Ga naar inhoud

virus/algehele rotzooi/spam o.i.d .?


Aanbevolen berichten

Hallo Iedereen,

Sinds kort heeft mijn pc een erg vervelend probleem. Er verschijnt geheel ONGEVRAAGD, ongewenst en ook op zeer onregelmatige tijden compromitterende fotos en filmpjes , seks dus,in allerlei onverhullende poses, van websites waarbij je de website niet ziet,maar alleen het filmpje,alsof je dat dan aangeklikt hebt.

Geloof me, ik heb nog nooit zn website bezocht,en wanneer ik braaf de internet krant lees, op een website als moviemeter zit, of uitzending gemist kijk, dan kan het zomaar zijn dat er opeens zn filmpje of foto opdoemt.

Zelf denk ik dat scrollen ermee te maken heeft, en dat je op een woord,een lettter of bepaalde zinsconstructie klikt,als een trigger,voordat er dan een filmpje verschijnt.

HEEL VERVELEND en absoluut ongewenst.

Ik heb de pc nagekeken,voor zover ik dat kan: in de programmalijst (verwijderen of toegvoegen) kan ik niks vinden,virusscans via Avast leveren niets op (Alles is in orde) .

Wie weet WAT het is,WAAR het vandaan komt, (en hoe IK eraan ben gekomen?) en vooral hoe ik er VANAF geraak?

hartelijk dank alvast

Link naar reactie
Delen op andere sites

  • Reacties 20
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

@ bm.silverlake,

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

Dubbelklik op RSIT.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen


  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Link naar reactie
Delen op andere sites

Hier bij de bijlagen het RST log

- - - Updated - - -

en hier nog een keer als kopieLogfile of random's system information tool 1.10 (written by random/random)

Run by User at 2014-09-01 17:40:50

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 823 GB (91%) free of 902 GB

Total RAM: 4023 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:40:56, on 1-9-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17239)

Boot mode: Normal

Running processes:

C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe

C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [uTorrent] "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-1122152388-3520125672-414077326-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-1122152388-3520125672-414077326-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs:

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9295 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"

C:\Windows\system32\nvvsvc.exe -session -first

"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 1948

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-38cc326a-41b7-4be6-aa5e-fb2fa2e8220b -SystemEventPortName:HostProcess-67ddcada-0c8c-40e6-a610-0dbe58b05035 -IoCancelEventPortName:HostProcess-e08f6760-a593-4ca7-9e3b-654b2a02e081 -NonStateChangingEventPortName:HostProcess-738c9261-7df6-4455-b4d3-8c78b44220ee -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:55bcfc29-fa92-4c5a-9f11-b5239ad0362b -DeviceGroupId:WpdFsGroup

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\system32\wbem\wmiprvse.exe

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun

"C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1

"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart

"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4264.f00ee10.182099396 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4264 "\\.\pipe\gecko-crash-server-pipe.4264" plugin

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --proxy-stub-channel=Flash4436.5FB90D80.19460 --host-broker-channel=Flash4436.5FB90D80.23332 --host-pid=4436 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll"

"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe" --channel=4896.0016F7E4.363743648 --proxy-stub-channel=Flash4436.5FB90D80.19460 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll" --host-npapi-version=27 --type=renderer

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

"C:\Users\User\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\s7kel7ai.default

prefs.js - "browser.search.suggest.enabled" - false

prefs.js - "browser.search.useDBForOrder" - true

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 14.0.0.145 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 14.0.0.145 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-05-15 581824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-08-12 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-05-15 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2011-08-12 56712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}

{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-09 11821160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

"uTorrent"=C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-26 1329744]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2011-04-30 284440]

"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2010-08-04 107816]

"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-08 3890208]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

OpenOffice.org 3.4.1.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-01 17:40:51 ----D---- C:\Program Files\trend micro

