:16 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 15:31:43 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 21:00:43 | Computer Name = Brent-PC | Source = volsnap | ID = 393236
Description = De schaduwkopien van volume C: zijn afgebroken omdat het berekenen
van de beschikbare ruimte is mislukt.
Error - 30-7-2014 22:18:07 | Computer Name = Brent-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopien van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 1-8-2014 4:37:00 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: MBAMScheduler.
Error - 1-8-2014 4:37:04 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
Error - 1-8-2014 4:37:16 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
< End of report >
---------- Bericht toegevoegd op 11:26 ---------- Vorige bericht was op 11:26 ----------
OTL Extras logfile created on: 1-8-2014 10:57:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Brent\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
7,96 Gb Total Physical Memory | 6,22 Gb Available Physical Memory | 78,23% Memory free
15,91 Gb Paging File | 13,66 Gb Available in Paging File | 85,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 639,50 Gb Free Space | 68,66% Space Free | Partition Type: NTFS
Drive G: | 931,48 Gb Total Space | 925,16 Gb Free Space | 99,32% Space Free | Partition Type: NTFS
Computer Name: BRENT-PC | User Name: Brent | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CA3A62D-B5BF-41A9-ABF6-A5DF5169814E}" = rport=445 | protocol=6 | dir=out | app=system |
"{11C702EE-EB7C-4074-A7E3-D249B619C7C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{121516EC-2F76-4D15-ACA6-E2400E0E3687}" = rport=138 | protocol=17 | dir=out | app=system |
"{12BE9044-39B2-4C88-AC23-25DA9D1B3365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{185AC041-F3DF-4C54-9BEC-769CB1326C59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{1CE8EED8-6803-45F9-84EA-31996D0803BC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2A34D8C6-EEEB-4E36-8823-857885DEDEDA}" = lport=137 | protocol=17 | dir=in | app=system |
"{2AC129DB-2EBC-463F-B17A-B9DD5B646C5B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2E0017F3-5EE1-4187-88B3-39B887D65626}" = lport=138 | protocol=17 | dir=in | app=system |
"{62727537-129E-4565-B1DD-55B570418E9F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{741892CD-60F1-4DD8-B766-2A6CDEC2914B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{804F4B4E-B19C-4D90-BEEF-20752F121C22}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{875531A4-2F27-4E42-BC73-2F673C756E07}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{89EDF25B-3993-463C-8E07-7C9A79C4D5F2}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{910217F6-3381-430E-A44A-FFA7B1CBA4AF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AA197B-5DBC-4933-A2BA-90A59FB09245}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{961CBEFE-EDBC-4B0A-A49A-4C81250294C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{980C23C5-2BC8-46D3-9BE5-DA1D3EFEE6B1}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A444E01C-4FBD-4539-84D1-25680076FF5A}" = lport=445 | protocol=6 | dir=in | app=system |
"{A7F2E3E3-9311-4F55-BAF1-E32B6AF34ABE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AC6C0775-0B41-42DA-B443-81D928BD2541}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{B60124B0-6085-4BEC-8809-0A3672F71AB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{BEDF63A9-FF0B-46FA-8F0D-02B1944778D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4F9F267-DDE9-4EFE-9025-7497B2C01C61}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C71C08B4-35EF-4D93-93B8-7A77D10D5EBD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C95951F6-20F2-4B94-A8B0-8128E532FBAE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D6ACBC1B-A61F-4567-9C5C-88311DEF55DA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F0937643-7CAD-4FE0-AAEC-3082E0963498}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F3EBB6BE-4A64-43CD-82BA-B5ADF1380618}" = lport=139 | protocol=6 | dir=in | app=system |
"{FED0B16A-5587-417F-801A-B5F4B3E8E775}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFD07FEA-5A08-416B-B2AA-11B20EDB7563}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0023FD90-05CB-45E5-BFC3-978B25E84D22}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{01DC9677-5EC8-4CB9-9B70-6B081BC2BC1C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{04FFF823-9308-4096-A1AB-9091A22BAEBE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0525FBE5-864E-4D59-98DC-597B1B627248}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{0B2DB5DF-250A-446C-9E96-437504EA0B58}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{148B0041-DB05-4F34-9B3A-DF7665122F45}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1