Ga naar inhoud

ongewenste dansende reclame en groene tekens


Aanbevolen berichten

 

hallo

 

Ik denk dat er iets verkeert gegaan is met een download

nu heb ik overal dansende reclame en groen gemarkeerde woorden.

 

 

hieronder de logfile

 

 

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by lumon at 2015-03-28 10:23:29
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 284 GB (68%) free of 419 GB
Total RAM: 3253 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:23:42, on 28/03/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSService.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\lumon\Downloads\RSIT(1).exe
C:\Program Files\trend micro\lumon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1427212826&from=wpc&uid=SAMSUNGXHM641JI_S23TJDRZ602540
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&ts=1427212826&from=wpc&uid=SAMSUNGXHM641JI_S23TJDRZ602540
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type=ds&ts=1427212826&from=wpc&uid=SAMSUNGXHM641JI_S23TJDRZ602540&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type=ds&ts=1427212826&from=wpc&uid=SAMSUNGXHM641JI_S23TJDRZ602540&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&ts=1427212826&from=wpc&uid=SAMSUNGXHM641JI_S23TJDRZ602540
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [shadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [WebStorage] C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /FORPCEE3
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bi-LINK Gateway.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2.0.0/GarminAxControl_32.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\system32\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 11200 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\BYAIAMUF.job - C:\Users\lumon\AppData\Roaming\BYAIAMUF.exe  /infocmdline=q5NXKJ0eHYm6Vhpdyz81ZBL1cwmA6n8Mld1iHEDudKfkPvHvx56e0KSby71U3PWVLqLH+KrW92J6FYAIbBT56r79VsrF4RB/RooG173rDr09OqpccOjgDCLs42anky/BotbpdDVh5TxCDPscHZ0M70u9cJKHOj8vQLOFX8pkfwd0wV10+JcQwiiPuj9HpGizUlz30T7pYkKJNrtbwjO2TZsHXZwwEV3O8lZGp+hWwAVLybpj0NV/e77yhvx2UDKqweV/Uxv9doBOCxVb3U7gayF3KqRgiKBnpXgRWx25jdxornNYWZ5a7q2RKaAFpLrXIaMKfmkmFQ6T85fg6QW/8KnDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041d2dbf37926.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default

prefs.js - "browser.search.useDBForOrder" -  true

"searchengine@gmail.com"=C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\extensions\searchengine@gmail.com


