pc loopt vaak vast en is erg traag

kok

27-08-2014 14:52

Sinds een paar dagen heb ik last van een erge trage computer..en regelmatig loopt de boel vast,,zowel bij Internet explorer,,als Mozilla.
ik zou willen vragen,,wil er iemand naar mijn logjes kijkken,,,alvast bedankt..
Logfile of random's system information tool 1.10 (written by random/random)
Run by Eigenaar at 2014-08-27 14:43:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 95 GB (62%) free of 153 GB
Total RAM: 1948 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:44:15, on 27-8-2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\trend micro\Eigenaar.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - (no file)
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O11 - Options group: Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 7910 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=1ec02543-b3b2-4f36-a4ff-5a6ad47ba867 /coreSdkOptions=4382 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\6ec08105-6e3c-4337-8daa-e20f8cda9423-160-oopp.tmp” /loggerName=AVG.RS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\” /logPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\”
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe”
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
“C:\Program Files (x86)\AVG\AVG2014\avgfws.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe”
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe”
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
“C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe”
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
“C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe”
“C:\Program Files (x86)\AVG\AVG2014\avgemca.exe”
“taskhost.exe”
“C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe” /TUStart /pid:2068
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=ad5db154-4a11-460e-a6c2-585baf73263d /coreSdkOptions=4114 /logConfFile=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\51b38f14-03b0-4209-b9e9-7639d562386f-b38-oopp.tmp” /loggerName=AVG.NS.Core /binaryPath=“C:\Program Files (x86)\AVG\AVG2014\” /tempPath=“C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\”
“C:\Windows\system32\Dwm.exe”
C:\Windows\Explorer.EXE
“C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe” -servicelaunch=true
“C:\Program Files (x86)\Samsung\Kies\Kies.exe” /preload
“C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
“C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”
“C:\Program Files\Windows Media Player\wmpnetwk.exe”
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
“C:\Program Files (x86)\Google\Update\GoogleUpdate.exe” /c
“C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe”
“C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe”
“C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe” –proxy-stub-channel=Flash1460.66C40D80.17459 –host-broker-channel=Flash1460.66C40D80.11298 –host-pid=1460 –host-npapi-version=27 –plugin-path=“C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll”
“C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe” –channel=4072.0030F4E4.288328644 –proxy-stub-channel=Flash1460.66C40D80.17459 –plugin-path=“C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll” –host-npapi-version=27 –type=renderer
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe”
“C:\Program Files\Internet Explorer\iexplore.exe”
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:1236 CREDAT:144385 /prefetch:2
“C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE” SCODEF:1236 CREDAT:595202 /prefetch:2
“C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe”
“C:\Users\Eigenaar\Desktop\RSITx64.exe”
C:\Windows\system32\wbem\wmiprvse.exe
“C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe” /AppMode=UPDANTISPAM /pri=4 /sched=4 /source=inet /path=“” /caller=SCHEDULER
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\vkypv917.default
prefs.js - “browser.startup.homepage” - “http://www.startpagina.nl”
“Description”=Adobe® Flash® Player 14.0.0.145 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
“Description”=Canon My Image Garden
“Path”=C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
“Description”=Google Earth in your browser
“Path”=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
“Description”=Java™ Deployment Toolkit
