Ga naar inhoud

malware,rootkits,en anders ongewensts


Aanbevolen berichten

Hallo iedereen,

 

 

De pc heeft last van 2 problemen.

 

Probleem 1 betreft  Mozilla FireFox

 

In Firefox Menu/opties is er de mogelijkheid bij "geavanceerd" en dan het tabblad "netwerk"de gebufferde webinhoud te wissen.

 

Dat ging nu ca 4 maanden prima, en bij het aanvinken van die "nu wissen"button, sprong de teller op 0,maar sinds 1 maand is dat anders, bij het aanvinken van die button springt de teller terug tot 328 kb.

 

Het maakt niet uit of ik iets aan de opties daaronder verander ( automatische bufferinhoud negeren/ja-nee) en of ik iets aan de optie "buffer beperken tot..."verander.

 

Bij iedere combinatie springt ie terug tot 328.

 

Ook firefox erafhalen,alles van de pc verwidjeren,en een dag later opnieuw installeren werkte niet.

 

 

 

 

Probleem 2.

 

De pc heeft op schijf C altijd circa 89 GB van de 117 beschikbaar,en sinds kort is dat nog maar 86.

 

Ik heb niets gedownload, en er staan geen films/fotos/documenten of andere grote bestanden op, want die zaken staan op sd kaartjes.

 

Ik denk dat er wat malware en rootkits of zoiets opstaat...

 

 

 

Welk malware detectie programma kan ik t best gebruiken?

 

mvg en fijne avond

 

 

 

 

 

Link naar reactie
Delen op andere sites

  • Reacties 33
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

@ bm.silverlake,

Voer onderstaande uit:

Download icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

  • Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
  • Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

aangepast door iEscape
Link naar reactie
Delen op andere sites

Hai Escape,

 

dat ga ik morgen uitvoeren.

 

 

Wel kan ik melden dat de mbam slechts 1 registersleutel heeft gevonden,en die heb ik verwijderd.

 

Met --waarschijnlijk- díé registersleutel is er wel een ander vraagteken opgelost.

 

 

Bij Windows 10 is er rechts op de taakbalk het ""äctiecentrum pictogram"", en daar stond al tijden dat ik zogenaamd bleutooth had ingeschakeld of aangesloten...(of hoe het dan ook werkt)

 

Heb al meerdere malen die bleutoooth locatie op proberen te sporen, maar zonder resultaat.(te lang voor hier en nu,maar neem maar aan dat ik in de kelders van de pc heb lopen wroeten), en nu,na verwijdering van die register sleutel, is dat blauwe bleutooth-aan vak,helemaal verdwenen.

Link naar reactie
Delen op andere sites

zo dan maar:

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by bm.silverlake at 2016-06-04 08:50:34
Microsoft Windows 10 Home
System drive C: has 88 GB (73%) free of 120 GB
Total RAM: 12225 MB (86% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:50:35, on 4-6-2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\bm.silverlake.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com./
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\RunOnce: [uninstall C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKCU\..\RunOnce: [uninstall C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
O23 - Service: Intel® Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8879 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bae46c23-e2ad-4c58-805b-5e60773c9b8f -SystemEventPortName:HostProcess-8af56c64-fbb8-41c8-beb3-36d13b82d136 -IoCancelEventPortName:HostProcess-7fed1dbe-3fb8-464a-adfc-748b9eaf4343 -NonStateChangingEventPortName:HostProcess-83120884-73d5-48d0-8059-b7eba6293a5d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:00963f44-51e9-4c32-860c-d7b20ca0c0e2 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
dashost.exe {6066acf2-7916-4fe5-b7c623a64735a129}
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe"
"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\bm.silverlake\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\bm.silverlake\AppData\Roaming\Mozilla\Firefox\Profiles\petb5utx.default