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\extensions\
9cp@1.net
externalip@erik.morlin
iobitascsurfingprotection@iobit.com
nl-NL@dictionaries.addons.mozilla.org
searchengine@gmail.com
sitematchersitesrc@sitematchersitesrc.com
UpZgGtd@p.org
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\searchplugins\
mystartsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-02-06 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 177944]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 5078504]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-09-17 2193560]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-12-20 113288]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2015-02-24 311616]
"WebStorage"=C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe [2015-02-13 5558056]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2015-03-13 12111576]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2015-03-13 1021808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-02-24 845120]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2015-02-24 1565504]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-12-31 688984]
"KiesPDLR.exe"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-02-24 845120]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30879328]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bi-LINK Gateway.lnk - C:\Windows\Installer\{63041551-16E0-4841-AC48-92A825711C93}\NewShortcut1_8188288DFAC14FF2859A19505BA528D5.exe
Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSH263.DRV
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.SP54"=SP5X_32.DLL
"VIDC.SP55"=SP5X_32.DLL
"VIDC.SP56"=SP5X_32.DLL
"VIDC.SP57"=SP5X_32.DLL
"VIDC.SP58"=SP5X_32.DLL
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-03-27 07:22:25 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-03-27 07:22:25 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-03-27 07:22:24 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-03-27 07:22:24 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-03-27 07:15:47 ----D---- C:\rsit
2015-03-25 19:20:57 ----D---- C:\NVIDIA
2015-03-25 17:08:31 ----D---- C:\Program Files\Mozilla Firefox
2015-03-25 05:20:02 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\acmigration.dll
2015-03-25 05:20:01 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 05:20:01 ----A---- C:\Windows\system32\aepdu.dll
2015-03-24 17:41:41 ----A---- C:\Windows\system32\drivers\{95771641-7d7b-46d9-a635-8b6ed19ac290}Gw.sys
2015-03-24 17:39:35 ----D---- C:\Program Files\Opera
2015-03-24 17:36:17 ----D---- C:\Program Files\mbot_be_79
2015-03-24 17:32:12 ----D---- C:\Users\lumon\AppData\Roaming\QuickScan
2015-03-24 17:22:41 ----A---- C:\Users\lumon\AppData\Roaming\BYAIAMUF.exe
2015-03-24 17:22:26 ----D---- C:\Program Files\globalUpdate
2015-03-24 16:59:32 ----D---- C:\Program Files\PragmaInstance
2015-03-24 16:58:26 ----D---- C:\Program Files\Hide Facebook Suggested Posts
2015-03-24 16:57:30 ----D---- C:\Program Files\SalePlus
2015-03-24 16:57:06 ----D---- C:\ProgramData\11222512972471414913
2015-03-24 16:57:06 ----D---- C:\Program Files\SaleoPLuse
2015-03-24 16:56:49 ----D---- C:\ProgramData\hjmdlbefgaiphjcnghbiggpflkolbpal
2015-03-24 16:55:57 ----D---- C:\ProgramData\{929a2927-56c9-a956-929a-a292756ca49d}
2015-03-24 16:53:56 ----D---- C:\ProgramData\LochMaster40(Demo)
2015-03-24 16:53:56 ----D---- C:\Program Files\LochMaster40 (Demo)
2015-03-23 19:17:42 ----D---- C:\ProgramData\ABACOM
2015-03-23 19:17:38 ----D---- C:\Program Files\ProfiLab-Expert40 (Demo)
2015-03-15 10:06:14 ----D---- C:\Users\lumon\AppData\Roaming\PC Suite
2015-03-15 10:06:14 ----D---- C:\Users\lumon\AppData\Roaming\Nokia
2015-03-15 10:06:13 ----D---- C:\ProgramData\PC Suite
2015-03-15 10:05:32 ----D---- C:\Program Files\Common Files\PCSuite
2015-03-15 10:05:25 ----D---- C:\Program Files\Common Files\Nokia
2015-03-15 10:05:05 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2015-03-15 10:05:01 ----DC---- C:\Windows\system32\DRVSTORE
2015-03-15 10:04:42 ----D---- C:\Program Files\PC Connectivity Solution
2015-03-15 10:04:09 ----A---- C:\Windows\system32\nmwcdcls.dll
2015-03-15 10:04:08 ----D---- C:\Program Files\Nokia
2015-03-15 10:02:51 ----D---- C:\ProgramData\Installations
2015-03-13 07:37:08 ----D---- C:\Windows\system32\RTCOM
2015-03-13 07:37:08 ----D---- C:\Program Files\Realtek
2015-03-13 07:35:58 ----A---- C:\Windows\system32\WavesLib.dll
2015-03-13 07:35:51 ----A---- C:\Windows\system32\tosade.dll
2015-03-13 07:35:48 ----A---- C:\Windows\system32\tadefxapo2.dll
2015-03-13 07:35:48 ----A---- C:\Windows\system32\tadefxapo.dll
2015-03-13 07:35:47 ----A---- C:\Windows\system32\SRSWOW.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSTSXT.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSTSHD.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSHP360.dll
2015-03-13 07:35:31 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-03-13 07:35:17 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2015-03-13 07:35:16 ----A---- C:\Windows\system32\RtkPgExt.dll
2015-03-13 07:35:09 ----A---- C:\Windows\system32\RtkCoLDR.dll