593CAA3-2C50-4967-A337-EFDB438F0428}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1A9DAC58-41FA-484A-BCE7-C122202DF00B}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{1BD6EE75-AEA8-4A27-90A1-F6A44BAE534C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F202C66-3D26-40A6-9357-9A3D5D3B8969}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{1FCD0F46-D2DE-4737-B802-EA9D3B6816BD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{20745A7C-AC72-4753-98A8-5D826F02E89D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{2431FFAD-3E13-4A4D-B8DA-4E4C934F1525}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{3484A267-B1C1-47F1-89B4-1197DFEFA960}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{39D62EA5-E38A-4B5C-967E-89A9919B0BB1}" = protocol=6 | dir=out | app=system |
"{3D4D310F-AAC3-413D-BA4E-F9FA9A5BB496}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{3E698DFA-9706-4233-AEEA-FBEB2D012D5F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49B54AFB-28FF-4A21-82C8-154C6B132F3B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{4A21EBAD-0FB8-4953-805D-11D42BDC9965}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4B3A3702-F231-417E-BD38-41EF8376177D}" = protocol=6 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{4B80E77C-7713-4E73-AB88-05AB9C3399EF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{4E654BAA-9B8E-4B5A-9AC9-85D834A5B21D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4F0DF294-5C02-43BD-9A4E-8CF72FC3A736}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\unturned\unturned.exe |
"{51607C57-FCEF-431F-A1A8-9D09208101C9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{55384E55-E493-4EB9-9525-7CDDB1B5BC88}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{57A38D3D-856E-4CEB-909D-8BFE1435E950}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{57D8282B-AB82-4651-B5D1-42ADF522E8EF}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{5964EE3E-F508-4B1B-BA43-845C1A44BD91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{61310EDB-6401-4650-B77C-CDEC10507900}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{61341478-17D4-4E7E-946F-88514E14563C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{655E5DBB-1F8F-4862-8CA3-B4857827EE3F}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{661785AA-E04C-4E73-907F-8E610544C9A4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6948D826-7564-44F2-B400-0590D3007F7C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{6C0E1C9F-EA84-416C-9AB0-BCA6C3EA7682}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{6CF4888A-4F39-48F2-8FD5-B21ED410A7BE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{6DEF3340-2330-46D4-B76C-EF714274987D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{7013FE3B-3B72-4CCF-96E9-9A97C2DF59F2}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{7347FCBF-06BF-40F0-8FBD-99BF7F72F716}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{74724049-93FE-49D3-BB66-04554F7A8350}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{74CBA264-381E-4362-B378-4346CDA87465}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{77CCF54D-19C4-4AE5-92B0-6A41AE103966}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{7A4480AD-0B91-45EB-86C4-252AD33DD58A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7F388670-FF3B-4980-843C-C81BD1C3B081}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte_x86.exe |
"{86C04D09-7E56-49E1-A75E-485D63DA2B2A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{911F9871-03C6-44BB-97D6-2979AC7FCEC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92B7AF31-733E-46F0-9CED-52AA166F3F3D}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{931A700C-1065-46DF-8566-FC02C417F072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{94E01DC8-5029-400A-B027-7AAFDA4258A5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{97893884-3FBD-4679-A367-2F118FEEE65C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{991AF1A1-F0BC-4D82-8050-BB2EBEBB8C00}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{9EB7F07B-AD52-42BD-9F95-A156AF9A546E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FB75522-93AC-4DE0-812D-98051C864996}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{A16BD240-A1DE-446F-978D-724481F899FF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield bad company 2\bfbc2game.exe |
"{A59D94E9-3366-45EA-BED6-66C68B0EE2A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8A215F9-9972-4753-881B-F4F382970CEC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the forest\theforest.exe |
"{A9FC62C3-5B79-41D6-952F-26E4E2A47058}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa_be.exe |