2014-09-01 17:40:50 ----D---- C:\rsit

2014-08-28 07:18:22 ----A---- C:\Windows\SYSWOW64\gdi32.dll

2014-08-28 07:18:22 ----A---- C:\Windows\system32\win32k.sys

2014-08-28 07:18:22 ----A---- C:\Windows\system32\gdi32.dll

2014-08-23 07:51:35 ----A---- C:\Windows\system32\wups2.dll

2014-08-23 07:51:35 ----A---- C:\Windows\system32\wucltux.dll

2014-08-23 07:51:35 ----A---- C:\Windows\system32\wuaueng.dll

2014-08-23 07:51:35 ----A---- C:\Windows\system32\wuauclt.exe

2014-08-23 07:51:25 ----A---- C:\Windows\SYSWOW64\wups.dll

2014-08-23 07:51:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll

2014-08-23 07:51:25 ----A---- C:\Windows\SYSWOW64\wuapi.dll

2014-08-23 07:51:25 ----A---- C:\Windows\system32\wups.dll

2014-08-23 07:51:25 ----A---- C:\Windows\system32\wudriver.dll

2014-08-23 07:51:25 ----A---- C:\Windows\system32\wuapi.dll

2014-08-23 07:51:12 ----A---- C:\Windows\SYSWOW64\wuwebv.dll

2014-08-23 07:51:12 ----A---- C:\Windows\SYSWOW64\wuapp.exe

2014-08-23 07:51:12 ----A---- C:\Windows\system32\wuwebv.dll

2014-08-23 07:51:12 ----A---- C:\Windows\system32\wuapp.exe

2014-08-14 00:28:47 ----A---- C:\Windows\SYSWOW64\infocardapi.dll

2014-08-14 00:28:47 ----A---- C:\Windows\SYSWOW64\icardagt.exe

2014-08-14 00:28:47 ----A---- C:\Windows\system32\infocardapi.dll

2014-08-14 00:28:47 ----A---- C:\Windows\system32\icardagt.exe

2014-08-14 00:28:45 ----A---- C:\Windows\SYSWOW64\icardres.dll

2014-08-14 00:28:45 ----A---- C:\Windows\system32\icardres.dll

2014-08-14 00:28:24 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe

2014-08-14 00:28:24 ----A---- C:\Windows\system32\TsWpfWrp.exe

2014-08-13 18:42:52 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\system32\KBDTAT.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\system32\KBDRU1.DLL

2014-08-13 18:42:52 ----A---- C:\Windows\system32\KBDRU.DLL

2014-08-13 18:42:51 ----A---- C:\Windows\system32\KBDYAK.DLL

2014-08-13 18:42:51 ----A---- C:\Windows\system32\KBDBASH.DLL

2014-08-13 18:42:50 ----A---- C:\Windows\SYSWOW64\tzres.dll

2014-08-13 18:42:50 ----A---- C:\Windows\system32\tzres.dll

2014-08-13 18:42:46 ----A---- C:\Windows\SYSWOW64\msi.dll

2014-08-13 18:42:46 ----A---- C:\Windows\system32\msi.dll

2014-08-13 18:42:45 ----A---- C:\Windows\SYSWOW64\msihnd.dll

2014-08-13 18:42:45 ----A---- C:\Windows\SYSWOW64\authui.dll

2014-08-13 18:42:45 ----A---- C:\Windows\system32\msihnd.dll

2014-08-13 18:42:45 ----A---- C:\Windows\system32\consent.exe

2014-08-13 18:42:45 ----A---- C:\Windows\system32\authui.dll

2014-08-13 18:42:44 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-08-13 18:42:42 ----A---- C:\Windows\SYSWOW64\shell32.dll

2014-08-13 18:42:42 ----A---- C:\Windows\system32\shell32.dll

2014-08-13 18:42:25 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2014-08-13 18:42:24 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll

2014-08-13 18:42:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-13 18:42:24 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-08-13 18:42:23 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2014-08-13 18:42:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2014-08-13 18:42:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2014-08-13 18:42:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2014-08-13 18:42:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll

