Ga naar inhoud

laptop nazien

jopke

Door jopke
in Archief Bestrijding malware & virussen

 Delen

Aanbevolen berichten

jopke Vaste Klant

jopke

Geplaatst:
Geplaatst:

Hallo,sites laadden niet meer in firefox en ook niet in internet explorer.Het rondetje bleef maar draaien.

Ik heb systeemherstel gedaan en nu werkt alles terug,maar ik ben niet gerust en wil daarom mijn laptop

eens laten nazien op malware of andere rommel

Mvg,Jopke

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Leo at 2015-09-22 11:39:19
Microsoft Windows 8.1
System drive C: has 858 GB (94%) free of 910 GB
Total RAM: 3986 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:39:22, on 22/09/2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\Leo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\a7f50976-b562-4389-8d1b-88d83fb2192b.exe /check
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9088 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe" /service
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\SysWow64\IntelCpHeciSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
dashost.exe {7d1e6efe-e24f-445a-8b8d0126c52be294}
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe"
C:\windows\SysWOW64\NLSSRV32.EXE
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-10b29b3a-3e1a-44ec-a478-19ae34b56f10 -SystemEventPortName:HostProcess-5990f6c5-f558-4a26-ac75-2d0d3a21198f -IoCancelEventPortName:HostProcess-843cb683-698f-4308-a60b-fa0cfc9d7e76 -NonStateChangingEventPortName:HostProcess-2038f6fd-f971-4f27-aa96-3fd99809f921 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b28a0a46-ff54-4933-847a-08d2614ae4ee -DeviceGroupId:WudfDefaultDevicePool
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xcec_0xe44_0x6136688a"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1972.1.14465616\152169750" "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1972 "\\.\pipe\gecko-crash-server-pipe.1972" plugin
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash4736.6AB1D388.8584 --host-broker-channel=Flash4736.6AB1D388.1937 --host-pid=4736 --host-npapi-version=28 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=4880.009FF7F0.642273207 --proxy-stub-channel=Flash4736.6AB1D388.8584 --plugin-path="C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer

"C:\Users\Rita\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\xqboig2v.default

