Tweet
Zoals reeds in dit topic beschreven even hier een topic gestart.
Kleine noot: Het blauwe scherm is inmiddels opgelost door een scan en quarantaine van MBAM, evenzo heb ik Rivatuner verwijderd.
MBAM logje:
Malwarebytes Anti-Malware
Scandatum: 14-4-2016
Scantijd: 18:32
Logboekbestand: MBAM2.txt
Beheerder: Ja
Versie: 2.2.0.1024
Malware-database: v2016.03.12.02
Rootkit-database: v2016.02.27.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Richard
Scantype: Aangepaste scan
Resultaat: Voltooid
Objecten gescand: 734148
Verstreken tijd: 2 u., 42 min, 50 sec
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 1
Trojan.Agent, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, 2276, Verwijder-bij-herstart, [7f636f17f2a786b07300a1a33ac9e41c]
Modules: 0
(Geen kwaadaardige items gedetecteerd)
Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)
Registerwaarden: 1
Trojan.Agent, HKU\S-1-5-21-4245876145-700408529-4176921286-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winlogon.exe, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, In quarantaine, [7f636f17f2a786b07300a1a33ac9e41c]
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
Mappen: 1
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Bestanden: 6
PUP.Optional.OpenCandy, C:\Users\Richard\Desktop\Ongebruikte bureaubladpictogrammen\MediaInfo_GUI_0.7.41_Windows_i386.exe, In quarantaine, [2db5c4c2465344f293dff335c54030d0],
Trojan.Agent.Trace, C:\Users\Richard\AppData\Roaming\Imminent\Path.dat, In quarantaine, [3ca63d49b8e1f6405db8132d1fe5eb15],
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs\13-04-2016, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs\14-04-2016, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Trojan.Agent, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, Verwijder-bij-herstart, [7f636f17f2a786b07300a1a33ac9e41c],
PUP.Optional.Conduit, C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\2mtsqzdn.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=D010716-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497")
, Vervangen,[9a480482debb5bdb873931074cb9dc24]
Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
(end)
ADWcleaner:
# AdwCleaner v5.110 - Logbestand aangemaakt 14/04/2016 op 21:51:10
# Laatste update 10/04/2016 door Xplode
# Database : 2016-04-10.2 [Lokaal]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
# Gebruikersnaam : Richard - BRUTUS
# Gestart vanuit : C:\Users\Richard\Desktop\adwcleaner_5.110.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
***** [ Services ] *****
***** [ Mappen ] *****
[-] Map verwijderd : C:\Users\Richard\AppData\Roaming\imminent
***** [ Bestanden ] *****
[-] Bestand verwijderd : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Bestand verwijderd : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] Bestand verwijderd : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Bestand verwijderd : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLLs ] *****
***** [ Snelkoppelingen ] *****
***** [ Geplande taken ] *****
***** [ Register ] *****
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{90C7D10E-CE9A-479B-A238-1A0F2396DE43}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9A98ADCC-C6A4-449E-A8B1-0363673D9F8A}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A0606860-51BE-4CF6-99C0-7CE5F78AC2D8}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A28F324B-DDC5-4999-AA25-D3A7E25EF7A8}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B86F6BEE-E7C0-4D03-8D52-5B4430CF6C88}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D6A9B8CC-192D-4F00-8BF8-AD8774011B07}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DBF9000E-F08C-4858-B769-C914A0FBB1D7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F0B801B1-A239-473B-B6B4-6AE3DB3ABBD3}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F13D3732-96BD-4108-AFEB-E85F68FF64DC}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FBA5FB05-58C3-45CB-8B0D-C2313EA048CF}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FFFCC670-5CD4-4C09-952C-F53F46C2B1A7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{007FC171-01AA-4B3A-B2DB-062DEE815A1E}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{04FE9017-F873-410E-871E-AB91661A4EF7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0512B874-44F6-48F1-AFB5-6DE808DDE230}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{05F983EC-637F-4133-B489-5E03914929D7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0B390488-D80F-4A68-8408-48DC199F0E97}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0F40E1E5-4F79-4988-B1A9-CC98794E6B55}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1F71651E-65D2-40BF-AC44-275D11927D99}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3E3ECA90-4D6A-4344-98C3-1BB95BF24038}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4DB2B5D9-4556-4340-B189-AD20110D953F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5711D95F-0984-4A22-8FF8-90A954958D0C}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{650DE05E-5CD3-44F8-BA20-A5BB91FC61E6}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7B63A013-DC2C-462E-9292-CAF8C867100F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7CA71B1E-A67D-4D54-A200-FA47605483A7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{87271B4E-1726-4CED-AF0D-BE675621FD29}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{895322C5-84A1-450C-8478-C57793CAE86F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8E9922F0-B775-45B8-B650-941BEA790EEB}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8F43B7D9-9D6B-4F48-BE18-4D787C795EEA}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{9A98ADCC-C6A4-449E-A8B1-0363673D9F8A}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A0606860-51BE-4CF6-99C0-7CE5F78AC2D8}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{B86F6BEE-E7C0-4D03-8D52-5B4430CF6C88}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{D6A9B8CC-192D-4F00-8BF8-AD8774011B07}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{DBF9000E-F08C-4858-B769-C914A0FBB1D7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{FFFCC670-5CD4-4C09-952C-F53F46C2B1A7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{007FC171-01AA-4B3A-B2DB-062DEE815A1E}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{04FE9017-F873-410E-871E-AB91661A4EF7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0512B874-44F6-48F1-AFB5-6DE808DDE230}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{05F983EC-637F-4133-B489-5E03914929D7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0B390488-D80F-4A68-8408-48DC199F0E97}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0F40E1E5-4F79-4988-B1A9-CC98794E6B55}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{1F71651E-65D2-40BF-AC44-275D11927D99}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{3E3ECA90-4D6A-4344-98C3-1BB95BF24038}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{4DB2B5D9-4556-4340-B189-AD20110D953F}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{5711D95F-0984-4A22-8FF8-90A954958D0C}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{650DE05E-5CD3-44F8-BA20-A5BB91FC61E6}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{7CA71B1E-A67D-4D54-A200-FA47605483A7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{87271B4E-1726-4CED-AF0D-BE675621FD29}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E9922F0-B775-45B8-B650-941BEA790EEB}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Lavasoft\Web Companion
***** [ Internetbrowsers ] *****
*************************
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7939 bytes] - [14/04/2016 21:51:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [7640 bytes] - [14/04/2016 21:48:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8085 bytes] ##########
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18231