2015-03-13 07:35:08 ----A---- C:\Windows\system32\RtkCoInstII.dll
2015-03-13 07:35:04 ----A---- C:\Windows\system32\RtkApoApi.dll
2015-03-13 07:34:32 ----A---- C:\Windows\system32\RTEEP32A.dll
2015-03-13 07:34:31 ----A---- C:\Windows\system32\RTEEL32A.dll
2015-03-13 07:34:31 ----A---- C:\Windows\system32\RTEEG32A.dll
2015-03-13 07:34:30 ----A---- C:\Windows\system32\RTEED32A.dll
2015-03-13 07:34:14 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-03-13 07:34:12 ----A---- C:\Windows\system32\RP3DHT32.dll
2015-03-13 07:34:10 ----A---- C:\Windows\system32\RP3DAA32.dll
2015-03-13 07:34:00 ----A---- C:\Windows\system32\RltkAPO.dll
2015-03-13 07:33:46 ----A---- C:\Windows\system32\RCoRes.dat
2015-03-13 07:33:08 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-13 07:31:00 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2015-03-13 07:30:38 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-13 07:30:36 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-13 07:30:35 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2015-03-13 07:29:19 ----A---- C:\Windows\system32\FMAPO.dll
2015-03-13 07:28:32 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-13 07:27:34 ----A---- C:\Windows\system32\AERTARen.dll
2015-03-13 07:27:28 ----A---- C:\Windows\system32\AERTACap.dll
2015-03-13 07:27:07 ----D---- C:\Program Files\Synaptics
2015-03-13 07:26:38 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-13 07:22:43 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2015-03-13 07:16:04 ----A---- C:\Windows\system32\drivers\L1C62x86.sys
2015-03-13 07:15:09 ----A---- C:\Windows\system32\drivers\nusb3xhc.sys
2015-03-13 07:15:08 ----A---- C:\Windows\system32\nusb3co3.dll
2015-03-13 07:13:56 ----A---- C:\Windows\system32\drivers\rtl8192se.sys
2015-03-13 07:12:52 ----A---- C:\Windows\system32\IntcDAuC.dll
2015-03-13 07:12:52 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2015-03-13 07:09:31 ----A---- C:\Windows\system32\drivers\Impcd.sys
2015-03-11 17:52:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 17:52:26 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 17:52:25 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 17:52:23 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 17:52:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 17:52:19 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 17:52:17 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 17:52:17 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 17:52:16 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 17:52:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 17:52:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 17:52:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 17:52:14 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 17:52:13 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 17:52:11 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 17:52:11 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 17:48:18 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 17:48:13 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 17:48:13 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 17:48:13 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 17:48:13 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 17:48:03 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 17:44:37 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 17:44:31 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 17:44:30 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 17:44:30 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 17:44:29 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 17:44:29 ----A---- C:\Windows\system32\mf.dll
2015-03-11 17:44:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 17:44:27 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 17:44:27 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 17:44:27 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 17:44:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 17:44:26 ----A---- C:\Windows\system32\evr.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 17:44:25 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 17:44:24 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 17:44:24 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\ci.dll
2015-03-11 17:44:23 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 17:44:23 ----A---- C:\Windows\system32\winload.exe
2015-03-11 17:44:23 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 17:44:23 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 17:44:22 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\smss.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 17:44:21 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 17:44:19 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 17:44:18 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 17:44:17 ----A---- C:\Windows\system32\mferror.dll
2015-03-05 18:58:39 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2015-03-05 18:58:39 ----A---- C:\Windows\system32\drivers\ssudbus.sys