"{AECA775E-18F5-41FD-AA66-0F8185A423B1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AF4D1162-01B3-4CB9-AA3A-DC3911B75EA6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B2F8D79E-1814-49D9-884F-4D7977AF2DF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B4A0854F-2EFA-447E-BD96-F3E49D3EDB16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B87ECC90-5362-4C30-A577-8875EA260575}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C5980C31-AF89-4512-9C51-755E47BF28D5}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"{CB2D8DCF-ABA1-4E17-9F15-7AA1A3A213F5}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space 3\deadspace3.exe |
"{D0AF8ED6-52A3-41AB-9D54-3F7DBA93CE9E}" = protocol=17 | dir=in | app=c:\program files (x86)\filezilla ftp client\filezilla.exe |
"{DEE20BBD-113E-4137-AC7A-5EBD56D90EA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{DF3E6171-1E97-4FD9-90D9-9CB7F6975E71}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{DF51060C-2806-46EB-A809-8C8146DB017F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E0B6A155-4F11-40F5-BC48-4313C8C948FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E3A2D3C3-55EF-490E-B95C-1BF9469ED33A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E4BF5576-04B4-4F74-BB2D-ED60AC9D8DAC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{E7ED66C6-9B78-4DDE-A88F-DB85C4190B4D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E9E812EB-679C-43F5-825A-625D8BC2578F}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{ECDDF925-B16A-48CF-B372-17E41D1F9539}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4 cte\bf4cte.exe |
"{EE632B27-1F5C-438D-84E9-6000F7A766AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{F0486642-3562-4545-ACD5-3EA116CE3EC9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4_x86.exe |
"{F8C1D29C-09A5-43A8-BBFA-36C72B598D53}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\verdun\verdun.exe |
"{F975C01A-FC6D-4EA9-A5B0-07A2164B51C1}" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\utorrent\utorrent.exe |
"{FD18F101-C523-49DB-84F6-C0F81926017A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{FE8AF2A9-1F5C-43FE-8B98-F4810134EA90}" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\dropbox\bin\dropbox.exe |
"{FFBDE4A4-6A9F-47DB-BEBD-498C7E4FD8EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{059F6220-BB20-42CC-9038-360BEE259197}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{77F445D8-E66F-480F-A21B-9E4FD5242058}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=6 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"TCP Query User{7BC40416-E34B-4C61-A415-6C74014631C0}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=6 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"TCP Query User{8871DD43-BB4B-4DAF-8938-29491EBC6453}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{4FEA79B2-A651-4D1D-A3D9-78C1A5022061}C:\users\brent\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\brent\appdata\roaming\spotify\spotify.exe |
"UDP Query User{836A4ED7-8535-4876-B2CB-5F5876207917}C:\users\brent\documents\arma 2\beta_oa\arma2oa.exe" = protocol=17 | dir=in | app=c:\users\brent\documents\arma 2\beta_oa\arma2oa.exe |
"UDP Query User{96A8E205-0013-4AB8-8B1F-CD2C1212496B}C:\program files (x86)\six networks\play withsix\withsix-play.exe" = protocol=17 | dir=in | app=c:\program files (x86)\six networks\play withsix\withsix-play.exe |
"UDP Query User{CE01F453-C512-4B3F-9F25-6F653944E3BF}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417060FF}" = Java 7 Update 60 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043" = Microsoft .NET Framework 4.5.1 (Nederlands)
"{9EBB0AF2-4AD2-3ABA-95EF-977EBEA1CB09}" = Microsoft .NET Framework 4.5.1 (NLD)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 340.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX systeemsoftware 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 15.3.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"4144-4862-0472-7103" = WorldPainter 1.8.5
"CCleaner" = CCleaner
"Chunky" = Chunky
"Speccy" = Speccy
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 5.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company 2
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{551A08D1-B60E-4DED-9B67-C3B38258CCA3}" = Battlefield 4 CTE
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{B3653588-3AC0-4A1D-950F-D96531E84374}" = DayZ Commander
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C67A3F9D-E55D-4288-B4EC-1B9863EFB288}" = Razer Megalodon Firmware Updater
"{D3E50127-DBBE-4689-9EEB-E157463248B5}" = Streamtip Alerter
"{D4329609-4102-4F8C-B83F-7FE024EEA314}" = Dead Space 3
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}" = Sitecom Wireless Network 300N Adapter
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BattlEye for OA" = BattlEye for OA Uninstall
"DAEMON Tools Pro" = DAEMON Tools Pro
"Dxtory2.0_is1" = Dxtory version 2.0.127