Run by Richard at 21:55:33 on 2016-04-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8130.6183 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
C:\Program Files (x86)\MemInfo\meminfo.exe
C:\Users\Richard\Documents\LCDSirReal\LCDSirReal.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
mRun: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MemInfo.lnk - C:\Program Files (x86)\MemInfo\meminfo.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 192.168.2.254
TCP: Interfaces\{905BE4CB-006F-4513-A453-8CBC7C02BACF} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{C4E9C3ED-8A60-4F1C-AE1F-B825417CF7F2} : DHCPNameServer = 192.168.2.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-3-6 74544]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswvmm.sys [2015-3-6 287016]
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2016-4-12 22768]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2016-3-22 37144]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-3-6 1070904]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-3-6 463744]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2015-1-30 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2015-1-30 823848]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2015-1-30 56464]
R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\System32\drivers\ndisrd.sys [2015-3-6 32840]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2016-4-4 251392]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2016-4-12 936728]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2013-8-1 954648]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [2015-3-5 1656464]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-3-6 37656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2015-3-6 107792]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-3-6 165344]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-2-17 237096]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 GamingApp_Service;GamingApp_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2016-4-12 37328]
R2 MSI_LiveUpdate_Service;MSI Live Update Service;C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2016-4-12 1794000]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-3-9 118424]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-4-4 96256]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2016-4-12 395504]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2016-4-12 806128]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-3-6 25816]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-5-27 13536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-3-6 1135416]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-1-30 2271928]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2016-3-15 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\Windows\System32\drivers\dtliteusbbus.sys [2016-3-15 47672]
S3 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-4-12 416408]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2015-5-25 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2015-3-5 171632]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-10 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-3-6 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-3-7 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-6-14 805088]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2015-3-6 1528976]
S3 SaiH075C;SaiH075C;C:\Windows\System32\drivers\SaiH075C.sys [2015-3-7 326784]
S3 semav6msr64;semav6msr64;C:\Windows\System32\drivers\semav6msr64.sys [2016-4-12 21984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-3-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-3-7 30208]
S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-4-12 416408]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-3-6 1255736]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [UserChoice]
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-04-14 19:47:54 -------- d-----w- C:\AdwCleaner
2016-04-12 15:35:48 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\offreg.2888.dll
2016-04-12 15:13:31 2356592 ----a-w- C:\Windows\System32\WudfUpdate_01011.dll
2016-04-12 15:13:31 105472 ----a-w- C:\Windows\System32\drivers\UMDF\ASMBSW.dll
2016-04-12 15:01:40 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2016-04-12 15:01:27 806128 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2016-04-12 15:01:27 395504 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2016-04-12 15:01:27 22768 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2016-04-12 15:01:27 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2016-04-12 14:58:54 -------- d-----w- C:\SWTOOLS
2016-04-12 14:57:33 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\offreg.4952.dll
2016-04-12 14:53:05 -------- d-----w- C:\Users\Richard\AppData\Local\Intel
2016-04-12 14:52:26 21984 ----a-w- C:\Windows\System32\drivers\semav6msr64.sys
2016-04-12 14:52:13 -------- d-----w- C:\Program Files (x86)\Intel Driver Update Utility
2016-04-12 14:40:59 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\mpengine.dll
2016-04-12 14:01:05 4304128 ----a-w- C:\Windows\PE_File.dll
2016-04-12 13:40:11 -------- d-----w- C:\Users\Richard\AppData\Roaming\TeamViewer
2016-04-12 13:39:43 -------- d-----w- C:\Program Files (x86)\TeamViewer
2016-04-12 13:26:59 -------- d-----w- C:\Program Files (x86)\AMD
2016-04-12 13:15:24 -------- d-----w- C:\Program Files\MSI
2016-04-12 13:10:58 -------- d-----w- C:\Windows\SysWow64\LiveUpdate
2016-04-12 12:57:43 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-12 12:57:43 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-04-12 12:57:43 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-12 12:55:35 -------- d-----w- C:\Users\Richard\AppData\Roaming\HD Tune Pro
2016-04-12 12:55:15 -------- d-----w- C:\Program Files (x86)\HD Tune Pro
2016-04-11 16:19:56 -------- d-----w- C:\Microsoft Service
2016-04-10 13:43:24 -------- d-----w- C:\Users\Richard\AppData\Roaming\Microsoft Service
2016-04-10 13:41:21 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2016-04-08 19:16:21 -------- d-----w- C:\Users\Richard\AppData\Roaming\GrabIt
2016-04-05 20:07:01 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-04-05 20:07:01 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-04-05 20:07:01 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-04-05 20:07:01 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-04-05 20:07:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-04-05 16:53:28 -------- d-----w- C:\Program Files (x86)\Raptr Inc
2016-04-05 16:53:05 45848 ----a-w- C:\Windows\System32\vulkaninfo.exe
2016-04-05 16:53:05 42264 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2016-04-05 16:53:05 126232 ----a-w- C:\Windows\System32\vulkan-1.dll
2016-04-05 16:53:05 125720 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2016-04-05 16:52:53 -------- d-----w- C:\Program Files (x86)\VulkanRT
2016-04-04 04:16:28 110880 ----a-w- C:\Windows\System32\amdave64.dll
2016-04-04 04:16:26 102616 ----a-w- C:\Windows\SysWow64\amdave32.dll
2016-04-04 04:16:20 141792 ----a-w- C:\Windows\System32\amdhcp64.dll
2016-04-04 04:16:18 128384 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2016-04-04 04:16:16 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2016-04-04 04:16:16 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2016-04-04 04:16:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2016-04-04 04:16:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2016-04-04 04:16:02 133528 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2016-04-04 04:15:58 120656 ----a-w- C:\Windows\System32\atiu9p64.dll