prefs.js - "browser.startup.homepage" -  "http://www.msn.com/nl-be/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon My Image Garden
"Path"=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 209504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-06 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07 176736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-06 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 6133848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07 4439128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-08-11 1703424]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2014-05-07 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2014-05-07 193008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2013-05-14 552960]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-26 6111824]
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2013-05-02 1282120]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\a7f50976-b562-4389-8d1b-88d83fb2192b.exe [2015-09-22 183232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-17 03:30:11 ----A---- C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2015-09-16 18:17:15 ----D---- C:\windows\LastGood.Tmp
2015-09-16 18:03:17 ----A---- C:\windows\system32\winresume.exe
2015-09-16 18:03:17 ----A---- C:\windows\system32\winload.exe
2015-09-16 18:03:16 ----A---- C:\windows\SYSWOW64\d2d1.dll
2015-09-16 18:03:16 ----A---- C:\windows\system32\d2d1.dll
2015-09-16 18:02:55 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-09-16 18:02:55 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2015-09-16 18:02:55 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-09-16 18:02:55 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2015-09-16 18:02:55 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-09-16 18:02:55 ----A---- C:\windows\system32\ntoskrnl.exe
2015-09-16 18:02:55 ----A---- C:\windows\system32\ntdll.dll
2015-09-16 18:02:55 ----A---- C:\windows\system32\nshwfp.dll
2015-09-16 18:02:55 ----A---- C:\windows\system32\KernelBase.dll
2015-09-16 18:02:55 ----A---- C:\windows\system32\IKEEXT.DLL
2015-09-16 18:02:55 ----A---- C:\windows\system32\FWPUCLNT.DLL
2015-09-16 18:02:55 ----A---- C:\windows\system32\BFE.DLL
2015-09-16 18:02:55 ----A---- C:\windows\system32\advapi32.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\ucrtbase.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\ucrtbase.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\NcdAutoSetup.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-09-16 18:02:35 ----A---- C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-09-09 12:01:40 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-09-09 12:01:40 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-09-09 12:01:40 ----A---- C:\windows\system32\msxml6.dll
2015-09-09 12:01:40 ----A---- C:\windows\system32\msxml3.dll
2015-09-09 11:45:37 ----A---- C:\windows\SYSWOW64\InkEd.dll
2015-09-09 11:45:37 ----A---- C:\windows\system32\InkEd.dll
2015-09-09 11:45:35 ----A---- C:\windows\system32\mshtml.dll
2015-09-09 11:45:32 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-09-09 11:45:30 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-09-09 11:45:30 ----A---- C:\windows\system32\ieframe.dll
2015-09-09 11:45:29 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-09-09 11:45:29 ----A---- C:\windows\system32\jscript9.dll
2015-09-09 11:45:29 ----A---- C:\windows\system32\iertutil.dll
2015-09-09 11:45:28 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-09-09 11:45:28 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-09-09 11:45:28 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-09-09 11:45:28 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-09-09 11:45:28 ----A---- C:\windows\system32\wininet.dll
2015-09-09 11:45:28 ----A---- C:\windows\system32\urlmon.dll
2015-09-09 11:45:28 ----A---- C:\windows\system32\jscript.dll
2015-09-09 11:45:27 ----A---- C:\windows\system32\vbscript.dll
2015-09-09 11:45:27 ----A---- C:\windows\system32\iedkcs32.dll
2015-09-09 11:45:27 ----A---- C:\windows\system32\ie4uinit.exe
2015-09-09 11:45:26 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-09-09 11:45:26 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-09-09 11:45:25 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-09-09 11:45:25 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-09-09 11:45:25 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-09-09 11:45:25 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-09-09 11:45:25 ----A---- C:\windows\system32\webcheck.dll
2015-09-09 11:45:25 ----A---- C:\windows\system32\msfeeds.dll
2015-09-09 11:45:25 ----A---- C:\windows\system32\inetcomm.dll
2015-09-09 11:45:25 ----A---- C:\windows\system32\ieapfltr.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\shacct.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\SettingSync.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\authui.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-09-09 11:45:13 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\Windows.UI.Immersive.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\win32k.sys