“Path”=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
“Description”=Oracle® Next Generation Java™ Plug-In
“Path”=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
“Description”=
“Path”=disabled
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
“Description”=Adobe® Flash® Player 14.0.0.145 Plugin
“Path”=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll
“Description”=
“Path”=disabled
======Registry dump======
Canon Easy-WebPrint EX BHO
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
Canon Easy-WebPrint EX BHO
Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“KiesPreload”=C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
“AVG_UI”=C:\Program Files (x86)\AVG\AVG2014\avgui.exe
“KiesTrayAgent”=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\system32\igfxdev.dll
wlnotify.dll
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“C:\Users\Eigenaar\AppData\Roaming\vxsula\zzsuel.exe”=“C:\Users\Eigenaar\AppData\Roaming\vxsula\zzsuel.exe:*:Enabled:zzsuel”
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-08-27 14:43:47 —-D—- C:\Program Files\trend micro
2014-08-27 14:43:45 —-D—- C:\rsit
2014-08-24 07:38:15 —-A—- C:\Windows\system32\wups2.dll
2014-08-24 07:38:15 —-A—- C:\Windows\system32\wucltux.dll
2014-08-24 07:38:15 —-A—- C:\Windows\system32\wuauclt.exe
2014-08-24 07:38:14 —-A—- C:\Windows\system32\wuaueng.dll
2014-08-24 07:38:02 —-A—- C:\Windows\SYSWOW64\wudriver.dll
2014-08-24 07:38:02 —-A—- C:\Windows\system32\wups.dll
2014-08-24 07:38:02 —-A—- C:\Windows\system32\wudriver.dll
2014-08-24 07:38:01 —-A—- C:\Windows\SYSWOW64\wups.dll
2014-08-24 07:38:01 —-A—- C:\Windows\SYSWOW64\wuapi.dll
2014-08-24 07:38:01 —-A—- C:\Windows\system32\wuapi.dll
2014-08-24 07:37:29 —-A—- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-24 07:37:29 —-A—- C:\Windows\SYSWOW64\wuapp.exe
2014-08-24 07:37:29 —-A—- C:\Windows\system32\wuwebv.dll
2014-08-24 07:37:29 —-A—- C:\Windows\system32\wuapp.exe
2014-08-16 14:25:12 —-D—- C:\Users\Eigenaar\AppData\Roaming\DanceOfDeath
2014-08-16 14:24:12 —-D—- C:\ProgramData\com.gamehouse.acid
2014-08-14 10:20:49 —-A—- C:\Windows\system32\drivers\ssudmdm.sys
2014-08-14 10:20:49 —-A—- C:\Windows\system32\drivers\ssudbus.sys
2014-08-14 10:15:52 —-D—- C:\Program Files (x86)\MarkAny
2014-08-14 10:14:17 —-D—- C:\Users\Eigenaar\AppData\Roaming\Samsung
2014-08-14 10:12:30 —-D—- C:\Program Files (x86)\MyFree Codec
2014-08-14 10:09:44 —-A—- C:\Windows\SYSWOW64\Redemption.dll
2014-08-14 10:09:11 —-A—- C:\Windows\SYSWOW64\dgderapi.dll
2014-08-14 10:08:20 —-D—- C:\ProgramData\Samsung
2014-08-14 10:08:20 —-D—- C:\Program Files (x86)\Samsung
2014-08-13 08:12:32 —-A—- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-13 08:12:32 —-A—- C:\Windows\SYSWOW64\icardagt.exe
2014-08-13 08:12:32 —-A—- C:\Windows\system32\infocardapi.dll
2014-08-13 08:12:32 —-A—- C:\Windows\system32\icardagt.exe
2014-08-13 08:12:20 —-A—- C:\Windows\SYSWOW64\icardres.dll
2014-08-13 08:12:20 —-A—- C:\Windows\system32\icardres.dll
2014-08-13 08:10:41 —-A—- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-13 08:10:41 —-A—- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 07:34:17 —-A—- C:\Windows\system32\msi.dll
2014-08-13 07:34:16 —-A—- C:\Windows\SYSWOW64\msi.dll
2014-08-13 07:34:16 —-A—- C:\Windows\system32\authui.dll
2014-08-13 07:34:15 —-A—- C:\Windows\SYSWOW64\authui.dll
2014-08-13 07:34:15 —-A—- C:\Windows\system32\msihnd.dll
2014-08-13 07:34:15 —-A—- C:\Windows\system32\consent.exe
2014-08-13 07:34:14 —-A—- C:\Windows\SYSWOW64\msihnd.dll
2014-08-13 07:33:47 —-A—- C:\Windows\SYSWOW64\tzres.dll
2014-08-13 07:33:47 —-A—- C:\Windows\system32\tzres.dll
2014-08-13 07:33:19 —-A—- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-13 07:33:19 —-A—- C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:33:18 —-A—- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-13 07:33:18 —-A—- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-13 07:33:18 —-A—- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-13 07:33:17 —-A—- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-13 07:33:17 —-A—- C:\Windows\system32\KBDRU.DLL