2016-04-04 04:15:56 102616 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2016-04-04 04:15:50 1245416 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2016-04-04 04:15:40 9583808 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2016-04-04 04:15:32 8585696 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2016-04-04 04:15:24 7392480 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2016-04-04 04:15:16 9526616 ----a-w- C:\Windows\System32\atiumd6a.dll
2016-04-04 04:15:12 8843208 ----a-w- C:\Windows\System32\atiumd64.dll
2016-04-04 04:12:54 296648 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2016-04-04 04:09:38 26345472 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2016-04-04 03:32:22 701440 ----a-w- C:\Windows\System32\amdlvr64.dll
2016-04-04 03:30:40 580096 ----a-w- C:\Windows\SysWow64\amdlvr32.dll
2016-04-04 03:29:04 127488 ----a-w- C:\Windows\System32\mantle64.dll
2016-04-04 03:28:42 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2016-04-04 03:28:14 6884864 ----a-w- C:\Windows\System32\amdmantle64.dll
2016-04-04 03:27:14 235008 ----a-w- C:\Windows\System32\clinfo.exe
2016-04-04 03:26:58 48211968 ----a-w- C:\Windows\System32\amdocl64.dll
2016-04-04 03:23:56 40126976 ----a-w- C:\Windows\SysWow64\amdocl.dll
2016-04-04 03:22:02 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2016-04-04 03:21:18 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2016-04-04 03:21:16 59392 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-04-04 03:20:08 103424 ----a-w- C:\Windows\System32\DelayAPO.dll
2016-04-04 03:15:54 26887168 ----a-w- C:\Windows\System32\amdocl12cl64.dll
2016-04-04 03:15:32 21730304 ----a-w- C:\Windows\SysWow64\amdocl12cl.dll
2016-04-04 03:11:16 6956032 ----a-w- C:\Windows\System32\amdvlk64.dll
2016-04-04 03:02:48 5398016 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2016-04-04 03:00:34 5420032 ----a-w- C:\Windows\SysWow64\amdvlk32.dll
2016-04-04 02:47:06 30377984 ----a-w- C:\Windows\System32\atio6axx.dll
2016-04-04 02:41:24 97280 ----a-w- C:\Windows\System32\mantleaxl64.dll
2016-04-04 02:41:14 89600 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2016-04-04 02:25:00 25069056 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2016-04-04 02:14:16 367104 ----a-w- C:\Windows\System32\atiapfxx.exe
2016-04-04 02:14:10 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2016-04-04 02:14:08 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2016-04-04 02:14:00 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2016-04-04 02:13:58 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2016-04-04 02:13:44 15711744 ----a-w- C:\Windows\System32\aticaldd64.dll
2016-04-04 02:10:42 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2016-04-04 01:57:42 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2016-04-04 01:57:36 224256 ----a-w- C:\Windows\System32\dgtrayicon.exe
2016-04-04 01:57:28 209920 ----a-w- C:\Windows\System32\GameManager64.dll
2016-04-04 01:57:24 186368 ----a-w- C:\Windows\SysWow64\GameManager32.dll
2016-04-04 01:57:20 162304 ----a-w- C:\Windows\System32\atieah64.exe
2016-04-04 01:57:18 145408 ----a-w- C:\Windows\SysWow64\atieah32.exe
2016-04-04 01:57:14 204800 ----a-w- C:\Windows\System32\amdgfxinfo64.dll
2016-04-04 01:57:10 189952 ----a-w- C:\Windows\SysWow64\amdgfxinfo32.dll
2016-04-04 01:57:06 78336 ----a-w- C:\Windows\System32\atimuixx.dll
2016-04-04 01:57:02 564736 ----a-w- C:\Windows\System32\atieclxx.exe
2016-04-04 01:56:14 251392 ----a-w- C:\Windows\System32\atiesrxx.exe
2016-04-04 01:55:30 50688 ----a-w- C:\Windows\System32\amdmmcl6.dll
2016-04-04 01:55:28 39424 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2016-04-04 01:55:06 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2016-04-04 01:34:42 89088 ----a-w- C:\Windows\System32\atisamu64.dll
2016-04-04 01:34:38 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2016-04-04 01:32:50 944640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2016-04-04 01:32:34 75776 ----a-w- C:\Windows\System32\atig6pxx.dll
2016-04-04 01:32:32 70144 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2016-04-04 01:32:32 70144 ----a-w- C:\Windows\System32\atiglpxx.dll
2016-04-04 01:32:28 157696 ----a-w- C:\Windows\System32\atig6txx.dll
2016-04-04 01:32:10 142336 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2016-04-04 01:31:54 676864 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2016-04-04 01:29:30 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2016-04-04 01:28:48 195072 ----a-w- C:\Windows\System32\hsa-thunk64.dll
2016-04-04 01:28:42 174592 ----a-w- C:\Windows\SysWow64\hsa-thunk.dll
2016-03-25 16:18:47 -------- d-----w- C:\Users\Richard\.oracle_jre_usage
2016-03-25 08:45:07 212992 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\NLAIS 737 'BABY BOEINGS'\texopt.exe
2016-03-25 08:43:18 -------- d-----w- C:\Program Files (x86)\NL2000
2016-03-22 21:22:19 76800 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\FXAA DX9 dll\d3d9.dll
2016-03-22 21:22:19 400384 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\SMAA dlls\dxgi.dll
2016-03-22 21:22:19 400384 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\dxgi.dll
2016-03-22 21:22:19 170496 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\SMAA dlls\d3d9.dll
2016-03-22 21:22:19 170496 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\d3d9.dll
2016-03-22 20:53:02 37144 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2016-03-21 13:59:52 865280 ----a-w- C:\Windows\System32\coinst_16.15.dll
2016-03-21 12:53:45 -------- d-----w- C:\Windows\SysWow64\st
2016-03-19 10:08:34 70144 ----a-w- C:\Windows\System32\appinfo.dll
2016-03-19 10:08:34 504320 ----a-w- C:\Windows\System32\msihnd.dll
2016-03-19 10:08:34 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2016-03-19 10:08:34 3243008 ----a-w- C:\Windows\System32\msi.dll
2016-03-19 10:08:34 25088 ----a-w- C:\Windows\SysWow64\msimsg.dll
2016-03-19 10:08:34 25088 ----a-w- C:\Windows\System32\msimsg.dll
2016-03-19 10:08:34 2364928 ----a-w- C:\Windows\SysWow64\msi.dll
2016-03-19 10:08:34 1940992 ----a-w- C:\Windows\System32\authui.dll
2016-03-19 10:08:34 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2016-03-19 10:08:34 114624 ----a-w- C:\Windows\System32\consent.exe
2016-03-19 10:08:31 511488 ----a-w- C:\Windows\System32\rpcss.dll
2016-03-19 10:08:30 73664 ----a-w- C:\Windows\System32\drivers\disk.sys
2016-03-19 10:07:53 8192 ----a-w- C:\Windows\System32\drivers\nl-NL\tpm.sys.mui
2016-03-19 10:07:53 451080 ----a-w- C:\Windows\System32\fveapi.dll
2016-03-19 10:07:53 312600 ----a-w- C:\Windows\System32\wbem\Win32_Tpm.dll
2016-03-19 10:07:53 257864 ----a-w- C:\Windows\SysWow64\wbem\Win32_Tpm.dll
2016-03-19 10:07:53 20480 ----a-w- C:\Windows\System32\tbs.dll
2016-03-19 10:07:53 15360 ----a-w- C:\Windows\SysWow64\tbs.dll
2016-03-19 10:07:53 109568 ----a-w- C:\Windows\System32\fveapibase.dll
2016-03-18 13:45:25 -------- d-----w- C:\Users\Richard\AppData\Local\SteelIXB
2016-03-18 13:32:18 -------- d-----w- C:\Users\Richard\.thumbnails
2016-03-18 13:30:32 -------- d-----w- C:\Users\Richard\AppData\Local\gtk-2.0
2016-03-18 13:27:21 -------- d-----w- C:\Users\Richard\AppData\Local\fontconfig
2016-03-18 13:27:20 -------- d-----w- C:\Users\Richard\AppData\Local\gegl-0.2
2016-03-18 13:27:20 -------- d-----w- C:\Users\Richard\.gimp-2.8
2016-03-18 13:25:05 -------- d-----w- C:\Program Files\GIMP 2
2016-03-18 13:15:13 53248 ------w- C:\Windows\SysWow64\mwgfxvb.dll
2016-03-18 13:15:13 49152 ------w- C:\Windows\SysWow64\mwddsvb.dll
2016-03-18 13:15:13 28672 ------w- C:\Windows\SysWow64\mwgfxcopy.exe
2016-03-18 13:15:13 256512 ------w- C:\Windows\SysWow64\mwdlg.dll
2016-03-18 13:15:13 237056 ------w- C:\Windows\SysWow64\mwgfx24.dll
2016-03-18 13:15:13 191488 ------w- C:\Windows\SysWow64\mwgfx.dll
2016-03-18 13:15:13 104960 ------w- C:\Windows\SysWow64\mwdds.dll
2016-03-18 13:15:12 56832 ------w- C:\Windows\SysWow64\mwace.dll
2016-03-18 13:15:12 27136 ------w- C:\Windows\SysWow64\mwacevb.dll
.
==================== Find3M ====================
.
