Beste...helpers?,
Ik heb wel vaker last van wat malware/keyloggers, maar nooit echt stappen ondernomen behalve zo af en toe een adaware scan te doen. Tot ik vandaag het zat was, (wow-account gehacked) en de shit gegoogled tot ik hier, tot mijn grote blijdschap terecht kwam).
Ik heb de eerste stappen ondernomen, maar helaas liet s&d niet toe na een scan dat ik nog maar iets download of als ik toch voor elkaar kreeg het niet liet openen. Dit kan eraan liggen dat ik enorme problemen met windows security had, maar dat S&D dit weer activeerde? en daardoor problemen creerde.
Iig ik had een system restore point gemaakt, en daarna die stap niet herhaald, maar meteen een hijackthis log gemaakt (inclu kleurtjes), en as we speak de uninstall log.
de Hijackthis log:
[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:53, on 16/08/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
d:\games\steam\steam.exe
c:\program files (x86)\daemon tools lite\dtlite.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\users\leftbird\desktop\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.foozir.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://www.foozir.com/[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = http=127.0.0.1:5555
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: sky-banners browser enhancer smuup - {3d27d6ab-1c4d-433e-bf46-654dee19ec50} - c:\windows\syswow64\smuup.dll (file missing)
o2 - bho: street-ads browser enhancer omuup - {5f27e8c9-1a54-4a1d-b3ca-32a643b74215} - c:\windows\syswow64\omuup.dll (file missing)
o2 - bho: windows live sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o4 - hklm\..\run: [adobe arm] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [adobecs4servicemanager] c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe -launchedbylogin
o4 - hklm\..\run: [isusscheduler] c:\program files (x86)\common files\installshield\updateservice\issch.exe -start
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [sta] rundll32 "smuup.dll",,run
o4 - hklm\..\run: [mchk] c:\windows\system32\fmuup.exe
o4 - hklm\..\run: [dfttuyo] c:\windows\system32\dfttuyo.exe
o4 - hklm\..\run: [dfttuyox] c:\windows\system32\dfttuyox.exe
o4 - hklm\..\run: [rmnzhp] rundll32.exe c:\windows\system32\mswyxtnd.dll,w
o4 - hklm\..\run: [startccc] c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe msrun
o4 - hklm\..\run: [aticustomercare] c:\program files (x86)\ati\aticustomercare\aticustomercare.exe
o4 - hkcu\..\run: [steam] d:\games\steam\steam.exe -silent
o4 - hkcu\..\run: [lmljrevl] c:\users\leftbird\appdata\local\nbyiyojbv\isoircvtssd.exe
o4 - hkcu\..\run: [isuspm startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
o4 - hkcu\..\run: [daemon tools lite] c:\program files (x86)\daemon tools lite\dtlite.exe -autorun
o4 - hkcu\..\run: [070700setup.exe] c:\users\leftbird\appdata\roaming\e5a27456fb13b764e1abf72601b9bf70\070700setup.exe
o4 - hkcu\..\run: [komxgbxo] c:\users\leftbird\appdata\local\kjqmxskpi\dwlkkkctssd.exe
o4 - hklm\..\policies\explorer\run: [z7b6s8] c:\users\leftbird\appdata\local\temp\r3ghaz.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o4 - startup: antimalware doctor.lnk = leftbird\appdata\roaming\e5a27456fb13b764e1abf72601b9bf70\070700setup.exe
o16 - dpf: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} - [noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse]
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: amd external events utility - unknown owner - c:\windows\system32\atiesrxx.exe (file missing)
o23 - service: asp.net state service (aspnet_state) - unknown owner - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe (file missing)
o23 - service: dragon age: origins - content updater (daupdatersvc) - bioware - d:\games\dragon age\bin_ship\daupdatersvc.service.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: flexnet licensing service - acresso software inc. - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: flexnet licensing service 64 - acresso software inc. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: steam client service - valve corporation - c:\program files (x86)\common files\steam\steamservice.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: vtingwinie - unknown owner - c:\windows\system32\drivers\svchost.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 7798 bytes