2015-09-09 11:45:13 ----A---- C:\windows\system32\shacct.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\SettingSync.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\authui.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\atmlib.dll
2015-09-09 11:45:13 ----A---- C:\windows\system32\atmfd.dll
2015-09-09 11:45:12 ----A---- C:\windows\SYSWOW64\taskeng.exe
2015-09-09 11:45:12 ----A---- C:\windows\SYSWOW64\schtasks.exe
2015-09-09 11:45:12 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-09-09 11:45:12 ----A---- C:\windows\system32\taskeng.exe
2015-09-09 11:45:12 ----A---- C:\windows\system32\schtasks.exe
2015-09-09 11:45:12 ----A---- C:\windows\system32\schedsvc.dll
2015-09-09 11:45:12 ----A---- C:\windows\system32\appidsvc.dll
2015-09-09 11:45:12 ----A---- C:\windows\system32\appidapi.dll
2015-09-04 11:22:54 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-09-04 11:22:54 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-09-04 11:22:54 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\wuwebv.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\WUSettingsProvider.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\wudriver.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\wucltux.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\wuaueng.dll
2015-09-04 11:22:54 ----A---- C:\windows\system32\wuauclt.exe
2015-09-04 11:22:54 ----A---- C:\windows\system32\wuapp.exe
2015-09-04 11:22:54 ----A---- C:\windows\system32\wuapi.dll
2015-09-04 11:22:53 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-09-01 11:37:32 ----D---- C:\Program Files (x86)\VS Revo Group
2015-08-28 06:04:22 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-27 18:20:32 ----A---- C:\windows\system32\igdumdim64.dll
2015-08-27 18:20:30 ----A---- C:\windows\SYSWOW64\iglhsip32.dll
2015-08-27 18:20:30 ----A---- C:\windows\SYSWOW64\igdusc32.dll
2015-08-27 18:20:30 ----A---- C:\windows\SYSWOW64\igdumdim32.dll
2015-08-27 18:20:30 ----A---- C:\windows\SYSWOW64\igd10iumd32.dll
2015-08-27 18:20:30 ----A---- C:\windows\system32\iglhsip64.dll
2015-08-27 18:20:30 ----A---- C:\windows\system32\iglhcp64.dll
2015-08-27 18:20:28 ----A---- C:\windows\SYSWOW64\iglhcp32.dll
2015-08-27 18:20:28 ----A---- C:\windows\SYSWOW64\igfxcmrt32.dll
2015-08-27 18:20:28 ----A---- C:\windows\SYSWOW64\igdmd32.dll
2015-08-27 18:20:28 ----A---- C:\windows\system32\igfxexps.dll
2015-08-27 18:20:28 ----A---- C:\windows\system32\igfxcmrt64.dll
2015-08-27 18:20:28 ----A---- C:\windows\system32\igdmd64.dll
2015-08-27 18:20:14 ----A---- C:\windows\SYSWOW64\ig7icd32.dll
2015-08-27 18:20:14 ----A---- C:\windows\system32\MetroIntelGenericUIFramework.dll
2015-08-27 18:20:14 ----A---- C:\windows\system32\IntelWiDiVAD64.exe
2015-08-27 18:20:12 ----A---- C:\windows\SYSWOW64\IntelOpenCL32.dll
2015-08-27 18:20:12 ----A---- C:\windows\SYSWOW64\IntelCpHeciSvc.exe
2015-08-27 18:20:12 ----A---- C:\windows\SYSWOW64\Intel_OpenCL_ICD32.dll
2015-08-27 18:20:12 ----A---- C:\windows\SYSWOW64\igdfcl32.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiWinNextAgent64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiUtils64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiUMS64.exe
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiSilenceFilter64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiSecureSourceFilter64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiMux64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiMCUMD64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiLogServer64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiDDEAgent64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiAudioFilter64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelWiDiAAC64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\IntelOpenCL64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\Intel_OpenCL_ICD64.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\igfxOSP.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\igfxCoIn_v4276.dll
2015-08-27 18:20:12 ----A---- C:\windows\system32\igdfcl64.dll
2015-08-27 18:20:10 ----A---- C:\windows\SYSWOW64\igfxexps32.dll
2015-08-27 18:20:10 ----A---- C:\windows\SYSWOW64\igfxcmjit32.dll
2015-08-27 18:20:10 ----A---- C:\windows\SYSWOW64\igfx11cmrt32.dll
2015-08-27 18:20:10 ----A---- C:\windows\SYSWOW64\igdrcl32.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxLHMLibv2_0.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxLHMLib.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxext.exe
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxEMLibv2_0.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxEMLib.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDTCM.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDILibv2_0.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDILib.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDHLibv2_0.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDHLib.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxCUIServicePS.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxcmjit64.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfx11cmrt64.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igdrcl64.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\ig7icd64.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\IccLibDll_x64.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\Gfxv4_0.exe