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.8.1
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.0.2.1012
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Open Broadcaster Software" = Open Broadcaster Software
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Razer Core" = Razer Core
"Steam" = Steam
"Steam App 221100" = DayZ
"Steam App 224540" = Ace of Spades
"Steam App 227940" = Heroes & Generals
"Steam App 242760" = The Forest
"Steam App 242860" = Verdun
"Steam App 304930" = Unturned
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 730" = Counter-Strike: Global Offensive
"TeamViewer 9" = TeamViewer 9
"Uplay" = Uplay
"Uplay Install 274" = Watch_Dogs
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2211982943-1236686510-121668061-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = Torrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30-7-2014 6:53:40 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: mbam.exe, versie: 1.0.0.532, tijdstempel:
0x53518532 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode:
0xc0000005 Foutoffset: 0x00650074 Id van proces met fout: 0x909c Starttijd van toepassing
met fout: 0x01cfabe47a0e4cdb Pad naar toepassing met fout: C:\Program Files (x86)\Malwarebytes
Anti-Malware\mbam.exe Pad naar module met fout: unknown Rapport-id: c37fc582-17d7-11e4-bc49-3085a945493a
Error - 30-7-2014 21:17:53 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:50:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 4:58:28 | Computer Name = Brent-PC | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: RzSynapse.exe, versie: 1.18.15.20888,
tijdstempel: 0x53a87450 Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel:
0x00000000 Uitzonderingscode: 0xc0000005 Foutoffset: 0x29007300 Id van proces met
fout: 0xe98 Starttijd van toepassing met fout: 0x01cfac9c7bfaa2d8 Pad naar toepassing
met fout: C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe Pad naar module met
fout: unknown Rapport-id: d5f845ae-1890-11e4-9fc4-3085a945493a
Error - 31-7-2014 5:02:08 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 5:23:02 | Computer Name = Brent-PC | Source = RzOvlMon | ID = 0
Description =
Error - 31-7-2014 5:27:33 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:10:19 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
Error - 31-7-2014 16:42:27 | Computer Name = Brent-PC | Source = Application Hang | ID = 1002
Description = Het programma withSIX-Play.exe, versie 1.15.613.1 reageert niet meer
op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem
beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum
in het Configuratiescherm. Proces-id: 176c Starttijd: 01cfacffe54766cc Eindtijd: 2
Toepassingspad:
C:\Program Files (x86)\Six Networks\Play withSIX\withSIX-Play.exe Rapport-id: 2c59b0e0-18f3-11e4-be6b-3085a945493a
Error - 31-7-2014 20:11:52 | Computer Name = Brent-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 29-7-2014 15:38:35 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De Razer Surround Audio Service-service is onverwacht beindigd. Dit
is nu 1 keer gebeurd.
Error - 29-7-2014 15:39:32 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7034
Description = De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beindigd.
Dit is nu 1 keer gebeurd.
Error - 30-7-2014 10:07:39 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 14:35:16 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 15:31:43 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7030
Description = De PEVSystemStart-service staat aangeduid als een interactieve service.
Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn
toegestaan. Deze service werkt mogelijk niet juist.
Error - 30-7-2014 21:00:43 | Computer Name = Brent-PC | Source = volsnap | ID = 393236
Description = De schaduwkopien van volume C: zijn afgebroken omdat het berekenen
van de beschikbare ruimte is mislukt.
Error - 30-7-2014 22:18:07 | Computer Name = Brent-PC | Source = volsnap | ID = 393252
Description = Bij de schaduwkopien van volume C: zijn afgebroken omdat de schaduwkopieopslag
niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.
Error - 1-8-2014 4:37:00 | Computer Name = Brent-PC | Source = Service Control Manager | ID = 7011
Description = Time-out (30000 seconden) tijdens het wachten op een reactie op een
transactie van deze service: MBAMScheduler.
Error - 1-8-2014 4:37:04 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
Error - 1-8-2014 4:37:16 | Computer Name = Brent-PC | Source = Disk | ID = 262155
Description = Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
< End of report >
A
Abraham54
Gast
Sluit voordat
- Windows 2000 en Windows XP: dubbelklik op OTL.exe.
- Windows Vista, Windows 7 en Windows 8: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".