======List of files/folders modified in the last 1 month======

2015-03-28 10:23:32 ----D---- C:\Program Files\trend micro
2015-03-28 10:23:31 ----D---- C:\Windows\Temp
2015-03-28 10:22:35 ----D---- C:\Windows\system32\drivers
2015-03-28 10:11:58 ----D---- C:\Users\lumon\AppData\Roaming\Skype
2015-03-28 06:33:15 ----D---- C:\Windows\system32\config
2015-03-28 06:19:37 ----D---- C:\Windows\system32\Tasks
2015-03-28 04:45:54 ----D---- C:\Windows\Tasks
2015-03-27 11:05:08 ----D---- C:\Windows\inf
2015-03-27 10:07:03 ----D---- C:\Windows\System32
2015-03-27 10:07:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-27 07:22:24 ----RD---- C:\Program Files
2015-03-27 06:38:16 ----D---- C:\Program Files\ANT Drivers
2015-03-27 06:33:53 ----SHD---- C:\System Volume Information
2015-03-26 21:32:28 ----D---- C:\Users\lumon\AppData\Roaming\HpUpdate
2015-03-26 05:08:07 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-26 05:07:59 ----SHD---- C:\Windows\Installer
2015-03-26 05:07:59 ----SHD---- C:\Config.Msi
2015-03-26 05:07:32 ----D---- C:\Windows\SoftwareDistribution
2015-03-26 05:06:42 ----D---- C:\Users\lumon\AppData\Roaming\ASUS WebStorage
2015-03-26 05:05:31 ----D---- C:\Windows\system32\catroot2
2015-03-26 05:04:34 ----D---- C:\Windows\winsxs
2015-03-26 05:04:05 ----D---- C:\Windows
2015-03-26 05:04:04 ----D---- C:\ProgramData\NVIDIA
2015-03-26 05:03:58 ----D---- C:\Windows\debug
2015-03-26 05:03:48 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 05:03:48 ----D---- C:\Windows\system32\wbem
2015-03-26 05:03:48 ----D---- C:\Windows\system32\appraiser
2015-03-26 05:03:47 ----D---- C:\Windows\AppPatch
2015-03-25 18:27:29 ----D---- C:\Windows\Prefetch
2015-03-25 16:47:34 ----D---- C:\Windows\Minidump
2015-03-24 19:24:46 ----HD---- C:\ProgramData
2015-03-24 19:05:19 ----D---- C:\Windows\system32\GroupPolicy
2015-03-24 18:05:25 ----A---- C:\Windows\win.ini
2015-03-24 17:49:53 ----D---- C:\ProgramData\ProductData
2015-03-15 12:06:49 ----D---- C:\Windows\rescache
2015-03-15 10:46:26 ----D---- C:\Windows\system32\drivers\UMDF
2015-03-15 10:06:01 ----D---- C:\Program Files\DIFX
2015-03-15 10:06:00 ----D---- C:\Windows\system32\DriverStore
2015-03-15 10:05:32 ----D---- C:\Program Files\Common Files
2015-03-13 07:59:27 ----D---- C:\Windows\system32\catroot
2015-03-13 07:37:42 ----D---- C:\Windows\ModemLogs
2015-03-13 07:37:41 ----D---- C:\Windows\Logs
2015-03-13 06:59:36 ----D---- C:\Users\lumon\AppData\Roaming\Numera.Gateway
2015-03-12 22:05:01 ----D---- C:\Windows\system32\en-US
2015-03-12 22:05:01 ----D---- C:\Program Files\Internet Explorer
2015-03-12 22:05:00 ----D---- C:\Windows\system32\nl-NL
2015-03-12 22:04:59 ----D---- C:\Windows\system32\Dism
2015-03-12 22:04:59 ----D---- C:\Program Files\Windows Media Player
2015-03-12 22:04:57 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 22:04:57 ----D---- C:\Windows\system32\Boot
2015-03-12 16:51:30 ----D---- C:\ProgramData\Microsoft Help
2015-03-12 16:43:09 ----D---- C:\Windows\system32\MRT
2015-03-12 05:18:33 ----A---- C:\Windows\system32\MRT.exe
2015-03-07 08:57:10 ----D---- C:\Users\lumon\AppData\Roaming\vlc
2015-03-05 19:19:56 ----D---- C:\Windows\Microsoft.NET
2015-03-04 05:21:45 ----D---- C:\ProgramData\Oracle
2015-03-04 05:19:21 ----D---- C:\Program Files\Java
2015-03-04 05:14:47 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-03-02 20:13:32 ----A---- C:\Windows\Ulead32.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 27936]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 18624]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-20 171680]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2015-01-09 23840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 105760]
R3 BthAvrcp;Bluetooth AVRCP-profiel; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]
R3 HECI;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-01-10 10859520]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2015-03-13 132480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2015-03-13 3343832]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-13 270336]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2015-03-13 110280]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-20 61824]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2015-03-13 169472]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-09-04 32928]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-11-19 32288]
R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2015-03-13 1118312]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-13 27888]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-11-19 20944]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-12-16 516480]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2009-10-20 14080]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 89856]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2012-12-21 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2012-12-21 9160]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SIUSBXP;SIUSBXP; C:\Windows\system32\drivers\SiUSBXp.sys [2009-11-03 14592]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 184192]
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-03-21 1341664]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 915784]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 18044744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 664352]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 964244be;PragmaInstance; c:\Program Files\PragmaInstance\PragmaInstance.dll [2015-03-24 1704960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-25 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2014-03-04 31904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-09-16 651720]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-25 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-25 148080]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-20 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
 

 

 

 

Alvast bedankt

 
Link naar reactie
Delen op andere sites

Download adwcleaner.pngAdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik op Scan.
  • Klik vervolgens op Clean.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites

Download malwarebytes_anti_malware.pngMalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

  • Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
  • Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.
  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
    • Klik vervolgens op de knop Acties toepassen, bij de melding dat uw computer opnieuw opgestart moet worden klikt u op Nee.
    • Klik vervolgens op de knop Bekijk gedetailleerd logboek en klik op de knop exporteer en kies de optie tekstbestand (*.txt).
    • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog en klik vervolgens op de knop Opslaan.
    • Dit bestand zal standaard op uw bureaublad worden opgeslagen.