2015-08-27 18:20:10 ----A---- C:\windows\system32\drivers\igdkmd64.sys
2015-08-27 18:20:08 ----A---- C:\windows\SYSWOW64\igdde32.dll
2015-08-27 18:20:08 ----A---- C:\windows\SYSWOW64\igdbcl32.dll
2015-08-27 18:20:08 ----A---- C:\windows\SYSWOW64\igdail32.dll
2015-08-27 18:20:08 ----A---- C:\windows\system32\igdde64.dll
2015-08-27 18:20:08 ----A---- C:\windows\system32\igdbcl64.dll
2015-08-27 18:20:08 ----A---- C:\windows\system32\igdail64.dll
2015-08-27 18:20:08 ----A---- C:\windows\system32\Gfxv2_0.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\GfxUIEx.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\DPTopologyAppv2_0.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\DPTopologyApp.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\difx64.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\CustomModeAppv2_0.exe
2015-08-27 18:20:08 ----A---- C:\windows\system32\CustomModeApp.exe
2015-08-26 11:00:25 ----A---- C:\windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2015-09-22 11:39:21 ----D---- C:\Program Files\trend micro
2015-09-22 11:31:25 ----D---- C:\windows\Temp
2015-09-22 11:31:07 ----D---- C:\windows\system32\catroot2
2015-09-22 11:28:04 ----D---- C:\windows\Prefetch
2015-09-22 11:23:55 ----D---- C:\windows\CryptoGuard
2015-09-22 11:23:53 ----RAD---- C:\windows\System32
2015-09-22 11:23:53 ----D---- C:\windows\Inf
2015-09-22 11:23:53 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-09-22 11:16:58 ----D---- C:\windows\system32\config
2015-09-22 11:16:29 ----D---- C:\windows\system32\wbem
2015-09-22 11:16:29 ----AD---- C:\Windows
2015-09-22 11:15:37 ----D---- C:\windows\WinSxS
2015-09-22 11:15:37 ----D---- C:\windows\Tasks
2015-09-22 11:15:37 ----D---- C:\windows\system32\Tasks
2015-09-22 11:15:37 ----D---- C:\windows\system32\sru
2015-09-22 11:15:37 ----D---- C:\windows\system32\drivers
2015-09-22 11:15:37 ----D---- C:\windows\system32\CodeIntegrity
2015-09-22 11:15:37 ----D---- C:\windows\system32\catroot
2015-09-22 11:15:20 ----RD---- C:\Program Files
2015-09-22 11:13:12 ----HD---- C:\Program Files\WindowsApps
2015-09-22 11:08:26 ----D---- C:\windows\registration
2015-09-22 11:08:12 ----D---- C:\windows\system32\DriverStore
2015-09-22 11:03:05 ----SHD---- C:\System Volume Information
2015-09-22 10:59:33 ----D---- C:\windows\Logs
2015-09-22 10:44:23 ----D---- C:\windows\CbsTemp
2015-09-19 05:35:41 ----D---- C:\windows\AppReadiness
2015-09-17 03:30:11 ----A---- C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-16 18:17:43 ----D---- C:\windows\SysWOW64
2015-09-16 18:06:34 ----D---- C:\windows\system32\Boot
2015-09-16 18:04:15 ----D---- C:\windows\apppatch
2015-09-16 03:25:37 ----D---- C:\Users\Rita\AppData\Roaming\Nitro PDF
2015-09-14 15:30:53 ----D---- C:\Users\Rita\AppData\Roaming\Skype
2015-09-10 15:12:52 ----SHD---- C:\windows\Installer
2015-09-10 15:12:51 ----D---- C:\ProgramData\Skype
2015-09-09 16:19:05 ----D---- C:\windows\Microsoft.NET
2015-09-09 16:19:04 ----RSD---- C:\windows\assembly
2015-09-09 12:20:41 ----D---- C:\windows\system32\MRT
2015-09-09 12:17:47 ----D---- C:\windows\debug
2015-09-09 12:11:04 ----D---- C:\windows\PolicyDefinitions
2015-09-09 12:11:04 ----D---- C:\Program Files\Internet Explorer
2015-09-09 12:11:04 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 12:02:11 ----D---- C:\Program Files\Windows Journal
2015-09-04 11:25:10 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-04 11:24:20 ----D---- C:\windows\system32\nl-NL
2015-09-04 11:24:20 ----D---- C:\windows\system32\en-US
2015-09-01 11:37:32 ----RD---- C:\Program Files (x86)
2015-08-27 18:20:30 ----A---- C:\windows\system32\igdusc64.dll
2015-08-27 18:20:30 ----A---- C:\windows\system32\igd10iumd64.dll
2015-08-27 18:20:12 ----A---- C:\windows\SYSWOW64\OpenCL.DLL
2015-08-27 18:20:12 ----A---- C:\windows\system32\OpenCL.DLL
2015-08-27 18:20:12 ----A---- C:\windows\system32\igfxTray.exe
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxLHM.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxHK.exe
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxEM.exe
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDI.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxDH.dll
2015-08-27 18:20:10 ----A---- C:\windows\system32\igfxCUIService.exe
2015-08-27 13:35:46 ----SD---- C:\windows\system32\CompatTel
2015-08-27 13:35:46 ----D---- C:\windows\system32\appraiser
2015-08-26 18:37:02 ----A---- C:\windows\system32\MRT.exe
2015-08-26 15:05:10 ----D---- C:\Program Files\CCleaner
2015-08-26 10:54:23 ----D---- C:\windows\SYSWOW64\WinMetadata
2015-08-26 10:54:23 ----D---- C:\windows\SYSWOW64\nl-NL
2015-08-26 10:54:23 ----D---- C:\windows\SYSWOW64\en-US
2015-08-26 10:54:23 ----D---- C:\windows\system32\WinMetadata