2016-04-14 19:45:31 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-04-12 15:27:37 52200 ----a-w- C:\Windows\System32\drivers\SaiBus.sys
2016-04-12 15:27:37 24680 ----a-w- C:\Windows\System32\drivers\SaiMini.sys
2016-04-12 14:07:56 4255056 ----a-w- C:\Windows\PE_Rom.dll
2016-04-12 13:27:24 45848 ----a-w- C:\Windows\System32\vulkaninfo-1-1-0-3-1.exe
2016-04-12 13:27:24 42264 ----a-w- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-1.exe
2016-04-12 13:21:46 944640 ----a-w- C:\Windows\SysWow64\atiadlxx.dll
2016-04-12 13:21:46 1276416 ----a-w- C:\Windows\System32\atiadlxx.dll
2016-04-12 13:21:45 152568 ----a-w- C:\Windows\System32\atiuxp64.dll
2016-04-12 13:21:45 1517360 ----a-w- C:\Windows\System32\aticfx64.dll
2016-04-12 13:21:45 11625784 ----a-w- C:\Windows\System32\atidxx64.dll
2016-04-12 13:15:08 1692840 ----a-w- C:\Windows\SysWow64\muachost.exe
2016-04-06 12:19:02 56464 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2016-04-06 12:18:56 823848 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2016-04-06 12:18:50 31648 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2016-04-06 12:17:08 51800 ----a-w- C:\Windows\System32\cmdcsr.dll
2016-04-06 12:16:56 461648 ----a-w- C:\Windows\SysWow64\guard32.dll
2016-04-06 12:16:50 596232 ----a-w- C:\Windows\System32\guard64.dll
2016-04-06 12:14:56 365752 ----a-w- C:\Windows\System32\cmdvrt64.dll
2016-04-06 12:14:01 51896 ----a-w- C:\Windows\System32\cmdkbd64.dll
2016-04-06 12:12:07 296120 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2016-04-06 12:11:12 46776 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2016-03-30 19:54:00 301728 ------w- C:\Windows\System32\MpSigStub.exe
2016-03-18 13:14:41 464168 ----a-w- C:\Windows\SysWow64\vsprint8.ocx
2016-03-18 13:14:39 574776 ----a-w- C:\Windows\SysWow64\vsflex8l.ocx
2016-03-18 13:14:38 224016 ----a-w- C:\Windows\SysWow64\TABCTL32.OCX
2016-03-18 13:14:32 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
2016-03-18 13:14:30 1081616 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2016-03-18 13:14:29 152848 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX
2016-03-18 13:14:27 349752 ----a-w- C:\Windows\SysWow64\c1sizer.ocx
2016-03-18 13:14:25 217088 ----a-w- C:\Windows\SysWow64\SAWZipNG.dll
2016-03-15 11:58:53 47672 ----a-w- C:\Windows\System32\drivers\dtliteusbbus.sys
2016-03-15 11:57:29 30264 ----a-w- C:\Windows\System32\drivers\dtlitescsibus.sys
2016-03-15 11:57:26 394296 ----a-w- C:\Windows\System32\drivers\sptd.sys
2016-03-15 11:19:04 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-15 11:19:04 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-10 08:34:08 107792 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2016-03-10 08:34:08 1070904 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2016-03-02 23:22:52 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-03-02 23:22:52 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2016-03-02 23:22:52 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-03-02 23:22:52 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-03-02 23:22:52 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2016-03-02 23:22:52 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-03-02 23:22:52 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-03-02 23:22:52 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-03-02 23:22:52 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2016-02-17 08:52:29 287016 ----a-w- C:\Windows\System32\drivers\aswvmm.sys
2016-02-17 08:51:44 74544 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2016-02-17 08:51:44 165344 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2016-02-17 08:51:43 37656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2016-02-17 08:51:42 103064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2016-02-17 08:51:38 52184 ----a-w- C:\Windows\avastSS.scr
2016-02-15 23:27:00 125720 ----a-w- C:\Windows\SysWow64\vulkan-1-1-0-3-1.dll
2016-02-15 23:26:22 126232 ----a-w- C:\Windows\System32\vulkan-1-1-0-3-1.dll
2016-02-11 18:56:28 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll
2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll
2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll
2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-03-07 09:03:58 3109520 --sha-r- C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03:58 98960 --sha-r- C:\Windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03:58 550032 --sha-r- C:\Windows\SysWOW64\avformat-lav-55.dll
2009-09-27 07:39:26 415744 --sh--w- C:\Windows\SysWOW64\avisynth.dll
2014-03-07 09:03:58 59536 --sha-r- C:\Windows\SysWOW64\avresample-lav-1.dll
2005-07-14 10:31:20 32256 --sh--w- C:\Windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03:58 181392 --sha-r- C:\Windows\SysWOW64\avutil-lav-52.dll
2004-02-22 08:11:08 764416 --sh--w- C:\Windows\SysWOW64\devil.dll
2014-03-07 09:03:58 122512 --sha-r- C:\Windows\SysWOW64\HLaudio.dll
2014-03-07 09:03:58 203408 --sha-r- C:\Windows\SysWOW64\HLsplit.dll
2014-03-07 09:03:58 313520 --sha-r- C:\Windows\SysWOW64\HLvideo.dll
2004-01-24 22:00:00 70656 --sh--w- C:\Windows\SysWOW64\i420vfw.dll
2014-03-07 09:03:58 166544 --sha-r- C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03:58 109712 --sha-r- C:\Windows\SysWOW64\libbluray.dll
2011-02-11 08:26:20 112128 --sha-r- C:\Windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03:58 118416 --sha-r- C:\Windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54:00 188416 --sha-r- C:\Windows\SysWOW64\winDCE32.dll
2004-01-24 22:00:00 70656 --sh--w- C:\Windows\SysWOW64\yv12vfw.dll
.
============= FINISH: 21:58:48,86 ===============
GMER:
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-04-14 22:00:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AACS-00G8B0 rev.05.04C05 465,76GB
Running: gmu93o3d.exe; Driver: C:\Users\Richard\AppData\Local\Temp\pwldqpow.sys
---- Threads - GMER 2.2 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6544] 000007fefbb72af8
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6552] 000007feec878f70
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6732] 000007fef4785124
---- EOF - GMER 2.2 ----
- Richard
Kleine noot: Het blauwe scherm is inmiddels opgelost door een scan en quarantaine van MBAM, evenzo heb ik Rivatuner verwijderd.
MBAM logje:
Malwarebytes Anti-Malware
Scandatum: 14-4-2016
Scantijd: 18:32
Logboekbestand: MBAM2.txt
Beheerder: Ja
Versie: 2.2.0.1024
Malware-database: v2016.03.12.02
Rootkit-database: v2016.02.27.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Richard
Scantype: Aangepaste scan
Resultaat: Voltooid
Objecten gescand: 734148
Verstreken tijd: 2 u., 42 min, 50 sec
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 1
Trojan.Agent, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, 2276, Verwijder-bij-herstart, [7f636f17f2a786b07300a1a33ac9e41c]
Modules: 0
(Geen kwaadaardige items gedetecteerd)
Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)
Registerwaarden: 1
Trojan.Agent, HKU\S-1-5-21-4245876145-700408529-4176921286-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|winlogon.exe, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, In quarantaine, [7f636f17f2a786b07300a1a33ac9e41c]
Registerdata: 0
(Geen kwaadaardige items gedetecteerd)
Mappen: 1
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Bestanden: 6
PUP.Optional.OpenCandy, C:\Users\Richard\Desktop\Ongebruikte bureaubladpictogrammen\MediaInfo_GUI_0.7.41_Windows_i386.exe, In quarantaine, [2db5c4c2465344f293dff335c54030d0],
Trojan.Agent.Trace, C:\Users\Richard\AppData\Roaming\Imminent\Path.dat, In quarantaine, [3ca63d49b8e1f6405db8132d1fe5eb15],
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs\13-04-2016, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Trojan.StolenData, C:\Users\Richard\AppData\Roaming\Imminent\Logs\14-04-2016, In quarantaine, [3aa81b6bd0c93105f689173c70947f81],
Trojan.Agent, C:\Users\Richard\AppData\Roaming\Microsoft Service\winlogon.exe, Verwijder-bij-herstart, [7f636f17f2a786b07300a1a33ac9e41c],
PUP.Optional.Conduit, C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\2mtsqzdn.default\prefs.js, Goed: (), Slecht: (user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=D010716-AD42D1DB7E9&form=CONMHP&conlogo=CT3334497")
, Vervangen,[9a480482debb5bdb873931074cb9dc24]Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)
(end)
ADWcleaner:
# AdwCleaner v5.110 - Logbestand aangemaakt 14/04/2016 op 21:51:10
# Laatste update 10/04/2016 door Xplode
# Database : 2016-04-10.2 [Lokaal]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (X64)
# Gebruikersnaam : Richard - BRUTUS
# Gestart vanuit : C:\Users\Richard\Desktop\adwcleaner_5.110.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
***** [ Services ] *****
***** [ Mappen ] *****
[-] Map verwijderd : C:\Users\Richard\AppData\Roaming\imminent
***** [ Bestanden ] *****
[-] Bestand verwijderd : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Bestand verwijderd : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] Bestand verwijderd : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Bestand verwijderd : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLLs ] *****