[*]Kopieer onderstaande in de Code-kader staande tekst en plak deze in het venster onder
Code:
:OTL
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
:Services
:Reg
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
[emptyjava]
[emptyflash]
[createrestorepoint]
[reboot]- Klik daarna bovenaan op
- Laat het programma ongestoord zijn werk doen.
- OTL zal na de scan melden dat de PC opnieuw opgestart gaat worden. Sta dat dus toe.
- Klik op OK
- Na het opnieuw opstarten wordt enkel een nieuw log geopend.
- Post via kopiren en plakken de inhoud van dat OTL-scanlog.
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
C:\Users\Brent\Desktop\cmd.bat deleted successfully.
C:\Users\Brent\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Brent
->Temp folder emptied: 51301417 bytes
->Temporary Internet Files folder emptied: 2986599 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 403509540 bytes
->Flash cache emptied: 755 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7862 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 55392239 bytes
RecycleBin emptied: 4890736 bytes
Total Files Cleaned = 494,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYJAVA]
User: All Users
User: Brent
->Java cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: Brent
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 08012014_130213
Files\Folders moved on Reboot...
File move failed. C:\Users\Brent\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395c8fd8a867_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Brent\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395c8fd8a867_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Brent\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Brent\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\RzMaelstromVADStreamingService.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
C:\Users\Brent\Desktop\cmd.bat deleted successfully.
C:\Users\Brent\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Brent
->Temp folder emptied: 51301417 bytes
->Temporary Internet Files folder emptied: 2986599 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 403509540 bytes
->Flash cache emptied: 755 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7862 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 55392239 bytes
RecycleBin emptied: 4890736 bytes
Total Files Cleaned = 494,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYJAVA]
User: All Users
User: Brent
->Java cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: Brent
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 08012014_130213
Files\Folders moved on Reboot...
File move failed. C:\Users\Brent\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395c8fd8a867_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Brent\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\63547c51a55c7182c5c77fb521826c6c_fce8395c8fd8a867_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Brent\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Brent\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\RzMaelstromVADStreamingService.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
A
Abraham54
Gast
We zijn inmiddels wat verder in de tijd sinds jij het log hetbt gepost.
Hoe gaat het inmiddels, geef maar een update?
Hoe gaat het inmiddels, geef maar een update?
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Niets veranderd helaas, heb nu ook counterstrike global offensive proberen te spelen maar dat gaat ook niet. FPS nogsteeds te laag. Heb mijn CPU temp gecheckt via mijn BIOS die aangeeft dat hij rond de 60 graden is (nog steeds veel maar wel beter dan de 90-100 graden die speccy en coretemp aangeven)
Laatst bewerkt door een moderator:
A
Abraham54
Gast
Heb jij al eens in de kast gekeken of stofophopingen in de fans mogelijk debet eraan is.
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Heb mijn pc 3 dagen geleden stofvrij gemaakt, dus dat kan het probleem ook niet zijn. Hoorde van iemand dat misschien mijn Temperatuur sensor kapot zou kunnen zijn en dat daarom mijn cpu langzamer ofzo wordt gemaakt automatisch.
A
Abraham54
Gast
Dat kan alleen zeg maar de technische dienst van een goede computerwinkel achterhalen!
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Dankjewel, ik ga nog even windows herinstalleren. Hopelijk werkt dat en anders stap ik wel een computerwinkel binnen.
Bedankt voor uw hulp!
Bedankt voor uw hulp!
A
Abraham54
Gast
Graag gedaan en laat desnoods ook maar weten wat het eventuele bezoek aan de computer winkel heeft opgeleverd.
brentman123
Bekend gezicht
- Lid geworden
- 29 jul 2012
- Berichten
- 186
- Waarderingsscore
- 0
Vannacht opnieuw windows erop gezet, al mijn oude bestanden verwijderd, vanochtend alle updates (drivers, etc) geinstalleerd. Pc is 2x zo sloom geworden :"). Ik ga hem maandag maar eens terug brengen naar gamepc (waar ik hem heb gekocht). Zal wel laten weten wat het probleem was.
A
Abraham54
Gast
Ik ben benieuwd naar wat je maandag bereikt.
Goed weekend verder.
Goed weekend verder.
Laatst bewerkt:
- Status