MBAM-Scan.png

MalwareBytes' Anti-Malware logbestand plaatsen

  • Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)
  • Plaats de inhoud van dit logbestand in het volgende bericht.

Wil je meer uitleg - in beeld en geluid - over de werking van Malwarebytes, bekijk dan onze eigen PCH-video hier.

Link naar reactie
Delen op andere sites

hier het logje

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by lumon at 2015-03-28 17:35:52
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 284 GB (68%) free of 419 GB
Total RAM: 3253 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:03, on 28/03/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Garmin\Express Tray\ExpressTray.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSService.exe
C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\ScanWizard 5\ScannerFinder.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\msiexec.exe
C:\Program Files\trend micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\lumon\Downloads\RSIT(3).exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\lumon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [shadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [WebStorage] C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe" /FORPCEE3
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bi-LINK Gateway.lnk = ?
O4 - Global Startup: Scanner Finder.lnk = C:\Program Files\ScanWizard 5\ScannerFinder.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\AutoCAD LT 2010\AdComFolderWatch.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.2.0.0/GarminAxControl_32.CAB
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\system32\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 12817 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf90eb7a5e305f.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf90eb7b756cd9.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d041d2dbf37926.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default

prefs.js - "browser.search.useDBForOrder" -  true

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Users\lumon\AppData\Roaming\Mozilla\Firefox\Profiles\aiaksldp.default\extensions\
externalip@erik.morlin
iobitascsurfingprotection@iobit.com
nl-NL@dictionaries.addons.mozilla.org
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-02-06 752960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 142616]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 177432]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 177944]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-03-21 5078504]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-09-17 2460488]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2014-09-17 2193560]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-12-20 113288]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2015-02-24 311616]
"WebStorage"=C:\Program Files\ASUS\WebStorage\2.2.0.496\AsusWSPanel.exe [2015-02-13 5558056]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"IObit Malware Fighter"=C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2015-03-13 12111576]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2015-03-13 1021808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-02-24 845120]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2015-02-24 1565504]
"GarminExpressTrayApp"=C:\Program Files\Garmin\Express Tray\ExpressTray.exe [2014-12-31 688984]
"KiesPDLR.exe"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2015-02-24 845120]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30879328]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bi-LINK Gateway.lnk - C:\Windows\Installer\{63041551-16E0-4841-AC48-92A825711C93}\NewShortcut1_8188288DFAC14FF2859A19505BA528D5.exe
Scanner Finder.lnk - C:\Program Files\ScanWizard 5\ScannerFinder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\nvinit.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSH263.DRV
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.SP54"=SP5X_32.DLL
"VIDC.SP55"=SP5X_32.DLL
"VIDC.SP56"=SP5X_32.DLL
"VIDC.SP57"=SP5X_32.DLL
"VIDC.SP58"=SP5X_32.DLL
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-03-28 14:47:55 ----A---- C:\MBAM scanlog.txt
2015-03-28 14:17:14 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-03-28 14:16:44 ----D---- C:\ProgramData\Malwarebytes
2015-03-28 14:16:44 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-03-28 14:16:44 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-03-28 14:16:44 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-03-28 14:16:44 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-03-28 11:18:13 ----D---- C:\AdwCleaner