2014-08-13 07:33:16 —-A—- C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:33:16 —-A—- C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:33:15 —-A—- C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:33:12 —-A—- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-13 07:33:09 —-A—- C:\Windows\system32\win32k.sys
2014-08-13 07:33:08 —-A—- C:\Windows\SYSWOW64\gdi32.dll
2014-08-13 07:33:08 —-A—- C:\Windows\system32\gdi32.dll
2014-08-13 07:33:01 —-A—- C:\Windows\system32\shell32.dll
2014-08-13 07:32:59 —-A—- C:\Windows\SYSWOW64\shell32.dll
2014-08-13 07:32:34 —-A—- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-13 07:32:33 —-A—- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-13 07:32:32 —-A—- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-13 07:32:32 —-A—- C:\Windows\SYSWOW64\iernonce.dll
2014-08-13 07:32:31 —-A—- C:\Windows\SYSWOW64\urlmon.dll
2014-08-13 07:32:31 —-A—- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:32:30 —-A—- C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:32:29 —-A—- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-13 07:32:29 —-A—- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-13 07:32:29 —-A—- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:32:28 —-A—- C:\Windows\SYSWOW64\mshtml.dll
2014-08-13 07:32:27 —-A—- C:\Windows\SYSWOW64\iesetup.dll
2014-08-13 07:32:27 —-A—- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-13 07:32:27 —-A—- C:\Windows\system32\iernonce.dll
2014-08-13 07:32:27 —-A—- C:\Windows\system32\ie4uinit.exe
2014-08-13 07:32:26 —-A—- C:\Windows\system32\urlmon.dll
2014-08-13 07:32:25 —-A—- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-13 07:32:25 —-A—- C:\Windows\SYSWOW64\iertutil.dll
2014-08-13 07:32:25 —-A—- C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:32:24 —-A—- C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:32:23 —-A—- C:\Windows\SYSWOW64\ieui.dll
2014-08-13 07:32:23 —-A—- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-13 07:32:23 —-A—- C:\Windows\system32\dxtmsft.dll
2014-08-13 07:32:22 —-A—- C:\Windows\SYSWOW64\ieframe.dll
2014-08-13 07:32:22 —-A—- C:\Windows\system32\msfeeds.dll
2014-08-13 07:32:21 —-A—- C:\Windows\system32\iesetup.dll
2014-08-13 07:32:20 —-A—- C:\Windows\system32\iedkcs32.dll
2014-08-13 07:32:19 —-A—- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-13 07:32:19 —-A—- C:\Windows\SYSWOW64\jscript9.dll
2014-08-13 07:32:19 —-A—- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-13 07:32:19 —-A—- C:\Windows\system32\iertutil.dll
2014-08-13 07:32:18 —-A—- C:\Windows\SYSWOW64\wininet.dll
2014-08-13 07:32:18 —-A—- C:\Windows\SYSWOW64\vbscript.dll
2014-08-13 07:32:18 —-A—- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-13 07:32:17 —-A—- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-13 07:32:17 —-A—- C:\Windows\system32\jsproxy.dll
2014-08-13 07:32:16 —-A—- C:\Windows\SYSWOW64\msrating.dll
2014-08-13 07:32:15 —-A—- C:\Windows\system32\dxtrans.dll
2014-08-13 07:32:14 —-A—- C:\Windows\system32\mshtmled.dll
2014-08-13 07:32:14 —-A—- C:\Windows\system32\ieui.dll
2014-08-13 07:32:14 —-A—- C:\Windows\system32\ieframe.dll
2014-08-13 07:32:13 —-A—- C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:32:13 —-A—- C:\Windows\system32\jscript9diag.dll
2014-08-13 07:32:13 —-A—- C:\Windows\system32\ieUnatt.exe
2014-08-13 07:32:12 —-A—- C:\Windows\system32\vbscript.dll
2014-08-13 07:32:12 —-A—- C:\Windows\system32\jscript9.dll
2014-08-13 07:32:11 —-A—- C:\Windows\system32\wininet.dll
2014-08-13 07:32:11 —-A—- C:\Windows\system32\ieapfltr.dll
2014-08-13 07:32:09 —-A—- C:\Windows\system32\msrating.dll
2014-08-13 07:32:09 —-A—- C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:32:06 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:32:06 —-A—- C:\Windows\system32\mshtml.dll
2014-08-13 07:31:16 —-A—- C:\Windows\system32\rpcrt4.dll
2014-08-13 07:31:14 —-A—- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-13 07:31:08 —-A—- C:\Windows\system32\aepdu.dll
2014-08-13 07:31:04 —-A—- C:\Windows\system32\aeinv.dll
2014-07-30 15:13:45 —-D—- C:\Program Files (x86)\Mozilla Firefox
2014-07-29 08:56:08 —-A—- C:\Windows\system32\FNTCACHE.DAT
======List of files/folders modified in the last 1 month======
2014-08-27 14:44:17 —-D—- C:\ProgramData\MFAData
2014-08-27 14:43:47 —-RD—- C:\Program Files
2014-08-27 14:41:17 —-D—- C:\Windows\Temp
2014-08-27 10:02:14 —-D—- C:\Windows\system32\config
2014-08-27 09:09:54 —-D—- C:\Windows\Prefetch