prefs.js - "browser.search.suggest.enabled" -  false
prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "google.com"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2016-02-24 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2016-02-24 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-18 14021336]
"IAStorIcon"=C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe [2015-06-23 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-17 1795728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]
"Uninstall C:\Users\bm.silverlake\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"=C:\WINDOWS\system32\cmd.exe [2015-10-30 233984]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2015-05-26 110008]
"CLVirtualDrive"=C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [2015-05-26 499128]
"PowerDVD12Agent"=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-06-03 7400064]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ConfirmFileDelete"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-06-04 02:30:38 ----D---- C:\rsit
2016-06-04 02:30:38 ----D---- C:\Program Files\trend micro
2016-06-03 23:19:00 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2016-06-03 23:18:48 ----D---- C:\ProgramData\Malwarebytes
2016-05-26 17:28:34 ----D---- C:\WINDOWS\SYSWOW64\vbox
2016-05-26 17:28:34 ----D---- C:\WINDOWS\system32\vbox
2016-05-26 16:41:44 ----A---- C:\WINDOWS\system32\drivers\aswNetSec.sys
2016-05-26 16:41:43 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-05-26 16:41:41 ----A---- C:\WINDOWS\avastSS.scr
2016-05-26 06:53:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-11 07:28:35 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 07:28:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-05-11 07:28:33 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-05-11 07:28:32 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-05-11 07:28:32 ----A---- C:\WINDOWS\system32\mos.dll
2016-05-11 07:28:32 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 07:28:31 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-05-11 07:28:31 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-05-11 07:28:30 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-05-11 07:28:29 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-05-11 07:28:29 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 07:28:29 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 07:28:29 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-05-11 07:28:28 ----A---- C:\WINDOWS\system32\shell32.dll
2016-05-11 07:28:28 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 07:28:27 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-05-11 07:28:27 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 07:28:27 ----A---- C:\WINDOWS\system32\twinui.dll
2016-05-11 07:28:27 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 07:28:26 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 07:28:26 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-05-11 07:28:26 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-05-11 07:28:26 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-05-11 07:28:25 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 07:28:25 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-05-11 07:28:25 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-05-11 07:28:24 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-05-11 07:28:24 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-05-11 07:28:24 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-05-11 07:28:23 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-05-11 07:28:23 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-05-11 07:28:23 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 07:28:23 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-05-11 07:28:23 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 07:28:23 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-05-11 07:28:23 ----A---- C:\WINDOWS\explorer.exe
2016-05-11 07:28:22 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-05-11 07:28:22 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-05-11 07:28:22 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\moshost.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 07:28:21 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\mfplat.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\KernelBase.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\dxgi.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\devinv.dll
2016-05-11 07:28:20 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncCore.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\SettingSync.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\jscript.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\invagent.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\crypt32.dll
2016-05-11 07:28:19 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\d3d10level9.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\wlanapi.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\wininit.exe
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\user32.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\SHCore.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\shacct.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\schannel.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\provhandlers.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\provengine.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\drivers\sdport.sys
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\aepic.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 07:28:18 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\MosHostClient.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\ByteCodeGenerator.exe
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\BrowserSettingSync.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\wups.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\rsaenh.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\hmkd.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\dwminit.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\ufxsynopsys.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\filecrypt.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\cryptngc.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 07:28:17 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\wlansec.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\wlanmsm.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\NMAA.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 07:28:16 ----A---- C:\WINDOWS\system32\AppCapture.dll