***** [ Snelkoppelingen ] *****
***** [ Geplande taken ] *****
***** [ Register ] *****
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{90C7D10E-CE9A-479B-A238-1A0F2396DE43}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{9A98ADCC-C6A4-449E-A8B1-0363673D9F8A}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A0606860-51BE-4CF6-99C0-7CE5F78AC2D8}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A28F324B-DDC5-4999-AA25-D3A7E25EF7A8}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{B86F6BEE-E7C0-4D03-8D52-5B4430CF6C88}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{D6A9B8CC-192D-4F00-8BF8-AD8774011B07}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DBF9000E-F08C-4858-B769-C914A0FBB1D7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F0B801B1-A239-473B-B6B4-6AE3DB3ABBD3}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F13D3732-96BD-4108-AFEB-E85F68FF64DC}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FBA5FB05-58C3-45CB-8B0D-C2313EA048CF}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{FFFCC670-5CD4-4C09-952C-F53F46C2B1A7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{007FC171-01AA-4B3A-B2DB-062DEE815A1E}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{04FE9017-F873-410E-871E-AB91661A4EF7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0512B874-44F6-48F1-AFB5-6DE808DDE230}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{05F983EC-637F-4133-B489-5E03914929D7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0B390488-D80F-4A68-8408-48DC199F0E97}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{0F40E1E5-4F79-4988-B1A9-CC98794E6B55}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1F71651E-65D2-40BF-AC44-275D11927D99}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{3E3ECA90-4D6A-4344-98C3-1BB95BF24038}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{4DB2B5D9-4556-4340-B189-AD20110D953F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{5711D95F-0984-4A22-8FF8-90A954958D0C}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{650DE05E-5CD3-44F8-BA20-A5BB91FC61E6}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7B63A013-DC2C-462E-9292-CAF8C867100F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{7CA71B1E-A67D-4D54-A200-FA47605483A7}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{87271B4E-1726-4CED-AF0D-BE675621FD29}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{895322C5-84A1-450C-8478-C57793CAE86F}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8E9922F0-B775-45B8-B650-941BEA790EEB}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\CLSID\{8F43B7D9-9D6B-4F48-BE18-4D787C795EEA}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{93A22E7A-5091-45EF-BA61-6DA26156A5D0}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{9A98ADCC-C6A4-449E-A8B1-0363673D9F8A}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A0606860-51BE-4CF6-99C0-7CE5F78AC2D8}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{A8B25C0E-0894-4531-B668-AB1599FAF7F6}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{B86F6BEE-E7C0-4D03-8D52-5B4430CF6C88}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{C2D6D98F-09CA-4524-AF64-1049B5665C9C}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{D6A9B8CC-192D-4F00-8BF8-AD8774011B07}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{DBF9000E-F08C-4858-B769-C914A0FBB1D7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{F6E8FC04-8B05-48B1-9399-848229502A06}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{FFFCC670-5CD4-4C09-952C-F53F46C2B1A7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{007FC171-01AA-4B3A-B2DB-062DEE815A1E}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0180E49C-13BF-46DB-9AFD-9F52292E1C22}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{04FE9017-F873-410E-871E-AB91661A4EF7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0512B874-44F6-48F1-AFB5-6DE808DDE230}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{05F983EC-637F-4133-B489-5E03914929D7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0B390488-D80F-4A68-8408-48DC199F0E97}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{0F40E1E5-4F79-4988-B1A9-CC98794E6B55}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{1F71651E-65D2-40BF-AC44-275D11927D99}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{3E3ECA90-4D6A-4344-98C3-1BB95BF24038}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{49590BC9-6DD5-4E44-AD4C-E8FCB7131EC4}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{4DB2B5D9-4556-4340-B189-AD20110D953F}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{5711D95F-0984-4A22-8FF8-90A954958D0C}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{60765CF5-01C2-4EE7-A44B-C791CF25FEA0}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{650DE05E-5CD3-44F8-BA20-A5BB91FC61E6}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{7CA71B1E-A67D-4D54-A200-FA47605483A7}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{87271B4E-1726-4CED-AF0D-BE675621FD29}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}
[-] Sleutel verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E9922F0-B775-45B8-B650-941BEA790EEB}
[-] Sleutel verwijderd : HKLM\SOFTWARE\Lavasoft\Web Companion
***** [ Internetbrowsers ] *****
*************************
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [7939 bytes] - [14/04/2016 21:51:10]
C:\AdwCleaner\AdwCleaner[S1].txt - [7640 bytes] - [14/04/2016 21:48:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8085 bytes] ##########
DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18231
Run by Richard at 21:55:33 on 2016-04-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8130.6183 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Comodo Defense+ *Enabled/Updated* {6BAD9487-8DE8-D130-293E-C6A728B4104F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall *Enabled* {E8F7F446-E1BD-DFE6-38D1-54E0ADE01D89}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
C:\Program Files (x86)\MemInfo\meminfo.exe
C:\Users\Richard\Documents\LCDSirReal\LCDSirReal.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
mRun: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
StartupFolder: C:\Users\Richard\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MemInfo.lnk - C:\Program Files (x86)\MemInfo\meminfo.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 192.168.2.254
TCP: Interfaces\{905BE4CB-006F-4513-A453-8CBC7C02BACF} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{C4E9C3ED-8A60-4F1C-AE1F-B825417CF7F2} : DHCPNameServer = 192.168.2.254
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
x64-Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
x64-Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2015-3-6 74544]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswvmm.sys [2015-3-6 287016]
R0 iusb3hcs;Intel(R) USB 3.0 hostcontrollerswitch-stuurprogramma;C:\Windows\System32\drivers\iusb3hcs.sys [2016-4-12 22768]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2016-3-22 37144]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2015-3-6 1070904]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2015-3-6 463744]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2015-1-30 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2015-1-30 823848]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2015-1-30 56464]
R1 ndisrd;WinpkFilter LightWeight Filter;C:\Windows\System32\drivers\ndisrd.sys [2015-3-6 32840]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2016-4-4 251392]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2016-4-12 936728]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2013-8-1 954648]
R2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.04.01\AsusFanControlService.exe [2015-3-5 1656464]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2015-3-6 37656]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswmonflt.sys [2015-3-6 107792]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2015-3-6 165344]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-2-17 237096]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 GamingApp_Service;GamingApp_Service;C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2016-4-12 37328]
R2 MSI_LiveUpdate_Service;MSI Live Update Service;C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2016-4-12 1794000]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 SystemUsageReportSvc_WILLAMETTE;Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE;C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-3-9 118424]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2016-4-4 96256]
R3 iusb3hub;Intel(R) USB 3.0 hub-stuurprogramma;C:\Windows\System32\drivers\iusb3hub.sys [2016-4-12 395504]
R3 iusb3xhc;Intel(R) USB 3.0 uitbreidbare hostcontroller-stuurprogramma;C:\Windows\System32\drivers\iusb3xhc.sys [2016-4-12 806128]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-3-6 25816]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-5-27 13536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-5 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-5 125112]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-3-6 1135416]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-1-30 2271928]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\Windows\System32\drivers\dtlitescsibus.sys [2016-3-15 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\Windows\System32\drivers\dtliteusbbus.sys [2016-3-15 47672]
S3 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-4-12 416408]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2015-5-25 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2015-3-5 171632]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-3-10 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-3-6 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-3-7 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-6-14 805088]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTWlanU.sys [2015-3-6 1528976]
S3 SaiH075C;SaiH075C;C:\Windows\System32\drivers\SaiH075C.sys [2015-3-7 326784]
S3 semav6msr64;semav6msr64;C:\Windows\System32\drivers\semav6msr64.sys [2016-4-12 21984]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-3-7 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-3-7 30208]
S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-4-12 416408]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-3-6 1255736]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
.
=============== File Associations ===============
.
