Logfile of random's system information tool 1.10 (written by random/random) Run by HGC-A-CDH053654-HOME at 2015-10-07 19:39:12 Microsoft Windows 8.1 Pro System drive C: has 132 GB (87%) free of 152 GB Total RAM: 4030 MB (59% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:39:21, on 7/10/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17840) Boot mode: Normal Running processes: C:\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe C:\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe C:\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\HGC-A-CDH053654-HOME\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\HGC-A-CDH053654-HOME.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=nl-BE&Src=WD8&Tid=000328B0&OHP=http%3A%2F%2Fsearch.gboxapp.com%2F%3Faff%3Dp&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIE8SRC R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: browseAndshoopo - {B027E0EE-8B52-42F8-B537-F03CEEC6F5E2} - C:\Program Files (x86)\browseAndshoopo\7nR3ZKAhoiOJq5.dll O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe O4 - HKCU\..\Run: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{8B3B5728-5AE1-44FE-8212-FD121E359500}: NameServer = 82.163.143.172,82.163.142.174 O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6406 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Superclean.job - c:\programdata\{6bd4cda5-44fa-19b0-6bd4-4cda544f3695}\hqghumeaylnlf.exe --startup=1 --single ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B027E0EE-8B52-42F8-B537-F03CEEC6F5E2}] browseAndshoopo - C:\Program Files (x86)\browseAndshoopo\7nR3ZKAhoiOJq5.dll [2015-08-10 1121280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [2015-07-31 148112] "Super Optimizer"=C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe [2015-07-31 676400] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.yuy2"=msyuv.dll "vidc.i420"=iyuv_32.dll "vidc.cvid"=iccvid.dll "vidc.yvyu"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "vidc.uyvy"=msyuv.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-10-07 19:39:12 ----D---- C:\rsit 2015-10-07 19:39:12 ----D---- C:\Program Files (x86)\trend micro 2015-10-07 19:38:08 ----D---- C:\ProgramData\Reimage Protector 2015-10-07 19:37:43 ----D---- C:\rei 2015-10-07 19:37:19 ----A---- C:\Windows\Reimage.ini ======List of files/folders modified in the last 1 month====== 2015-10-07 19:39:12 ----RD---- C:\Program Files (x86) 2015-10-07 19:39:08 ----D---- C:\Windows\Prefetch 2015-10-07 19:38:24 ----D---- C:\Windows\System32 2015-10-07 19:38:08 ----HD---- C:\ProgramData 2015-10-07 19:37:53 ----RD---- C:\Program Files 2015-10-07 19:37:19 ----D---- C:\Windows 2015-10-07 19:26:18 ----D---- C:\ProgramData\4958226109135907237 2015-10-07 19:23:55 ----D---- C:\Windows\Temp 2015-10-07 19:20:49 ----D---- C:\Windows\Microsoft.NET 2015-10-06 20:25:56 ----D---- C:\Users\HGC-A-CDH053654-HOME\AppData\Roaming\vlc 2015-10-06 15:53:55 ----SHD---- C:\System Volume Information 2015-09-18 21:30:10 ----D---- C:\Windows\AppReadiness 2015-09-11 23:40:36 ----D---- C:\Windows\Inf 2015-09-08 21:19:04 ----D---- C:\ProgramData\{6bd4cda5-44fa-19b0-6bd4-4cda544f3695} ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;@oem2.inf,%*PNP0600.DeviceDesc%;Intel AHCI Controller; C:\Windows\System32\drivers\iaStor.sys [] R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\SysWOW64\drivers\Wof.sys [] R3 e1express;@nete1e3e.inf,%E1Express.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032e.sys [] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [] R3 WDC_SAM;@oem5.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [] R3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF Reflector service for LocationProvider; C:\Windows\System32\drivers\WUDFRd.sys [] R3 WUDFWpdFs;WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [] R3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [] S3 cpuz137;cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [] S3 WINUSB;@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver; C:\Windows\System32\drivers\WinUSB.SYS [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 33088] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-19 1258856] R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19 7743472] S2 6cecf580;TroubleFix; C:\Windows\system32\rundll32.exe [2014-10-29 51200] S2 bfd46d07;SectionDouble; C:\Windows\system32\rundll32.exe [2014-10-29 51200] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc [] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 33088] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc [] -----------------EOF-----------------