2015-08-26 10:54:23 ----D---- C:\windows\system32\drivers\nl-NL
2015-08-26 10:54:23 ----D---- C:\windows\system32\drivers\en-US
2015-08-26 10:54:23 ----D---- C:\Program Files\Windows Defender
2015-08-26 10:54:23 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-26 10:54:12 ----D---- C:\windows\SystemResources
2015-08-26 10:54:12 ----D---- C:\windows\system32\Sysprep
2015-08-26 10:54:12 ----D---- C:\windows\servicing
2015-08-26 10:54:10 ----D---- C:\windows\Globalization
2015-08-26 10:54:00 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-26 10:53:57 ----D---- C:\Program Files\Lenovo
2015-08-26 10:53:57 ----D---- C:\Program Files\Common Files\microsoft shared
2015-08-26 10:53:55 ----RD---- C:\Program Files (x86)\Skype
2015-08-26 10:53:55 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-26 10:53:54 ----D---- C:\Program Files (x86)\Common Files
2015-08-26 10:38:29 ----SD---- C:\Users\Rita\AppData\Roaming\Microsoft
2015-08-26 10:38:27 ----D---- C:\Users\Rita\AppData\Roaming\LSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-08-06 65224]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-08-06 274808]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2014-05-07 39008]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-08-06 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-08-06 447944]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-08-06 28656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-08-06 90968]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-08-06 150672]
R2 hmpalert;HitmanPro.Alert Support Driver; C:\windows\System32\drivers\hmpalert.sys [2014-12-21 93144]
R3 ACPIVPC;@oem14.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-05-07 35600]
R3 AmUStor;@oem6.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 BCM43XX;@oem12.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl63a.sys [2013-08-07 7474864]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-08-27 3797424]
R3 IntcDAud;@oem39.inf,%IntcDAud.SvcDesc%;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 L1C;@oem13.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel® Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 RTL8192su;@net8192su64.inf,%RTL8192su.DeviceDesc.DispName%;Realtek RTL8192SU USB 2.0-netwerkadapter voor draadloos 802.11n-netwerk; C:\windows\system32\DRIVERS\RTL8192su.sys [2013-06-18 694856]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-14 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\windows\system32\DRIVERS\stwrt64.sys [2013-08-11 551936]
R3 SynTP;@oem8.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-08-14 527600]
R3 vm331avs;@oem10.inf,%USBCamera.DeviceDesc2%;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2013-08-30 1065472]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\windows\System32\drivers\BthEnum.sys [2015-06-10 53248]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-06-10 1201664]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-10 81920]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel® PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 64216]
S3 NETwNe64;@netwew00.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew00.sys [2013-07-08 3344352]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-06 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-12-21 1876816]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2015-08-27 330136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-08-18 230408]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\windows\SysWOW64\NLSSRV32.EXE [2013-08-18 69640]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-11 338944]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2014-05-07 68368]
R3 cphs;Intel® Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-08-27 291744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-23 43696]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS; C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-10-16 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-28 149160]

-----------------EOF-----------------
 

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Dag jopke,

 

Wat me eerst opvalt, is dat je zowel Avast als Windows Defender op je pc hebt staan.

Ga naar het Configuratiescherm/programma's verwijderen en verwijder daar Windows Defender.

Meerdere virusscanners maken je systeem namelijk traag en onstabiel.

Herstart hierna de pc en voer dan onderstaande uit:

 

 

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.


autoclean;
emptyfolderscheck;delete
emptyclsid;
startupall;
filesrcm;
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht als bijlage.


Zoek.exe logbestand plaatsen

  • Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Link naar reactie
Delen op andere sites
Jion Grootmeester

Jion

Geplaatst:
Geplaatst:

Als die uitgeschakeld staat, is het goed.

 

Het logje van Zoek ziet er ok uit. Blijkbaar heeft het systeemherstel je probleem goed opgelost. :)

 

Voer nog even dit uit:

 

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore


Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.