2014-08-27 06:47:49 —-D—- C:\Windows\winsxs
2014-08-27 06:46:31 —-D—- C:\Windows\system32\catroot
2014-08-27 06:46:29 —-D—- C:\Windows\system32\catroot2
2014-08-26 14:07:06 —-SD—- C:\Users\Eigenaar\AppData\Roaming\Microsoft
2014-08-26 13:52:53 —-D—- C:\Program Files (x86)\Adobe
2014-08-25 13:50:50 —-D—- C:\Windows\inf
2014-08-25 13:49:38 —-D—- C:\Windows
2014-08-25 10:05:44 —-D—- C:\Windows\debug
2014-08-24 10:58:01 —-D—- C:\Windows\SYSWOW64\nl-NL
2014-08-24 10:58:01 —-D—- C:\Windows\SysWOW64
2014-08-24 10:58:01 —-D—- C:\Windows\system32\nl-NL
2014-08-24 10:58:01 —-D—- C:\Windows\System32
2014-08-24 07:36:39 —-SHD—- C:\System Volume Information
2014-08-21 14:26:07 —-D—- C:\Zylom Games
2014-08-21 14:26:05 —-D—- C:\Program Files (x86)\RealArcade
2014-08-16 14:24:12 —-HD—- C:\ProgramData
2014-08-16 11:59:17 —-SHD—- C:\$RECYCLE.BIN
2014-08-15 12:43:36 —-HD—- C:\Config.Msi
2014-08-15 09:33:36 —-SHD—- C:\Windows\Installer
2014-08-14 10:44:10 —-D—- C:\Windows\Microsoft.NET
2014-08-14 10:24:38 —-D—- C:\Windows\system32\drivers
2014-08-14 10:21:13 —-D—- C:\Windows\system32\DriverStore
2014-08-14 10:15:52 —-D—- C:\Program Files (x86)
2014-08-14 10:09:04 —-HD—- C:\Program Files (x86)\InstallShield Installation Information
2014-08-14 09:48:38 —-D—- C:\Windows\system32\drivers\UMDF
2014-08-14 09:30:21 —-D—- C:\Windows\rescache
2014-08-13 15:28:41 —-RSD—- C:\Windows\assembly
2014-08-13 10:41:25 —-D—- C:\Windows\ehome
2014-08-13 10:41:24 —-RSD—- C:\Windows\Fonts
2014-08-13 10:40:57 —-D—- C:\Program Files\Internet Explorer
2014-08-13 10:40:55 —-D—- C:\Windows\SYSWOW64\en-US
2014-08-13 10:40:53 —-D—- C:\Windows\PolicyDefinitions
2014-08-13 10:40:52 —-D—- C:\Windows\system32\en-US
2014-08-13 10:40:49 —-D—- C:\Program Files (x86)\Internet Explorer
2014-08-13 08:29:30 —-D—- C:\Windows\system32\MRT
2014-08-13 08:25:51 —-A—- C:\Windows\system32\MRT.exe
2014-08-13 08:06:34 —-SD—- C:\Windows\system32\CompatTel
2014-08-01 10:03:31 —-A—- C:\Windows\system32\PerfStringBackup.INI
2014-08-01 07:06:02 —-D—- C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-28 13:50:28 —-D—- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
R0 RapportKE64;RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys
R1 RapportCerberus_69875;RapportCerberus_69875; \??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys
R1 RapportEI64;RapportEI64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
R1 RapportPG64;RapportPG64; \??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R3 cxbu0x64;SmartCard-Reader USB 2A; C:\Windows\system32\DRIVERS\cxbu0x64.sys
R3 e1kexpress;Stuurprogramma K voor Intel(R) PRO/1000 PCI Express-netwerkverbinding; C:\Windows\system32\DRIVERS\e1k60x64.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S3 athr;Wireless PCI Adapter Driver Service; C:\Windows\system32\DRIVERS\athrx.sys
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys
S3 WinUsb;WinUsb-stuurprogramma; C:\Windows\system32\DRIVERS\WinUsb.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 RapportMgmtService;Rapport Management Service; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S4 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 ogmservice;Online Games Manager; C:\Program Files (x86)\Online Games Manager\ogmservice.exe
—————–EOF—————–
Malwarebytes Anti-Malware
www.malwarebytes.org
Scandatum: 27-8-2014
Scantijd: 14:18:34
Logbestand: bma log 27-08.txt
Beheerder: Ja
Versie: 2.00.2.1012
Malwaredatabase: v2014.08.27.02
Rootkitdatabase: v2014.08.21.01
Licentie: Premium
Malwarebescherming: Ingeschakeld
Kwaadaardige Website Bescherming: Ingeschakeld
Self-protection: Uitgeschakeld
Besturingssysteem: Windows 7 Service Pack 1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Eigenaar
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten Gescand: 331764
Verstreken Tijd: 11 m, 26 s
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristics: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld
Processen: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registersleutels: 0
(No malicious items detected)
Registerwaardes: 0
(No malicious items detected)
Registerdata: 0
(No malicious items detected)
Mappen: 0
(No malicious items detected)
Bestanden: 0
(No malicious items detected)
Fysieke Sectoren: 0
(No malicious items detected)
(end)
Ben