[/hjt]
De uninstall.log:
Torrent
Activision(R)
Activision(R)
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.3
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Assassin's Creed II
ATI Catalyst Registration
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Catalyst Control Center - Branding
Connect
DiRT2
Disciples III
Divinity II - Ego Draconis
DivX Web Player
Dragon Age: Origins
EAX Unified
Empire: Total War
Fallout 3
FIFA 10
Football Manager 2010
Gothic III
Gothic III Release Update
Java(TM) 6 Update 17
K-Lite Codec Pack 5.5.1 (Full)
kuler
LG PC Suite II
LG USB Modem driver
Mafia
Mafia II - Demo
Mass Effect 2
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Mozilla Firefox (3.6.8)
MSVCRT
MSXML4 Parser
NVIDIA PhysX
Oblivion
Oblivion - Horse Armor Pack
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - Thieves Den
Oblivion - Vile Lair
Oblivion - Wizard's Tower
OpenAL
OpenOffice.org 3.1
PDF Settings CS4
Photoshop Camera Raw
Prince of Persia The Forgotten Sands
Prism Video Converter
Rapture3D 2.3.22 Game
Real Alternative 2.0.1
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Singularity(TM)
Sniper Ghost Warrior
SopCast 3.2.4
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
StarCraft II
Steam
STREET FIGHTER IV
Suite Shared Configuration CS4
The Matrix - Path of Neo
The Settlers 7 - Paths to a Kingdom
The Witcher Enhanced Edition
Tom Clancy's Splinter Cell Conviction
Transformers - War for Cybertron
TVAnts 1.0
Two Worlds
Ubisoft Game Launcher
VC80CRTRedist - 8.0.50727.762
Veetle TV 0.9.16
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Movie Maker 2.6
Ik heb wel vaker last van wat malware/keyloggers, maar nooit echt stappen ondernomen behalve zo af en toe een adaware scan te doen. Tot ik vandaag het zat was, (wow-account gehacked) en de shit gegoogled tot ik hier, tot mijn grote blijdschap terecht kwam).
Ik heb de eerste stappen ondernomen, maar helaas liet s&d niet toe na een scan dat ik nog maar iets download of als ik toch voor elkaar kreeg het niet liet openen. Dit kan eraan liggen dat ik enorme problemen met windows security had, maar dat S&D dit weer activeerde? en daardoor problemen creerde.
Iig ik had een system restore point gemaakt, en daarna die stap niet herhaald, maar meteen een hijackthis log gemaakt (inclu kleurtjes), en as we speak de uninstall log.
de Hijackthis log:
[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:08:53, on 16/08/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
d:\games\steam\steam.exe
c:\program files (x86)\daemon tools lite\dtlite.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\users\leftbird\desktop\hijackthis.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.foozir.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://www.foozir.com/[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyserver = http=127.0.0.1:5555
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: sky-banners browser enhancer smuup - {3d27d6ab-1c4d-433e-bf46-654dee19ec50} - c:\windows\syswow64\smuup.dll (file missing)
o2 - bho: street-ads browser enhancer omuup - {5f27e8c9-1a54-4a1d-b3ca-32a643b74215} - c:\windows\syswow64\omuup.dll (file missing)
o2 - bho: windows live sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o4 - hklm\..\run: [adobe arm] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [adobecs4servicemanager] c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe -launchedbylogin
o4 - hklm\..\run: [isusscheduler] c:\program files (x86)\common files\installshield\updateservice\issch.exe -start
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [sta] rundll32 "smuup.dll",,run
o4 - hklm\..\run: [mchk] c:\windows\system32\fmuup.exe
o4 - hklm\..\run: [dfttuyo] c:\windows\system32\dfttuyo.exe