FileExt: .reg: regfile=regedit.exe "%1" [UserChoice]
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-04-14 19:47:54 -------- d-----w- C:\AdwCleaner
2016-04-12 15:35:48 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\offreg.2888.dll
2016-04-12 15:13:31 2356592 ----a-w- C:\Windows\System32\WudfUpdate_01011.dll
2016-04-12 15:13:31 105472 ----a-w- C:\Windows\System32\drivers\UMDF\ASMBSW.dll
2016-04-12 15:01:40 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2016-04-12 15:01:27 806128 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2016-04-12 15:01:27 395504 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2016-04-12 15:01:27 22768 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2016-04-12 15:01:27 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll
2016-04-12 14:58:54 -------- d-----w- C:\SWTOOLS
2016-04-12 14:57:33 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\offreg.4952.dll
2016-04-12 14:53:05 -------- d-----w- C:\Users\Richard\AppData\Local\Intel
2016-04-12 14:52:26 21984 ----a-w- C:\Windows\System32\drivers\semav6msr64.sys
2016-04-12 14:52:13 -------- d-----w- C:\Program Files (x86)\Intel Driver Update Utility
2016-04-12 14:40:59 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{44F6150D-D105-4367-BE79-5970A1B1B71A}\mpengine.dll
2016-04-12 14:01:05 4304128 ----a-w- C:\Windows\PE_File.dll
2016-04-12 13:40:11 -------- d-----w- C:\Users\Richard\AppData\Roaming\TeamViewer
2016-04-12 13:39:43 -------- d-----w- C:\Program Files (x86)\TeamViewer
2016-04-12 13:26:59 -------- d-----w- C:\Program Files (x86)\AMD
2016-04-12 13:15:24 -------- d-----w- C:\Program Files\MSI
2016-04-12 13:10:58 -------- d-----w- C:\Windows\SysWow64\LiveUpdate
2016-04-12 12:57:43 38120 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2016-04-12 12:57:43 1386496 ----a-w- C:\Windows\System32\appraiser.dll
2016-04-12 12:57:43 1169408 ----a-w- C:\Windows\System32\aeinv.dll
2016-04-12 12:55:35 -------- d-----w- C:\Users\Richard\AppData\Roaming\HD Tune Pro
2016-04-12 12:55:15 -------- d-----w- C:\Program Files (x86)\HD Tune Pro
2016-04-11 16:19:56 -------- d-----w- C:\Microsoft Service
2016-04-10 13:43:24 -------- d-----w- C:\Users\Richard\AppData\Roaming\Microsoft Service
2016-04-10 13:41:21 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2016-04-08 19:16:21 -------- d-----w- C:\Users\Richard\AppData\Roaming\GrabIt
2016-04-05 20:07:01 76800 ----a-w- C:\Windows\System32\acmigration.dll
2016-04-05 20:07:01 698368 ----a-w- C:\Windows\System32\generaltel.dll
2016-04-05 20:07:01 499200 ----a-w- C:\Windows\System32\devinv.dll
2016-04-05 20:07:01 279040 ----a-w- C:\Windows\System32\invagent.dll
2016-04-05 20:07:01 215040 ----a-w- C:\Windows\System32\aepic.dll
2016-04-05 16:53:28 -------- d-----w- C:\Program Files (x86)\Raptr Inc
2016-04-05 16:53:05 45848 ----a-w- C:\Windows\System32\vulkaninfo.exe
2016-04-05 16:53:05 42264 ----a-w- C:\Windows\SysWow64\vulkaninfo.exe
2016-04-05 16:53:05 126232 ----a-w- C:\Windows\System32\vulkan-1.dll
2016-04-05 16:53:05 125720 ----a-w- C:\Windows\SysWow64\vulkan-1.dll
2016-04-05 16:52:53 -------- d-----w- C:\Program Files (x86)\VulkanRT
2016-04-04 04:16:28 110880 ----a-w- C:\Windows\System32\amdave64.dll
2016-04-04 04:16:26 102616 ----a-w- C:\Windows\SysWow64\amdave32.dll
2016-04-04 04:16:20 141792 ----a-w- C:\Windows\System32\amdhcp64.dll
2016-04-04 04:16:18 128384 ----a-w- C:\Windows\SysWow64\amdhcp32.dll
2016-04-04 04:16:16 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2016-04-04 04:16:16 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2016-04-04 04:16:14 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2016-04-04 04:16:14 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2016-04-04 04:16:02 133528 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2016-04-04 04:15:58 120656 ----a-w- C:\Windows\System32\atiu9p64.dll
2016-04-04 04:15:56 102616 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2016-04-04 04:15:50 1245416 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2016-04-04 04:15:40 9583808 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2016-04-04 04:15:32 8585696 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2016-04-04 04:15:24 7392480 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2016-04-04 04:15:16 9526616 ----a-w- C:\Windows\System32\atiumd6a.dll
2016-04-04 04:15:12 8843208 ----a-w- C:\Windows\System32\atiumd64.dll
2016-04-04 04:12:54 296648 ----a-w- C:\Windows\System32\drivers\amdacpksd.sys
2016-04-04 04:09:38 26345472 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2016-04-04 03:32:22 701440 ----a-w- C:\Windows\System32\amdlvr64.dll
2016-04-04 03:30:40 580096 ----a-w- C:\Windows\SysWow64\amdlvr32.dll
2016-04-04 03:29:04 127488 ----a-w- C:\Windows\System32\mantle64.dll
2016-04-04 03:28:42 113664 ----a-w- C:\Windows\SysWow64\mantle32.dll
2016-04-04 03:28:14 6884864 ----a-w- C:\Windows\System32\amdmantle64.dll
2016-04-04 03:27:14 235008 ----a-w- C:\Windows\System32\clinfo.exe
2016-04-04 03:26:58 48211968 ----a-w- C:\Windows\System32\amdocl64.dll
2016-04-04 03:23:56 40126976 ----a-w- C:\Windows\SysWow64\amdocl.dll
2016-04-04 03:22:02 96256 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2016-04-04 03:21:18 65024 ----a-w- C:\Windows\System32\OpenCL.dll
2016-04-04 03:21:16 59392 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2016-04-04 03:20:08 103424 ----a-w- C:\Windows\System32\DelayAPO.dll
2016-04-04 03:15:54 26887168 ----a-w- C:\Windows\System32\amdocl12cl64.dll
2016-04-04 03:15:32 21730304 ----a-w- C:\Windows\SysWow64\amdocl12cl.dll
2016-04-04 03:11:16 6956032 ----a-w- C:\Windows\System32\amdvlk64.dll
2016-04-04 03:02:48 5398016 ----a-w- C:\Windows\SysWow64\amdmantle32.dll
2016-04-04 03:00:34 5420032 ----a-w- C:\Windows\SysWow64\amdvlk32.dll
2016-04-04 02:47:06 30377984 ----a-w- C:\Windows\System32\atio6axx.dll
2016-04-04 02:41:24 97280 ----a-w- C:\Windows\System32\mantleaxl64.dll
2016-04-04 02:41:14 89600 ----a-w- C:\Windows\SysWow64\mantleaxl32.dll