27-08-2014 15:13

Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
;r
C:\Users\Eigenaar\AppData\Roaming\vxsula;fs
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
Kok

27-08-2014 15:57

Gedaan Ben
Zoek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Eigenaar on wo 27-08-2014 at 15:30:40,15.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eigenaar\Desktop\zoek.exe
===== Runcheck 15:32:06,35 =====
— Create Environment Variables 15:32:09,63
— Create System Restore Point 15:32:24,68
— Checking Input 15:32:57,35
— Torpig Check 15:33:08,08
— AU AppData Check 15:33:15,74
— Remove From Windows Installer 15:33:25,79
— Empty Folders Check 15:35:40,14
— IE Startpage Check 15:36:01,16
— Program Files DB Check 15:37:08,92
— C:\Users\Default\AppData\Roaming DB Check 15:38:45,32
— C:\Users\Default User\AppData\Roaming DB Check 15:38:45,32
— C:\Users\Eigenaar\AppData\Roaming DB Check 15:38:45,32
— C:\Users\kok\AppData\Roaming DB Check 15:38:45,32
— C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 15:38:45,32
— C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 15:38:45,32
— C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 15:38:45,32
— C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 15:38:45,32
— C:\Users\Eigenaar DB Check 15:43:38,46
— C:\PROGRA~3 DB Check 15:44:12,72
— C:\Users\Default\AppData\Local DB Check 15:44:16,65
— C:\Users\Default User\AppData\Local DB Check 15:44:16,65
— C:\Users\Eigenaar\AppData\Local DB Check 15:44:16,65
— C:\Users\kok\AppData\Local DB Check 15:44:16,65
— C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 15:44:16,65
— C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 15:44:16,65
— C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 15:44:16,65
— C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 15:44:16,65
— C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 15:47:32,04
— C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 15:47:49,77
— Tasks DB Check 15:48:00,12
— Downloads DB Check 15:48:07,22
— C:\Users\Eigenaar\AppData\LocalLow DB Check 15:48:17,03
— C:\Users\kok\AppData\LocalLow DB Check 15:48:17,03
— C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 15:48:17,03
— C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 15:48:17,03
— C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 15:48:17,03
— Tasks2 DB Check 15:50:12,60
— Documents DB Check 15:51:00,49
— C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\vkypv917.default DB Check 15:51:13,75
— C:\Users\Eigenaar\AppData\Roaming\TomTom\HOME\Profiles\tg3vsj3m.default DB Check 15:51:13,75
— C:\Users\Public\Desktop DB Check 15:51:25,00
— C:\Users\Eigenaar\Desktop DB Check 15:51:32,17
— Services DB Check 15:51:48,12
— FF prefs.js DB Check 15:52:27,94
Ben

27-08-2014 16:02

Hallo,
Dit is de voortgang van de scan, als je zoek.exe al heb afgesloten voer zoek.exe nogmaals uit en wacht tot je de melding krijgt dat je pc moet herstarten.
Dit kan wel 45 min duren.
kok