o4 - hklm\..\run: [dfttuyox] c:\windows\system32\dfttuyox.exe
o4 - hklm\..\run: [rmnzhp] rundll32.exe c:\windows\system32\mswyxtnd.dll,w
o4 - hklm\..\run: [startccc] c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe msrun
o4 - hklm\..\run: [aticustomercare] c:\program files (x86)\ati\aticustomercare\aticustomercare.exe
o4 - hkcu\..\run: [steam] d:\games\steam\steam.exe -silent
o4 - hkcu\..\run: [lmljrevl] c:\users\leftbird\appdata\local\nbyiyojbv\isoircvtssd.exe
o4 - hkcu\..\run: [isuspm startup] c:\progra~2\common~1\instal~1\update~1\isuspm.exe -startup
o4 - hkcu\..\run: [daemon tools lite] c:\program files (x86)\daemon tools lite\dtlite.exe -autorun
o4 - hkcu\..\run: [070700setup.exe] c:\users\leftbird\appdata\roaming\e5a27456fb13b764e1abf72601b9bf70\070700setup.exe
o4 - hkcu\..\run: [komxgbxo] c:\users\leftbird\appdata\local\kjqmxskpi\dwlkkkctssd.exe
o4 - hklm\..\policies\explorer\run: [z7b6s8] c:\users\leftbird\appdata\local\temp\r3ghaz.exe
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o4 - startup: antimalware doctor.lnk = leftbird\appdata\roaming\e5a27456fb13b764e1abf72601b9bf70\070700setup.exe
o16 - dpf: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} - [noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse]
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: amd external events utility - unknown owner - c:\windows\system32\atiesrxx.exe (file missing)
o23 - service: asp.net state service (aspnet_state) - unknown owner - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe (file missing)
o23 - service: dragon age: origins - content updater (daupdatersvc) - bioware - d:\games\dragon age\bin_ship\daupdatersvc.service.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: flexnet licensing service - acresso software inc. - c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: flexnet licensing service 64 - acresso software inc. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: steam client service - valve corporation - c:\program files (x86)\common files\steam\steamservice.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: vtingwinie - unknown owner - c:\windows\system32\drivers\svchost.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 7798 bytes
[/hjt]
De uninstall.log:
Torrent
Activision(R)
Activision(R)
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.3.3
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
Assassin's Creed II
ATI Catalyst Registration
Call of Duty(R) - World at War(TM)
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Catalyst Control Center - Branding
Connect
DiRT2
Disciples III
Divinity II - Ego Draconis
DivX Web Player
Dragon Age: Origins
EAX Unified
Empire: Total War
Fallout 3
FIFA 10
Football Manager 2010
Gothic III
Gothic III Release Update
Java(TM) 6 Update 17
K-Lite Codec Pack 5.5.1 (Full)
kuler
LG PC Suite II
LG USB Modem driver
Mafia
Mafia II - Demo
Mass Effect 2
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft Choice Guard
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual J# .NET Redistributable Package 1.1
Mozilla Firefox (3.6.8)
MSVCRT
MSXML4 Parser
NVIDIA PhysX
Oblivion
Oblivion - Horse Armor Pack
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - Thieves Den
Oblivion - Vile Lair
Oblivion - Wizard's Tower
OpenAL
OpenOffice.org 3.1
PDF Settings CS4
Photoshop Camera Raw
Prince of Persia The Forgotten Sands
Prism Video Converter
Rapture3D 2.3.22 Game
Real Alternative 2.0.1
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sid Meier's Civilization 4 - Warlords
Singularity(TM)
Sniper Ghost Warrior
SopCast 3.2.4
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
StarCraft II
Steam
STREET FIGHTER IV
Suite Shared Configuration CS4
The Matrix - Path of Neo
The Settlers 7 - Paths to a Kingdom
The Witcher Enhanced Edition
Tom Clancy's Splinter Cell Conviction
Transformers - War for Cybertron
TVAnts 1.0
Two Worlds
Ubisoft Game Launcher
VC80CRTRedist - 8.0.50727.762
Veetle TV 0.9.16
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.0.5
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Movie Maker 2.6