2015-03-27 07:15:47 ----D---- C:\rsit
2015-03-25 19:20:57 ----D---- C:\NVIDIA
2015-03-25 17:08:31 ----D---- C:\Program Files\Mozilla Firefox
2015-03-25 05:20:02 ----A---- C:\Windows\system32\invagent.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\generaltel.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\devinv.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\appraiser.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\aeinv.dll
2015-03-25 05:20:02 ----A---- C:\Windows\system32\acmigration.dll
2015-03-25 05:20:01 ----A---- C:\Windows\system32\aepic.dll
2015-03-25 05:20:01 ----A---- C:\Windows\system32\aepdu.dll
2015-03-24 17:39:35 ----D---- C:\Program Files\Opera
2015-03-24 17:36:17 ----D---- C:\Program Files\mbot_be_79
2015-03-24 17:32:12 ----D---- C:\Users\lumon\AppData\Roaming\QuickScan
2015-03-24 16:58:26 ----D---- C:\Program Files\Hide Facebook Suggested Posts
2015-03-24 16:57:06 ----D---- C:\ProgramData\11222512972471414913
2015-03-24 16:55:57 ----D---- C:\ProgramData\{929a2927-56c9-a956-929a-a292756ca49d}
2015-03-24 16:53:56 ----D---- C:\ProgramData\LochMaster40(Demo)
2015-03-24 16:53:56 ----D---- C:\Program Files\LochMaster40 (Demo)
2015-03-23 19:17:42 ----D---- C:\ProgramData\ABACOM
2015-03-23 19:17:38 ----D---- C:\Program Files\ProfiLab-Expert40 (Demo)
2015-03-15 10:06:14 ----D---- C:\Users\lumon\AppData\Roaming\PC Suite
2015-03-15 10:06:14 ----D---- C:\Users\lumon\AppData\Roaming\Nokia
2015-03-15 10:06:13 ----D---- C:\ProgramData\PC Suite
2015-03-15 10:05:32 ----D---- C:\Program Files\Common Files\PCSuite
2015-03-15 10:05:25 ----D---- C:\Program Files\Common Files\Nokia
2015-03-15 10:05:05 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2015-03-15 10:05:01 ----DC---- C:\Windows\system32\DRVSTORE
2015-03-15 10:04:42 ----D---- C:\Program Files\PC Connectivity Solution
2015-03-15 10:04:09 ----A---- C:\Windows\system32\nmwcdcls.dll
2015-03-15 10:04:08 ----D---- C:\Program Files\Nokia
2015-03-15 10:02:51 ----D---- C:\ProgramData\Installations
2015-03-13 07:37:08 ----D---- C:\Windows\system32\RTCOM
2015-03-13 07:37:08 ----D---- C:\Program Files\Realtek
2015-03-13 07:35:58 ----A---- C:\Windows\system32\WavesLib.dll
2015-03-13 07:35:51 ----A---- C:\Windows\system32\tosade.dll
2015-03-13 07:35:48 ----A---- C:\Windows\system32\tadefxapo2.dll
2015-03-13 07:35:48 ----A---- C:\Windows\system32\tadefxapo.dll
2015-03-13 07:35:47 ----A---- C:\Windows\system32\SRSWOW.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSTSXT.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSTSHD.dll
2015-03-13 07:35:45 ----A---- C:\Windows\system32\SRSHP360.dll
2015-03-13 07:35:31 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-03-13 07:35:17 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2015-03-13 07:35:16 ----A---- C:\Windows\system32\RtkPgExt.dll
2015-03-13 07:35:09 ----A---- C:\Windows\system32\RtkCoLDR.dll
2015-03-13 07:35:08 ----A---- C:\Windows\system32\RtkCoInstII.dll
2015-03-13 07:35:04 ----A---- C:\Windows\system32\RtkApoApi.dll
2015-03-13 07:34:32 ----A---- C:\Windows\system32\RTEEP32A.dll
2015-03-13 07:34:31 ----A---- C:\Windows\system32\RTEEL32A.dll
2015-03-13 07:34:31 ----A---- C:\Windows\system32\RTEEG32A.dll
2015-03-13 07:34:30 ----A---- C:\Windows\system32\RTEED32A.dll
2015-03-13 07:34:14 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-03-13 07:34:12 ----A---- C:\Windows\system32\RP3DHT32.dll
2015-03-13 07:34:10 ----A---- C:\Windows\system32\RP3DAA32.dll
2015-03-13 07:34:00 ----A---- C:\Windows\system32\RltkAPO.dll
2015-03-13 07:33:46 ----A---- C:\Windows\system32\RCoRes.dat
2015-03-13 07:33:08 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-03-13 07:31:00 ----A---- C:\Windows\system32\MaxxAudioEQ.dll
2015-03-13 07:30:38 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-03-13 07:30:36 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-03-13 07:30:35 ----A---- C:\Windows\system32\MaxxAudioAPO.dll
2015-03-13 07:29:19 ----A---- C:\Windows\system32\FMAPO.dll
2015-03-13 07:28:32 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-03-13 07:27:34 ----A---- C:\Windows\system32\AERTARen.dll
2015-03-13 07:27:28 ----A---- C:\Windows\system32\AERTACap.dll
2015-03-13 07:27:07 ----D---- C:\Program Files\Synaptics
2015-03-13 07:26:38 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-03-13 07:22:43 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2015-03-13 07:16:04 ----A---- C:\Windows\system32\drivers\L1C62x86.sys