27-08-2014 17:39

Sorry Ben,,ik was te snel..
Zoek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Eigenaar on wo 27-08-2014 at 15:30:40,15.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eigenaar\Desktop\zoek.exe
==== System Restore Info ======================
27-8-2014 15:32:52 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\Gabest deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\Users\Eigenaar\AppData\Local\Downloaded Installations deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Eigenaar\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
==== Deleting Services ======================
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
==== Deleting Files \ Folders ======================
C:\Users\Eigenaar\AppData\Roaming\vxsula not found
C:\PROGRA~2\MyFree Codec deleted
C:\Users\Eigenaar\AppData\Roaming\AlawarEntertainment deleted
C:\PROGRA~3\Trymedia deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
==== System Specs ======================
Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 1949 MB
CPU Info: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
CPU Speed: 2975,8 MHz
Sound Card: Luidsprekers (High Definition A |
Digitale audio (HDMI) (High Def |
Display Adapters: Intel(R) Q45/Q43 Express Chipset | Intel(R) Q45/Q43 Express Chipset | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter | Intel(R) 82567LF-3 Gigabit-netwerkverbinding
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW TS-H653G
Ports: COM1 | COM2 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 149,0GB
Hard Disks - Free: C: 92,4GB
Manufacturer *: FUJITSU SIEMENS // Phoenix Technologies Ltd.
BIOS Info: AT/AT COMPATIBLE | 11/05/09 | FSC - 60000
Time Zone: West-Europa (standaardtijd)
Motherboard *: FUJITSU SIEMENS D2824-A1
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: AVG Internet Security 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG Internet Security 2014 disabled (Outdated)
Firewall: AVG Internet Security 2014 disabled
Default Browser: Google Chrome 36.0.1985.143
Internet Explorer Version: 11.0.9600.17239
Mozilla Firefox version: 31.0 (x86 nl)
Google Chrome version: 36.0.1985.143
Adobe Reader version: 11.0.8.4
Sun Java version: 1.7.0_51 (32-bit)
Flash Player version: 14.0.0.145
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Eigenaar\AppData\Local\Temp ====
2014-08-26 12:25:17 FFF48405C43A06F4B4A29F4562F7CD92 127488 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\OSProvider.dll
2014-08-26 12:25:17 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\UnattendProvider.dll
2014-08-26 12:25:17 7B38D7916A7CD058C16A0A6CA5077901 271360 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\wdscore.dll
2014-08-26 12:25:17 739968678548BA15F6B9372E8760C012 444416 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\TransmogProvider.dll
2014-08-26 12:25:17 732A13256A9BE7E15E2D58393D6B85F4 471040 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\WimProvider.dll
2014-08-26 12:25:17 011A725B36F05E8A771626017064F2CA 271360 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\SmiProvider.dll
2014-08-26 12:25:16 CCF6EC908566900E9626DC3360B9E35E 112128 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DismCorePS.dll
2014-08-26 12:25:16 BB9E8732FC0B76EF29DC90C63397078E 312832 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\IntlProvider.dll
2014-08-26 12:25:16 A909643B215FC0587A043C9C15959D41 186368 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DismProv.dll
2014-08-26 12:25:16 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DmiProvider.dll
2014-08-26 12:25:16 703E7D07687D2751D0474E4D333E832C 1672192 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\CbsProvider.dll
2014-08-26 12:25:16 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DismCore.dll
2014-08-26 12:25:16 64B66A41B61D511E8EBE94625EC0E45A 53760 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\FolderProvider.dll
2014-08-26 12:25:16 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\CompatProvider.dll
2014-08-26 12:25:16 516A5FCE06BB388499238A5F9286CB74 96768 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DismHost.exe
2014-08-26 12:25:16 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\MsiProvider.dll
====== Java Cache =====
2014-07-28 14:19:09 D41D8CD98F00B204E9800998ECF8427E 0 —-a-w- C:\Users\Eigenaar\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7af07b9c
====== C:\Windows\SysWOW64 =====
2014-08-24 05:38:02 372218B80DEF827063049EBEE76B7501 92672 —-a-w- C:\Windows\SysWOW64\wudriver.dll
2014-08-24 05:38:01 867148EBF47E7E7E7B21C07B4A981929 581600 —-a-w- C:\Windows\SysWOW64\wuapi.dll
2014-08-24 05:38:01 255F0417EC31C71585824269522EC8E9 36320 —-a-w- C:\Windows\SysWOW64\wups.dll
2014-08-24 05:37:29 F419D738BD2AE58D9DF2F9FEB5F43842 33792 —-a-w- C:\Windows\SysWOW64\wuapp.exe
2014-08-24 05:37:29 5AA2CAD923E9E647276A61387E83DDD0 179656 —-a-w- C:\Windows\SysWOW64\wuwebv.dll
2014-08-14 08:09:44 A64711C9CF690718EADA750370EC5EB2 4659712 —-a-w- C:\Windows\SysWOW64\Redemption.dll
2014-08-14 08:09:11 37655385D1CF8560A52027B8008FAE0E 821824 —-a-w- C:\Windows\SysWOW64\dgderapi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-08-24 05:38:15 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 —-a-w- C:\Windows\Sysnative\wuauclt.exe
2014-08-24 05:38:15 E76F105AD039B9E4DA9ECE839298C4A2 44512 —-a-w- C:\Windows\Sysnative\wups2.dll
2014-08-24 05:38:15 6335F8B4B89F002A3801473C1A799237 2620928 —-a-w- C:\Windows\Sysnative\wucltux.dll
2014-08-24 05:38:14 61FF576450CCC80564B850BC3FB6713A 2477536 —-a-w- C:\Windows\Sysnative\wuaueng.dll
2014-08-24 05:38:02 7EC6617005F76714C7E16605E7A8AB06 38880 —-a-w- C:\Windows\Sysnative\wups.dll
2014-08-24 05:38:02 1180B5ADFB507258DA10F51B46681A33 97792 —-a-w- C:\Windows\Sysnative\wudriver.dll
2014-08-24 05:38:01 0DB2758CF1BAFE22E0970FDA0785B74C 700384 —-a-w- C:\Windows\Sysnative\wuapi.dll
2014-08-24 05:37:29 45D4BDEA136E72E75CF008D3C38D949A 198600 —-a-w- C:\Windows\Sysnative\wuwebv.dll
2014-08-24 05:37:29 29FE783F75362AD6D2D9C0555BA83BD2 36864 —-a-w- C:\Windows\Sysnative\wuapp.exe
====== C:\Windows\Sysnative\drivers =====
2014-08-14 08:20:49 91310683D7B6B292B746D60734B59322 206080 —-a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys
2014-08-14 08:20:49 30710AEFCE721CEEE0F35EB6A01C263C 110336 —-a-w- C:\Windows\Sysnative\drivers\ssudbus.sys