2014-08-13 18:42:22 ----A---- C:\Windows\system32\urlmon.dll

2014-08-13 18:42:22 ----A---- C:\Windows\system32\iernonce.dll

2014-08-13 18:42:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-08-13 18:42:22 ----A---- C:\Windows\system32\ie4uinit.exe

2014-08-13 18:42:21 ----A---- C:\Windows\SYSWOW64\ieui.dll

2014-08-13 18:42:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2014-08-13 18:42:21 ----A---- C:\Windows\SYSWOW64\dxtrans.dll

2014-08-13 18:42:21 ----A---- C:\Windows\system32\msfeeds.dll

2014-08-13 18:42:21 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-08-13 18:42:21 ----A---- C:\Windows\system32\dxtmsft.dll

2014-08-13 18:42:20 ----A---- C:\Windows\system32\iesetup.dll

2014-08-13 18:42:20 ----A---- C:\Windows\system32\iertutil.dll

2014-08-13 18:42:20 ----A---- C:\Windows\system32\iedkcs32.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\wininet.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\vbscript.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\msrating.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe

2014-08-13 18:42:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll

2014-08-13 18:42:19 ----A---- C:\Windows\system32\jsproxy.dll

2014-08-13 18:42:18 ----A---- C:\Windows\system32\ieui.dll

2014-08-13 18:42:18 ----A---- C:\Windows\system32\ieframe.dll

2014-08-13 18:42:18 ----A---- C:\Windows\system32\dxtrans.dll

2014-08-13 18:42:17 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-08-13 18:42:17 ----A---- C:\Windows\system32\mshtmled.dll

2014-08-13 18:42:17 ----A---- C:\Windows\system32\jscript9diag.dll

2014-08-13 18:42:17 ----A---- C:\Windows\system32\jscript9.dll

2014-08-13 18:42:17 ----A---- C:\Windows\system32\ieUnatt.exe

2014-08-13 18:42:16 ----A---- C:\Windows\system32\wininet.dll

2014-08-13 18:42:16 ----A---- C:\Windows\system32\vbscript.dll

2014-08-13 18:42:16 ----A---- C:\Windows\system32\msrating.dll

2014-08-13 18:42:16 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-08-13 18:42:16 ----A---- C:\Windows\system32\ieapfltr.dll

2014-08-13 18:42:15 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-13 18:42:15 ----A---- C:\Windows\system32\mshtml.dll

2014-08-13 18:41:38 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2014-08-13 18:41:38 ----A---- C:\Windows\system32\rpcrt4.dll

2014-08-13 18:41:38 ----A---- C:\Windows\system32\aepdu.dll

2014-08-13 18:41:37 ----A---- C:\Windows\system32\aeinv.dll

======List of files/folders modified in the last 1 month======

2014-09-01 17:40:56 ----D---- C:\Windows\Prefetch

2014-09-01 17:40:51 ----RD---- C:\Program Files

2014-09-01 17:39:10 ----D---- C:\Users\User\AppData\Roaming\uTorrent

2014-09-01 17:37:26 ----D---- C:\Downloads

2014-09-01 15:01:35 ----D---- C:\Windows\Temp

2014-09-01 14:59:25 ----A---- C:\Windows\SYSWOW64\log.txt

2014-09-01 10:26:18 ----D---- C:\Windows\system32\config

2014-08-31 19:00:41 ----SHD---- C:\System Volume Information

2014-08-29 07:24:14 ----D---- C:\Windows\winsxs

2014-08-29 07:23:09 ----D---- C:\Windows\SysWOW64

2014-08-29 07:23:09 ----D---- C:\Windows\System32

2014-08-28 07:16:01 ----D---- C:\Windows\system32\catroot

2014-08-23 15:05:07 ----D---- C:\Windows\rescache

2014-08-23 14:23:09 ----D---- C:\Windows\SYSWOW64\nl-NL

2014-08-23 14:23:09 ----D---- C:\Windows\system32\nl-NL

2014-08-23 07:52:17 ----D---- C:\Windows\system32\catroot2

2014-08-18 18:40:15 ----D---- C:\Windows\system32\NDF

2014-08-14 15:16:07 ----D---- C:\Windows\inf

2014-08-14 15:16:07 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-08-14 07:55:04 ----D---- C:\Windows\Microsoft.NET