2015-03-13 07:15:09 ----A---- C:\Windows\system32\drivers\nusb3xhc.sys
2015-03-13 07:15:08 ----A---- C:\Windows\system32\nusb3co3.dll
2015-03-13 07:13:56 ----A---- C:\Windows\system32\drivers\rtl8192se.sys
2015-03-13 07:12:52 ----A---- C:\Windows\system32\IntcDAuC.dll
2015-03-13 07:12:52 ----A---- C:\Windows\system32\drivers\IntcDAud.sys
2015-03-13 07:09:31 ----A---- C:\Windows\system32\drivers\Impcd.sys
2015-03-11 17:52:30 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 17:52:28 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 17:52:26 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 17:52:25 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 17:52:23 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 17:52:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 17:52:21 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 17:52:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 17:52:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 17:52:19 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 17:52:18 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 17:52:17 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 17:52:17 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 17:52:16 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 17:52:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 17:52:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 17:52:14 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 17:52:14 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 17:52:13 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 17:52:11 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 17:52:11 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 17:48:18 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 17:48:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 17:48:13 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 17:48:13 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 17:48:13 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 17:48:13 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 17:48:13 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 17:48:04 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 17:48:03 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 17:44:37 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 17:44:31 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 17:44:30 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 17:44:30 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 17:44:29 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 17:44:29 ----A---- C:\Windows\system32\mf.dll
2015-03-11 17:44:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 17:44:27 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 17:44:27 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 17:44:27 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 17:44:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 17:44:26 ----A---- C:\Windows\system32\evr.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 17:44:25 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 17:44:25 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 17:44:24 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 17:44:24 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 17:44:24 ----A---- C:\Windows\system32\ci.dll
2015-03-11 17:44:23 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 17:44:23 ----A---- C:\Windows\system32\winload.exe
2015-03-11 17:44:23 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 17:44:23 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 17:44:22 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 17:44:22 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\smss.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 17:44:21 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 17:44:21 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 17:44:21 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 17:44:20 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 17:44:20 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 17:44:19 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 17:44:19 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 17:44:18 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 17:44:17 ----A---- C:\Windows\system32\mferror.dll
2015-03-05 18:58:39 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2015-03-05 18:58:39 ----A---- C:\Windows\system32\drivers\ssudbus.sys