2014-08-14 07:48:45 D41D8CD98F00B204E9800998ECF8427E 0 —ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-13 05:33:12 87CE5C8965E101CCCED1F4675557E868 985536 —-a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-08-27 12:43:47 ——– d—–w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-08-14 08:15:52 ——– d—–w- C:\PROGRA~2\MarkAny
2014-08-14 08:08:20 ——– d—–w- C:\PROGRA~2\Samsung
======= C: =====
====== C:\Users\Eigenaar\AppData\Roaming ======
2014-08-26 11:53:29 ——– d—–w- C:\Users\Eigenaar\AppData\Local\Adobe_Systems_Incorporate
2014-08-16 12:25:12 ——– d—–w- C:\Users\Eigenaar\AppData\Roaming\DanceOfDeath
2014-08-16 12:20:56 ——– d—–w- C:\Users\Eigenaar\AppData\Local\com.gamehouse.acid
2014-08-14 08:14:19 ——– d—–w- C:\Users\Eigenaar\AppData\Local\Samsung
2014-08-14 08:14:17 ——– d—–w- C:\Users\Eigenaar\AppData\Roaming\Samsung
2014-08-01 18:00:51 ——– d—–w- C:\Users\kok\AppData\Local\Google
====== C:\Users\Eigenaar ======
2014-08-27 12:42:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 —-a-w- C:\Users\Eigenaar\Desktop\RSITx64.exe
2014-08-26 11:50:53 A1BBAA630BAB9F763FB8F01D061E528C 6144272 —-a-w- C:\Users\Eigenaar\Downloads\ADE_3.0_Installer.exe
2014-08-16 12:24:12 ——– d—–w- C:\ProgramData\com.gamehouse.acid
2014-08-14 08:09:51 ——– d—–w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-08-14 08:08:20 ——– d—–w- C:\ProgramData\Samsung
====== C: exe-files ==
2014-08-27 12:43:47 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Eigenaar.exe
2014-08-27 12:42:24 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 —-a-w- C:\Users\Eigenaar\Desktop\RSITx64.exe
2014-08-26 12:25:16 516A5FCE06BB388499238A5F9286CB74 96768 —-a-w- C:\Users\Eigenaar\AppData\Local\Temp\233E9FFC-4CEA-435D-BCBB-4A12F45714EE\DismHost.exe
2014-08-26 11:50:53 A1BBAA630BAB9F763FB8F01D061E528C 6144272 —-a-w- C:\Users\Eigenaar\Downloads\ADE_3.0_Installer.exe
2014-08-24 05:38:15 EAD9E413A6CEB9FD8E2AD9DC0716C061 58336 —-a-w- C:\Windows\System32\wuauclt.exe
2014-08-24 05:37:29 F419D738BD2AE58D9DF2F9FEB5F43842 33792 —-a-w- C:\Windows\SysWOW64\wuapp.exe
2014-08-24 05:37:29 29FE783F75362AD6D2D9C0555BA83BD2 36864 —-a-w- C:\Windows\System32\wuapp.exe
=== C: other files ==
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“KiesPreload”=“C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“AVG_UI”=“C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY”
“KiesTrayAgent”=“C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”
“KiesPreload”=“C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload”
==== Startup Registry Enabled x64 ======================
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
==== Startup Registry Disabled ======================
“Adobe ARM”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“SunJavaUpdateSched”=“\”C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\“”
“CanonQuickMenu”=“C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon”
==== Startup Registry Disabled x64 ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“”
“hkey”=“HKCU”
“command”=“C:\\Users\\Eigenaar\\AppData\\Roaming\\gfxaih\\\\”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“ ”
“key”=“SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CanonQuickMenu”
“hkey”=“HKLM”
“command”=“C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon”
“HotKeysCmds”=“C:\\Windows\\system32\\hkcmd.exe”
“Persistence”=“C:\\Windows\\system32\\igfxpers.exe”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\CreateChoiceProcessTask”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\Java Update Scheduler”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013”
“C:\Windows\SysNative\tasks\{B768FDA1-ACC1-482C-B6E6-745004F3C376}”
“C:\Windows\SysNative\tasks\{C2C8EB47-E4AB-4082-9157-488861F6E25A}”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2014-04-22 15:52:19 ——– d—–w- C:\PROGRA~3\Zylom
2014-04-29 11:32:25 ——– d—–w- C:\PROGRA~3\HPSSUPPLY
2014-05-03 10:43:41 ——– d–h–w- C:\PROGRA~3\CanonBJ
2014-05-03 10:48:57 ——– d—–w- C:\PROGRA~3\CanonIJWSpt
2014-05-03 10:51:50 ——– d—–w- C:\PROGRA~3\CanonIJPLM
2014-05-03 10:53:25 ——– d–h–w- C:\PROGRA~3\CanonIJQuickMenu
2014-05-03 12:45:14 ——– d–h–w- C:\PROGRA~3\CanonIJEGV
2014-05-22 07:16:45 ——– d—–w- C:\PROGRA~3\Mozilla
2014-06-22 09:12:16 ——– d–h–w- C:\PROGRA~3\CanonIJETV
2014-08-14 08:08:20 ——– d—–w- C:\PROGRA~3\Samsung
2014-08-16 12:24:12 ——– d—–w- C:\PROGRA~3\com.gamehouse.acid
==== Firefox Extensions ======================
ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\vkypv917.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Eigenaar\AppData\Roaming\TomTom\HOME\Profiles\tg3vsj3m.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\vkypv917.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
==== Chrome Look ======================
Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - kok\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chromium Startpages ======================
C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences
“homepage”: “http://www.google.com/”,
“startup_urls”: ,
C:\Users\kok\AppData\Local\Google\Chrome\User Data\Default\Preferences
“homepage”: “http://www.google.com/”,
“startup_urls”: ,
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl”
New Values:
“Start Page”=“http://www.startpagina.nl”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=“http://www.google.com/search?q={searchTerms}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url=“Not_Found”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-840303440-1979872381-1960077457-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
==== Deleting CLSID Registry Values ======================
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - (no file)
O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2014\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O11 - Options group: Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\kok\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kok\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\kok\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=54 folders=15 15251851 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot
C:\Users\kok\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Eigenaar\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 27-08-2014 at 17:29:19,62 ======================
Ben