2016-04-04 02:25:00 25069056 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2016-04-04 02:14:16 367104 ----a-w- C:\Windows\System32\atiapfxx.exe
2016-04-04 02:14:10 62464 ----a-w- C:\Windows\System32\aticalrt64.dll
2016-04-04 02:14:08 52224 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2016-04-04 02:14:00 55808 ----a-w- C:\Windows\System32\aticalcl64.dll
2016-04-04 02:13:58 49152 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2016-04-04 02:13:44 15711744 ----a-w- C:\Windows\System32\aticaldd64.dll
2016-04-04 02:10:42 14302208 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2016-04-04 01:57:42 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2016-04-04 01:57:36 224256 ----a-w- C:\Windows\System32\dgtrayicon.exe
2016-04-04 01:57:28 209920 ----a-w- C:\Windows\System32\GameManager64.dll
2016-04-04 01:57:24 186368 ----a-w- C:\Windows\SysWow64\GameManager32.dll
2016-04-04 01:57:20 162304 ----a-w- C:\Windows\System32\atieah64.exe
2016-04-04 01:57:18 145408 ----a-w- C:\Windows\SysWow64\atieah32.exe
2016-04-04 01:57:14 204800 ----a-w- C:\Windows\System32\amdgfxinfo64.dll
2016-04-04 01:57:10 189952 ----a-w- C:\Windows\SysWow64\amdgfxinfo32.dll
2016-04-04 01:57:06 78336 ----a-w- C:\Windows\System32\atimuixx.dll
2016-04-04 01:57:02 564736 ----a-w- C:\Windows\System32\atieclxx.exe
2016-04-04 01:56:14 251392 ----a-w- C:\Windows\System32\atiesrxx.exe
2016-04-04 01:55:30 50688 ----a-w- C:\Windows\System32\amdmmcl6.dll
2016-04-04 01:55:28 39424 ----a-w- C:\Windows\SysWow64\amdmmcl.dll
2016-04-04 01:55:06 190976 ----a-w- C:\Windows\System32\atitmm64.dll
2016-04-04 01:34:42 89088 ----a-w- C:\Windows\System32\atisamu64.dll
2016-04-04 01:34:38 80896 ----a-w- C:\Windows\SysWow64\atisamu32.dll
2016-04-04 01:32:50 944640 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2016-04-04 01:32:34 75776 ----a-w- C:\Windows\System32\atig6pxx.dll
2016-04-04 01:32:32 70144 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2016-04-04 01:32:32 70144 ----a-w- C:\Windows\System32\atiglpxx.dll
2016-04-04 01:32:28 157696 ----a-w- C:\Windows\System32\atig6txx.dll
2016-04-04 01:32:10 142336 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2016-04-04 01:31:54 676864 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2016-04-04 01:29:30 43520 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2016-04-04 01:28:48 195072 ----a-w- C:\Windows\System32\hsa-thunk64.dll
2016-04-04 01:28:42 174592 ----a-w- C:\Windows\SysWow64\hsa-thunk.dll
2016-03-25 16:18:47 -------- d-----w- C:\Users\Richard\.oracle_jre_usage
2016-03-25 08:45:07 212992 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\NLAIS 737 'BABY BOEINGS'\texopt.exe
2016-03-25 08:43:18 -------- d-----w- C:\Program Files (x86)\NL2000
2016-03-22 21:22:19 76800 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\FXAA DX9 dll\d3d9.dll
2016-03-22 21:22:19 400384 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\SMAA dlls\dxgi.dll
2016-03-22 21:22:19 400384 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\dxgi.dll
2016-03-22 21:22:19 170496 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SweetFX\dlls\SMAA dlls\d3d9.dll
2016-03-22 21:22:19 170496 ----a-w- C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\d3d9.dll
2016-03-22 20:53:02 37144 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2016-03-21 13:59:52 865280 ----a-w- C:\Windows\System32\coinst_16.15.dll
2016-03-21 12:53:45 -------- d-----w- C:\Windows\SysWow64\st
2016-03-19 10:08:34 70144 ----a-w- C:\Windows\System32\appinfo.dll
2016-03-19 10:08:34 504320 ----a-w- C:\Windows\System32\msihnd.dll
2016-03-19 10:08:34 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2016-03-19 10:08:34 3243008 ----a-w- C:\Windows\System32\msi.dll
2016-03-19 10:08:34 25088 ----a-w- C:\Windows\SysWow64\msimsg.dll
2016-03-19 10:08:34 25088 ----a-w- C:\Windows\System32\msimsg.dll
2016-03-19 10:08:34 2364928 ----a-w- C:\Windows\SysWow64\msi.dll
2016-03-19 10:08:34 1940992 ----a-w- C:\Windows\System32\authui.dll
2016-03-19 10:08:34 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2016-03-19 10:08:34 114624 ----a-w- C:\Windows\System32\consent.exe
2016-03-19 10:08:31 511488 ----a-w- C:\Windows\System32\rpcss.dll
2016-03-19 10:08:30 73664 ----a-w- C:\Windows\System32\drivers\disk.sys
2016-03-19 10:07:53 8192 ----a-w- C:\Windows\System32\drivers\nl-NL\tpm.sys.mui
2016-03-19 10:07:53 451080 ----a-w- C:\Windows\System32\fveapi.dll
2016-03-19 10:07:53 312600 ----a-w- C:\Windows\System32\wbem\Win32_Tpm.dll
2016-03-19 10:07:53 257864 ----a-w- C:\Windows\SysWow64\wbem\Win32_Tpm.dll
2016-03-19 10:07:53 20480 ----a-w- C:\Windows\System32\tbs.dll
2016-03-19 10:07:53 15360 ----a-w- C:\Windows\SysWow64\tbs.dll
2016-03-19 10:07:53 109568 ----a-w- C:\Windows\System32\fveapibase.dll
2016-03-18 13:45:25 -------- d-----w- C:\Users\Richard\AppData\Local\SteelIXB
2016-03-18 13:32:18 -------- d-----w- C:\Users\Richard\.thumbnails
2016-03-18 13:30:32 -------- d-----w- C:\Users\Richard\AppData\Local\gtk-2.0
2016-03-18 13:27:21 -------- d-----w- C:\Users\Richard\AppData\Local\fontconfig
2016-03-18 13:27:20 -------- d-----w- C:\Users\Richard\AppData\Local\gegl-0.2
2016-03-18 13:27:20 -------- d-----w- C:\Users\Richard\.gimp-2.8
2016-03-18 13:25:05 -------- d-----w- C:\Program Files\GIMP 2
2016-03-18 13:15:13 53248 ------w- C:\Windows\SysWow64\mwgfxvb.dll
2016-03-18 13:15:13 49152 ------w- C:\Windows\SysWow64\mwddsvb.dll
2016-03-18 13:15:13 28672 ------w- C:\Windows\SysWow64\mwgfxcopy.exe
2016-03-18 13:15:13 256512 ------w- C:\Windows\SysWow64\mwdlg.dll
2016-03-18 13:15:13 237056 ------w- C:\Windows\SysWow64\mwgfx24.dll
2016-03-18 13:15:13 191488 ------w- C:\Windows\SysWow64\mwgfx.dll
2016-03-18 13:15:13 104960 ------w- C:\Windows\SysWow64\mwdds.dll
2016-03-18 13:15:12 56832 ------w- C:\Windows\SysWow64\mwace.dll
2016-03-18 13:15:12 27136 ------w- C:\Windows\SysWow64\mwacevb.dll
.
==================== Find3M ====================
.