2014-08-14 07:54:59 ----RSD---- C:\Windows\assembly

2014-08-14 07:40:41 ----D---- C:\Windows\ehome

2014-08-14 07:40:40 ----RSD---- C:\Windows\Fonts

2014-08-14 07:40:27 ----D---- C:\Windows\system32\drivers

2014-08-14 07:40:26 ----D---- C:\Program Files\Internet Explorer

2014-08-14 07:40:25 ----D---- C:\Windows\SYSWOW64\en-US

2014-08-14 07:40:24 ----D---- C:\Windows\system32\en-US

2014-08-14 07:40:24 ----D---- C:\Windows\PolicyDefinitions

2014-08-14 07:40:23 ----D---- C:\Program Files (x86)\Internet Explorer

2014-08-14 00:34:52 ----D---- C:\Windows\system32\MRT

2014-08-14 00:32:57 ----A---- C:\Windows\system32\MRT.exe

2014-08-14 00:27:58 ----SD---- C:\Windows\system32\CompatTel

2014-08-12 17:08:29 ----D---- C:\Users\User\AppData\Roaming\Audacity

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-05-15 65776]

R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-05-15 208416]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-05-15 93568]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-05-15 29208]

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-05-15 79184]

R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-05-10 2861288]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-05-17 533096]

R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]

S0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys []

S3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\drivers\asmthub3.sys [2011-06-02 128488]

S3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\drivers\asmtxhci.sys [2011-06-02 401896]

S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]

S3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2011-03-11 56344]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-07-08 174184]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 wsvd;wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [2010-09-23 129008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-05-08 65432]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-05-15 50344]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-03-11 326168]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-08-03 980072]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-03 2255464]

R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]

R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-03-11 2656280]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-12 1255736]

S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------er en plak:

log van RST.txt

Link naar reactie
Delen op andere sites

Fijn. Ik kijk er echt naar uit. Na de zoveelste sexy man in weinig verhullende pose op mijn scherm, en die helemaal niet sexy is, en die zomaar wel eens bij mij in de buurt zou kunnen wonen (IEIEIEWWWW) en die dan op de koop toe ook nog wordt besprongen door een vrouw die ik eerder als verlept kan omschrijven dan als knap,...heb ik er tabak van.

TA-BAK.

Link naar reactie
Delen op andere sites

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

Zoek.exe uitvoeren

Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik nu op de knop "Run script".
  • Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
  • Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Een RSIT logje geeft enkel een overzicht van wat er zoal op jouw systeem staat (malware gerelateerd dan wel, geen privé info) ;-)

Je kan het wat vergelijken met HijackThis, wat je vroeger al eens gebruikt hebt, alleen geeft RSIT een pak meer info.

Met Zoek gaan we nu dus starten om de aanwezige rotzooi op te ruimen. :top:

Link naar reactie
Delen op andere sites

Ik hoop dat ik het goed gedaan heb,maar dit is het log.(alles , ja)

Zoek.exe v5.0.0.0 Updated 31-08-2014

Tool run by User on ma 01-09-2014 at 18:26:42,81.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\User\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean]

===== Runcheck 18:27:58,62 =====

--- Create Environment Variables 18:27:59,75

--- Create System Restore Point 18:28:05,29

--- Checking Input 18:28:30,81

--- AU AppData Check 18:28:40,94

--- Remove From Windows Installer 18:28:42,55

- - - Updated - - -

okeoke, het gaat nog even door. :( Dacht dattie klaar was.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.