27-08-2014 18:03

Hallo,
Voer zoek.exe nogmaals uit met de volgende code;
;r
C:\Users\Eigenaar\AppData\Roaming\gfxaih;fs
Plaats het verkregen logje.
Download Emsisoft Anti-Malware naar het bureaublad.
* Dubbelklik op "EmsisoftAntiMalwareSetup.exe" om Emsisoft Anti-Malware te installeren.
* Kies in het volgende scherm de gewenste taal en klik op "OK"
* Selecteer de optie "Ik accepteer de licentieovereenkomst“ en klik op ”Installeren"
* Klik in het licentiescherm op de knop "Volgende" .
* Vink in het volgende scherm de optie "Update extra talen uit" en klik op volgende.
* Klik nu op de optie "Computer scannen“ en kies de optie ”Slim“ en druk op de knop ”scan"
* Laat de gevonden items in quarantaine plaatsen en klik op "Rapport bekijken" plaats de inhoud hiervan in het volgende bericht.
* klik op volgende nogmaals op volgende en daarna op voltooien.
kok

27-08-2014 21:14

Zoek.exe v5.0.0.0 Updated 27-08-2014
Tool run by Eigenaar on wo 27-08-2014 at 18:47:51,31.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eigenaar\Desktop\zoek.exe
==== Older Logs ======================
C:\zoek-results2014-08-27-152919.log 29508 bytes
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
==== Deleting Files \ Folders ======================
C:\Users\Eigenaar\AppData\Roaming\gfxaih not found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=54 folders=15 15251851 bytes)
==== EOF on wo 27-08-2014 at 18:49:40,52 ======================
Emsisoft Anti-Malware - Versie 9.0
Laatste Update: 27-8-2014 20:06:27
Gebruikersaccount: KOKTHUIS\Eigenaar
Scaninstellingen:
Scanmodus: Slimme scan
Objecten: Rootkits, Geheugen, Sporen, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\
Detecteer PUPs: Uit
Scan archieven: Uit
ADS Scan: Aan
Bestandsextensiefilter: Uit
Geavanceerde cache: Aan
Directe schijftoegang: Uit
Scan gestart: 27-8-2014 20:08:08
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\IEPLUGINSERVICE Ontdekt: Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\WPM Ontdekt: Application.AdShort (A)
Value: HKEY_USERS\S-1-5-21-840303440-1979872381-1960077457-1000\SOFTWARE\WIN7ZIP -> UUID Ontdekt: Trojan.Win32.Injector (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\TRYMEDIA SYSTEMS Ontdekt: Application.Win32.TryAd (A)
Gescand: 165019
Gevonden: 5
Scan geëindigd: 27-8-2014 20:48:24
Scantijd: 0:40:16
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\TRYMEDIA SYSTEMS In quarantaine geplaatst Application.Win32.TryAd (A)
Value: HKEY_USERS\S-1-5-21-840303440-1979872381-1960077457-1000\SOFTWARE\WIN7ZIP -> UUID In quarantaine geplaatst Trojan.Win32.Injector (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\WPM In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\EVENTLOG\APPLICATION\IEPLUGINSERVICE In quarantaine geplaatst Application.AdShort (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8} In quarantaine geplaatst Application.AdShort (A)
In quarantaine geplaatst 5
Ben

27-08-2014 21:15

Hallo,
Hoe draait je pc hierna?
Kok

27-08-2014 21:58

Hallo Ben,
Tijdens het opstarten van Internet Explorer,wat heel lang duurt…geeft hij regelmatig aan….Internet explorer reageert niet,,vervolgens draait hij weer verder.
Doorlinken duurt ook heel lang.
Alvast bedankt voor je hulp.
kok
Ben

28-08-2014 09:00

Hallo,
Reset IE eens: http://windows.microsoft.com/nl-nl/internet-explorer/reset-ie-settings#ie=ie-11-win-7

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

pc loopt vaak vast en is erg traag

kok

Ben

Kok

Ben

kok

Ben

kok

Ben

Kok

Ben