======List of files/folders modified in the last 1 month======

2016-06-04 08:40:54 ----D---- C:\WINDOWS\Prefetch
2016-06-04 08:40:47 ----D---- C:\WINDOWS\AppReadiness
2016-06-04 08:40:46 ----HD---- C:\Program Files\WindowsApps
2016-06-04 08:40:42 ----D---- C:\WINDOWS\Temp
2016-06-04 02:33:12 ----D---- C:\Users\bm.silverlake\AppData\Roaming\uTorrent
2016-06-04 02:30:38 ----RD---- C:\Program Files
2016-06-04 01:50:00 ----D---- C:\WINDOWS\system32\sru
2016-06-04 00:54:58 ----D---- C:\WINDOWS\System32
2016-06-04 00:54:58 ----D---- C:\WINDOWS\INF
2016-06-04 00:54:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-04 00:49:08 ----D---- C:\ProgramData\NVIDIA
2016-06-04 00:49:05 ----RD---- C:\Program Files (x86)
2016-06-04 00:48:32 ----D---- C:\WINDOWS\system32\drivers
2016-06-03 23:18:48 ----HD---- C:\ProgramData
2016-06-03 21:09:38 ----D---- C:\Users\bm.silverlake\AppData\Roaming\vlc
2016-06-03 10:39:06 ----D---- C:\WINDOWS\system32\config
2016-06-03 10:12:54 ----D---- C:\WINDOWS\Microsoft.NET
2016-05-28 08:05:06 ----D---- C:\Program Files\Common Files\microsoft shared
2016-05-26 17:28:34 ----D---- C:\WINDOWS\SysWOW64
2016-05-26 16:41:46 ----D---- C:\WINDOWS\system32\Tasks
2016-05-26 16:41:44 ----D---- C:\WINDOWS\WinSxS
2016-05-26 16:41:43 ----D---- C:\Windows
2016-05-26 08:42:08 ----D---- C:\WINDOWS\system32\catroot2
2016-05-26 06:57:35 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2016-05-26 06:19:43 ----D---- C:\Program Files (x86)\Common Files
2016-05-25 08:57:14 ----SD---- C:\ProgramData\Microsoft
2016-05-23 10:54:53 ----D---- C:\WINDOWS\rescache
2016-05-23 00:40:31 ----D---- C:\WINDOWS\system32\wbem
2016-05-23 00:40:31 ----D---- C:\WINDOWS\system32\setup
2016-05-23 00:40:31 ----D---- C:\WINDOWS\system32\nl-NL
2016-05-23 00:37:00 ----D---- C:\WINDOWS\CbsTemp
2016-05-22 11:31:24 ----D---- C:\WINDOWS\system32\DriverStore
2016-05-22 11:30:07 ----D---- C:\WINDOWS\system32\drivers\UMDF
2016-05-12 10:19:10 ----RD---- C:\WINDOWS\assembly
2016-05-12 00:17:25 ----D---- C:\WINDOWS\SYSWOW64\nl-NL
2016-05-12 00:17:25 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-05-12 00:17:25 ----D---- C:\WINDOWS\system32\oobe
2016-05-12 00:17:25 ----D---- C:\WINDOWS\system32\migration
2016-05-12 00:17:25 ----D---- C:\WINDOWS\system32\appraiser
2016-05-12 00:17:25 ----D---- C:\WINDOWS\Provisioning
2016-05-12 00:17:25 ----D---- C:\WINDOWS\bcastdvr
2016-05-12 00:17:25 ----D---- C:\WINDOWS\AppPatch
2016-05-12 00:17:25 ----D---- C:\Program Files\Windows Journal
2016-05-12 00:17:25 ----D---- C:\Program Files\Internet Explorer
2016-05-12 00:17:25 ----D---- C:\Program Files (x86)\Internet Explorer
2016-05-11 21:57:14 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-05-11 07:51:16 ----D---- C:\WINDOWS\system32\MRT
2016-05-11 07:49:36 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-05-26 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-05-26 287528]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-06-23 1455552]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2016-06-03 192216]
R0 ngvss;ngvss; C:\WINDOWS\system32\drivers\ngvss.sys [2016-05-26 161760]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2016-05-26 536312]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-05-26 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-05-26 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-05-26 465792]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-05-26 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-05-26 107792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-05-26 166432]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 78848]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-05-26 323392]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-23 4500184]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-06-12 183584]
R3 NVHDA;@oem8.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-12-26 195912]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-12-26 11142984]
R3 rt640x64;@oem3.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-05-29 886528]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-01-22 117248]
S3 dg_ssudbus;@oem7.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-04-25 129152]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel® Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel® Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mfeaack01;McAfee Inc.; \Device\mfeaack01.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
S3 ssudmdm;@oem13.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-04-25 221824]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2016-04-23 63488]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 258912]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-04-23 131424]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Stuurprogramma voor serieel USB-apparaat van Microsoft; C:\WINDOWS\System32\drivers\usbser.sys [2016-04-23 67072]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-26 243296]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2016-05-26 370656]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-06-23 18856]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2015-06-24 223008]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2015-06-24 411936]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-07-23 937800]
R2 OneSyncSvc_5d39c5;Host synchroniseren_5d39c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410768]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-05-26 5570272]
R3 Intel® Security Assist;Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [2015-05-19 335872]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 isaHelperSvc;Intel® Security Assist Helper; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5d39c5;MessagingService_5d39c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-03 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5d39c5;Contact Data_5d39c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 290304]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UnistoreSvc_5d39c5;User Data Storage_5d39c5; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UserDataSvc_5d39c5;User Data Access_5d39c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------
 

log.txt

aangepast door bm.silverlake
Link naar reactie
Delen op andere sites

Hallo,

Schakel uw antivirussoftware tijdelijk uit en download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren

Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7, 8 en 10 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

    firefoxlook;
    torpigcheck;
    emptyfolderscheck;delete
    chromelook;
    standardsearch;
    filesrcm;
    services-list;
    autoclean;
    startupall;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Voeg nu het geopende logbestand in het volgende bericht als bijlage. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.