2016-04-14 19:45:31 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-04-12 15:27:37 52200 ----a-w- C:\Windows\System32\drivers\SaiBus.sys
2016-04-12 15:27:37 24680 ----a-w- C:\Windows\System32\drivers\SaiMini.sys
2016-04-12 14:07:56 4255056 ----a-w- C:\Windows\PE_Rom.dll
2016-04-12 13:27:24 45848 ----a-w- C:\Windows\System32\vulkaninfo-1-1-0-3-1.exe
2016-04-12 13:27:24 42264 ----a-w- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-1.exe
2016-04-12 13:21:46 944640 ----a-w- C:\Windows\SysWow64\atiadlxx.dll
2016-04-12 13:21:46 1276416 ----a-w- C:\Windows\System32\atiadlxx.dll
2016-04-12 13:21:45 152568 ----a-w- C:\Windows\System32\atiuxp64.dll
2016-04-12 13:21:45 1517360 ----a-w- C:\Windows\System32\aticfx64.dll
2016-04-12 13:21:45 11625784 ----a-w- C:\Windows\System32\atidxx64.dll
2016-04-12 13:15:08 1692840 ----a-w- C:\Windows\SysWow64\muachost.exe
2016-04-06 12:19:02 56464 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2016-04-06 12:18:56 823848 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2016-04-06 12:18:50 31648 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2016-04-06 12:17:08 51800 ----a-w- C:\Windows\System32\cmdcsr.dll
2016-04-06 12:16:56 461648 ----a-w- C:\Windows\SysWow64\guard32.dll
2016-04-06 12:16:50 596232 ----a-w- C:\Windows\System32\guard64.dll
2016-04-06 12:14:56 365752 ----a-w- C:\Windows\System32\cmdvrt64.dll
2016-04-06 12:14:01 51896 ----a-w- C:\Windows\System32\cmdkbd64.dll
2016-04-06 12:12:07 296120 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2016-04-06 12:11:12 46776 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2016-03-30 19:54:00 301728 ------w- C:\Windows\System32\MpSigStub.exe
2016-03-18 13:14:41 464168 ----a-w- C:\Windows\SysWow64\vsprint8.ocx
2016-03-18 13:14:39 574776 ----a-w- C:\Windows\SysWow64\vsflex8l.ocx
2016-03-18 13:14:38 224016 ----a-w- C:\Windows\SysWow64\TABCTL32.OCX
2016-03-18 13:14:32 212240 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX
2016-03-18 13:14:30 1081616 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2016-03-18 13:14:29 152848 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX
2016-03-18 13:14:27 349752 ----a-w- C:\Windows\SysWow64\c1sizer.ocx
2016-03-18 13:14:25 217088 ----a-w- C:\Windows\SysWow64\SAWZipNG.dll
2016-03-15 11:58:53 47672 ----a-w- C:\Windows\System32\drivers\dtliteusbbus.sys
2016-03-15 11:57:29 30264 ----a-w- C:\Windows\System32\drivers\dtlitescsibus.sys
2016-03-15 11:57:26 394296 ----a-w- C:\Windows\System32\drivers\sptd.sys
2016-03-15 11:19:04 797376 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-15 11:19:04 142528 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-10 08:34:08 107792 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys
2016-03-10 08:34:08 1070904 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2016-03-02 23:22:52 98816 ----a-w- C:\Windows\System32\wudriver.dll
2016-03-02 23:22:52 93696 ----a-w- C:\Windows\SysWow64\wudriver.dll
2016-03-02 23:22:52 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2016-03-02 23:22:52 37888 ----a-w- C:\Windows\System32\wuapp.exe
2016-03-02 23:22:52 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2016-03-02 23:22:52 3169792 ----a-w- C:\Windows\System32\wucltux.dll
2016-03-02 23:22:52 192512 ----a-w- C:\Windows\System32\wuwebv.dll
2016-03-02 23:22:52 174080 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2016-03-02 23:22:52 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2016-02-17 08:52:29 287016 ----a-w- C:\Windows\System32\drivers\aswvmm.sys
2016-02-17 08:51:44 74544 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2016-02-17 08:51:44 165344 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2016-02-17 08:51:43 37656 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2016-02-17 08:51:42 103064 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2016-02-17 08:51:38 52184 ----a-w- C:\Windows\avastSS.scr
2016-02-15 23:27:00 125720 ----a-w- C:\Windows\SysWow64\vulkan-1-1-0-3-1.dll
2016-02-15 23:26:22 126232 ----a-w- C:\Windows\System32\vulkan-1-1-0-3-1.dll
2016-02-11 18:56:28 5572032 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-11 18:56:26 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2016-02-11 18:56:26 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2016-02-11 18:52:52 1733592 ----a-w- C:\Windows\System32\ntdll.dll
2016-02-11 18:49:42 362496 ----a-w- C:\Windows\System32\wow64win.dll
2016-02-11 18:49:42 243712 ----a-w- C:\Windows\System32\wow64.dll
2016-02-11 18:49:42 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2016-02-11 18:49:24 215040 ----a-w- C:\Windows\System32\winsrv.dll
2016-02-11 18:49:19 210432 ----a-w- C:\Windows\System32\wdigest.dll
2016-02-11 18:49:08 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2016-02-11 18:49:00 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2016-02-11 18:49:00 135680 ----a-w- C:\Windows\System32\sspicli.dll
2016-02-11 18:48:58 503808 ----a-w- C:\Windows\System32\srcore.dll
2016-02-11 18:48:58 50176 ----a-w- C:\Windows\System32\srclient.dll
2016-02-11 18:48:16 28160 ----a-w- C:\Windows\System32\secur32.dll
2016-02-11 18:48:14 344064 ----a-w- C:\Windows\System32\schannel.dll
2016-02-11 18:48:12 1214464 ----a-w- C:\Windows\System32\rpcrt4.dll
2016-02-11 18:47:33 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2016-02-11 18:45:59 312320 ----a-w- C:\Windows\System32\ncrypt.dll
2016-02-11 18:45:56 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-11 18:45:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2016-02-11 18:45:35 146432 ----a-w- C:\Windows\System32\msaudite.dll
2016-02-11 18:44:45 3994560 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2016-02-11 18:44:45 3938240 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2016-02-11 18:44:42 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2016-02-11 18:44:34 730112 ----a-w- C:\Windows\System32\kerberos.dll
2016-02-11 18:44:34 422400 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-11 18:42:25 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2016-02-11 18:42:24 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2016-02-11 18:42:24 22016 ----a-w- C:\Windows\System32\credssp.dll
2016-02-11 18:38:24 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2016-02-11 18:38:24 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2016-02-11 18:38:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2016-02-11 18:38:23 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-11 18:38:07 171520 ----a-w- C:\Windows\SysWow64\wdigest.dll
2016-02-11 18:38:00 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2016-02-11 18:37:53 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2016-02-11 18:37:11 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2016-02-11 18:37:09 251392 ----a-w- C:\Windows\SysWow64\schannel.dll
2016-02-11 18:35:14 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2016-02-11 18:35:09 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-11 18:35:06 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2016-02-11 18:34:26 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2016-02-11 18:33:30 553472 ----a-w- C:\Windows\SysWow64\kerberos.dll
2016-02-11 18:31:25 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-03-07 09:03:58 3109520 --sha-r- C:\Windows\SysWOW64\avcodec-lav-55.dll
2014-03-07 09:03:58 98960 --sha-r- C:\Windows\SysWOW64\avfilter-lav-4.dll
2014-03-07 09:03:58 550032 --sha-r- C:\Windows\SysWOW64\avformat-lav-55.dll
2009-09-27 07:39:26 415744 --sh--w- C:\Windows\SysWOW64\avisynth.dll
2014-03-07 09:03:58 59536 --sha-r- C:\Windows\SysWOW64\avresample-lav-1.dll
2005-07-14 10:31:20 32256 --sh--w- C:\Windows\SysWOW64\AVSredirect.dll
2014-03-07 09:03:58 181392 --sha-r- C:\Windows\SysWOW64\avutil-lav-52.dll
2004-02-22 08:11:08 764416 --sh--w- C:\Windows\SysWOW64\devil.dll
2014-03-07 09:03:58 122512 --sha-r- C:\Windows\SysWOW64\HLaudio.dll
2014-03-07 09:03:58 203408 --sha-r- C:\Windows\SysWOW64\HLsplit.dll
2014-03-07 09:03:58 313520 --sha-r- C:\Windows\SysWOW64\HLvideo.dll
2004-01-24 22:00:00 70656 --sh--w- C:\Windows\SysWOW64\i420vfw.dll
2014-03-07 09:03:58 166544 --sha-r- C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2014-03-07 09:03:58 109712 --sha-r- C:\Windows\SysWOW64\libbluray.dll
2011-02-11 08:26:20 112128 --sha-r- C:\Windows\SysWOW64\OptimFROG.dll
2014-03-07 09:03:58 118416 --sha-r- C:\Windows\SysWOW64\swscale-lav-2.dll
2010-01-06 22:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 17:54:00 188416 --sha-r- C:\Windows\SysWOW64\winDCE32.dll
2004-01-24 22:00:00 70656 --sh--w- C:\Windows\SysWOW64\yv12vfw.dll
.
============= FINISH: 21:58:48,86 ===============
GMER:
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-04-14 22:00:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AACS-00G8B0 rev.05.04C05 465,76GB
Running: gmu93o3d.exe; Driver: C:\Users\Richard\AppData\Local\Temp\pwldqpow.sys
---- Threads - GMER 2.2 ----
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6544] 000007fefbb72af8
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6552] 000007feec878f70
Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5500:6732] 000007fef4785124
---- EOF - GMER 2.2 ----
- Richard
Comment