======List of files/folders modified in the last 1 month======

2015-03-28 17:35:55 ----D---- C:\Windows\Temp
2015-03-28 17:35:55 ----D---- C:\Program Files\trend micro
2015-03-28 17:32:56 ----SHD---- C:\Windows\Installer
2015-03-28 17:32:56 ----SHD---- C:\Config.Msi
2015-03-28 17:29:12 ----D---- C:\Users\lumon\AppData\Roaming\Skype
2015-03-28 15:31:45 ----D---- C:\Users\lumon\AppData\Roaming\Numera.Gateway
2015-03-28 14:23:02 ----D---- C:\Windows\system32\drivers
2015-03-28 14:16:44 ----RD---- C:\Program Files
2015-03-28 14:16:44 ----HD---- C:\ProgramData
2015-03-28 14:13:19 ----D---- C:\Users\lumon\AppData\Roaming\ASUS WebStorage
2015-03-28 14:10:02 ----D---- C:\ProgramData\NVIDIA
2015-03-28 11:24:54 ----D---- C:\Windows\system32\Tasks
2015-03-28 11:23:47 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-28 11:16:07 ----D---- C:\Windows\system32\config
2015-03-28 04:45:54 ----D---- C:\Windows\Tasks
2015-03-27 11:05:08 ----D---- C:\Windows\inf
2015-03-27 10:07:03 ----D---- C:\Windows\System32
2015-03-27 10:07:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-27 06:38:16 ----D---- C:\Program Files\ANT Drivers
2015-03-27 06:33:53 ----SHD---- C:\System Volume Information
2015-03-26 21:32:28 ----D---- C:\Users\lumon\AppData\Roaming\HpUpdate
2015-03-26 05:07:32 ----D---- C:\Windows\SoftwareDistribution
2015-03-26 05:05:31 ----D---- C:\Windows\system32\catroot2
2015-03-26 05:04:34 ----D---- C:\Windows\winsxs
2015-03-26 05:04:05 ----D---- C:\Windows
2015-03-26 05:03:58 ----D---- C:\Windows\debug
2015-03-26 05:03:48 ----SD---- C:\Windows\system32\CompatTel
2015-03-26 05:03:48 ----D---- C:\Windows\system32\wbem
2015-03-26 05:03:48 ----D---- C:\Windows\system32\appraiser
2015-03-26 05:03:47 ----D---- C:\Windows\AppPatch
2015-03-25 18:27:29 ----D---- C:\Windows\Prefetch
2015-03-25 16:47:34 ----D---- C:\Windows\Minidump
2015-03-24 19:05:19 ----D---- C:\Windows\system32\GroupPolicy
2015-03-24 18:05:25 ----A---- C:\Windows\win.ini
2015-03-24 17:49:53 ----D---- C:\ProgramData\ProductData
2015-03-15 12:06:49 ----D---- C:\Windows\rescache
2015-03-15 10:46:26 ----D---- C:\Windows\system32\drivers\UMDF
2015-03-15 10:06:01 ----D---- C:\Program Files\DIFX
2015-03-15 10:06:00 ----D---- C:\Windows\system32\DriverStore
2015-03-15 10:05:32 ----D---- C:\Program Files\Common Files
2015-03-13 07:59:27 ----D---- C:\Windows\system32\catroot
2015-03-13 07:37:42 ----D---- C:\Windows\ModemLogs
2015-03-13 07:37:41 ----D---- C:\Windows\Logs
2015-03-12 22:05:01 ----D---- C:\Windows\system32\en-US
2015-03-12 22:05:01 ----D---- C:\Program Files\Internet Explorer
2015-03-12 22:05:00 ----D---- C:\Windows\system32\nl-NL
2015-03-12 22:04:59 ----D---- C:\Windows\system32\Dism
2015-03-12 22:04:59 ----D---- C:\Program Files\Windows Media Player
2015-03-12 22:04:57 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-12 22:04:57 ----D---- C:\Windows\system32\Boot
2015-03-12 16:51:30 ----D---- C:\ProgramData\Microsoft Help
2015-03-12 16:43:09 ----D---- C:\Windows\system32\MRT
2015-03-12 05:18:33 ----A---- C:\Windows\system32\MRT.exe
2015-03-07 08:57:10 ----D---- C:\Users\lumon\AppData\Roaming\vlc
2015-03-05 19:19:56 ----D---- C:\Windows\Microsoft.NET
2015-03-04 05:21:45 ----D---- C:\ProgramData\Oracle
2015-03-04 05:19:21 ----D---- C:\Program Files\Java
2015-03-04 05:14:47 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2015-03-02 20:13:32 ----A---- C:\Windows\Ulead32.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-11-14 27936]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 18624]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-20 171680]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2015-01-09 23840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-01-10 105760]
R3 BthAvrcp;Bluetooth AVRCP-profiel; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 FileMonitor;FileMonitor; \??\C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [2013-03-23 21480]
R3 HECI;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-01-10 10859520]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2015-03-13 132480]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2015-03-13 3343832]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-03-13 270336]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2015-03-13 110280]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-03-28 114904]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 51928]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-20 61824]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2015-03-13 169472]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-09-04 32928]
R3 RegFilter;RegFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [2013-11-19 32288]
R3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2015-03-13 1118312]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-13 27888]
R3 UrlFilter;UrlFilter; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [2013-11-19 20944]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 Ca1528av;SPCA1528 Video Camera Service; C:\Windows\System32\Drivers\Ca1528av.sys [2008-12-16 516480]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 Bulk1528;SPCA1528 Still Camera Service; C:\Windows\System32\Drivers\Bulk1528.sys [2009-10-20 14080]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 89856]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2012-12-21 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2012-12-21 9160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SIUSBXP;SIUSBXP; C:\Windows\system32\drivers\SiUSBXp.sys [2009-11-03 14592]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 184192]
S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2013-03-21 1341664]
R2 Garmin Core Update Service;Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2014-12-31 451416]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 915784]
R2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 18044744]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 664352]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2014-10-13 743688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 964244be;PragmaInstance; c:\Program Files\PragmaInstance\PragmaInstance.dll,serv []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-25 116648]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2014-03-04 31904]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-09-16 651720]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-25 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-25 148080]
S3 ose;Office  Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-20 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------
 

 

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.