Gesloten
1
hallo, op laptop sinds gisteren plots bij opstarten elk onderdeel van vista windows zoals
logonui.exe ongeldige installatiekopie en volgende gegeven; het is wel degelijk een echte
met key geregistreerd en geactiveerd.
Dus ik vermoed een virus. Ik heb met mijn andere laptop de infectiestappen proberen maken
heb de programma's eerst op stick gezet en ben in veilige modus opgestart
rsit heb ik gedaan en zal het logje plaatsen
hitman pro kon ik alleen kopen niet een 30 dagen proef
en malwareantibytes kon ik niet zetten

logje rsit

Logfile of random's system information tool 1.10 (written by random/random)
Run by Koen at 2014-08-10 11:15:00
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 93 GB (63%) free of 148 GB
Total RAM: 3066 MB (75% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe /startup
C:\Windows\tasks\DriverEasy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\WinMaximizer-Koen-Startup.job - C:\Program Files\WinMaximizer\WinMaximizer.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\07frb10p.default

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{B13721C7-F507-4982-B2E5-502A71474FED}

C:\Program Files\Mozilla Firefox\components\
AskSearch.js
binary.manifest
browsercomps.dll
nsIOGAPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npOGAPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
yahoo.xml

C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\07frb10p.default\extensions\
2020Player_IKEA@2020Technologies.com
ffxtlbr@babylon.com
ffxtlbr@buenosearch.com
{20a82645-c095-46ed-80e3-08825760534b}

C:\Users\Koen\AppData\Roaming\Mozilla\Firefox\Profiles\07frb10p.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-22 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-07 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-19 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-22 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04 142896]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-08-07 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-28 6111232]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1033512]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-04 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-03-07 544768]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-04-23 397312]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-08-07 13543968]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-08-07 92704]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-07-02 821768]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\a4fa08a5-cd6d-4f9b-96fa-d02040096109.exe [2013-12-04 180184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2011-04-22 247728]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-13 969104]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-18 68856]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"One.com"=C:\Program Files\OnecomCloudDrive\Dlls\AppLauncher.exe [2013-01-02 23464]
"GoogleChromeAutoLaunch_0F9E5C4B6C3B55C988937899FFC0C46B"=C:\Program Files\Google\Chrome\Application\chrome.exe [2014-07-15 860488]

C:\Users\Koen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Koen\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll, schannel.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-10 11:13:16 ----D---- C:\rsit
2014-08-10 11:13:16 ----D---- C:\Program Files\trend micro
2014-08-09 21:51:29 ----A---- C:\Windows\ntbtlog.txt
2014-08-08 23:48:57 ----SHD---- C:\Config.Msi
2014-08-08 23:23:56 ----D---- C:\Users\Koen\AppData\Roaming\Easeware
2014-08-08 23:23:22 ----D---- C:\Program Files\Easeware
2014-08-08 23:04:55 ----D---- C:\Program Files\Belarc
2014-08-08 21:54:51 ----D---- C:\Program Files\CCleaner
2014-08-08 21:23:28 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-08-08 21:22:50 ----D---- C:\ProgramData\Malwarebytes
2014-08-08 21:22:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-08 21:22:50 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-08-08 21:22:50 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-08-08 21:22:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-08-07 22:11:40 ----A---- C:\Windows\system32\qedit.dll

======List of files/folders modified in the last 1 month======

2014-08-10 11:13:16 ----RD---- C:\Program Files
2014-08-10 11:13:07 ----D---- C:\Windows\System32
2014-08-10 11:13:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-10 11:11:11 ----D---- C:\Windows\inf
2014-08-09 22:08:43 ----D---- C:\Windows\Temp
2014-08-09 21:51:29 ----D---- C:\Windows
2014-08-09 21:45:51 ----D---- C:\Users\Koen\AppData\Roaming\uTorrent
2014-08-09 21:44:54 ----RSD---- C:\Windows\assembly
2014-08-09 21:44:54 ----D---- C:\Windows\Microsoft.NET
2014-08-09 21:43:20 ----D---- C:\Users\Koen\AppData\Roaming\OnecomCloudDrive
2014-08-09 21:43:17 ----D---- C:\Program Files\OnecomCloudDrive
2014-08-09 21:42:34 ----D---- C:\Users\Koen\AppData\Roaming\Dropbox
2014-08-09 21:32:17 ----D---- C:\Windows\Prefetch
2014-08-08 23:49:50 ----SHD---- C:\Windows\Installer
2014-08-08 23:35:08 ----D---- C:\ProgramData\Microsoft Help
2014-08-08 23:31:16 ----D---- C:\Windows\winsxs
2014-08-08 23:23:48 ----D---- C:\Windows\system32\Tasks
2014-08-08 23:23:47 ----D---- C:\Windows\Tasks
2014-08-08 22:57:52 ----D---- C:\Windows\rescache
2014-08-08 22:21:00 ----SHD---- C:\System Volume Information
2014-08-08 21:58:48 ----D---- C:\Users\Koen\AppData\Roaming\DAEMON Tools Lite
2014-08-08 21:58:43 ----D---- C:\Users\Koen\AppData\Roaming\Skype
2014-08-08 21:57:07 ----D---- C:\Windows\Panther
2014-08-08 21:56:51 ----D---- C:\Windows\Minidump
2014-08-08 21:56:51 ----D---- C:\Windows\Logs
2014-08-08 21:56:51 ----D---- C:\Windows\Debug
2014-08-08 21:44:02 ----D---- C:\Users\Koen\AppData\Roaming\Apple Computer
2014-08-08 21:28:32 ----D---- C:\Program Files\Windows Journal
2014-08-08 21:23:28 ----D---- C:\Windows\system32\drivers
2014-08-08 21:22:50 ----HD---- C:\ProgramData
2014-08-08 07:33:22 ----D---- C:\Windows\system32\config
2014-08-08 07:33:17 ----D---- C:\Windows\system32\spool
2014-08-08 07:33:17 ----D---- C:\Windows\system32\Msdtc
2014-08-08 07:33:17 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-08 07:33:14 ----D---- C:\Windows\system32\wbem
2014-08-08 07:33:14 ----D---- C:\Windows\registration
2014-08-07 23:06:52 ----D---- C:\Windows\system32\catroot
2014-08-07 22:41:41 ----D---- C:\Program Files\Puntenboek
2014-08-07 22:39:30 ----D---- C:\Windows\system32\catroot2
2014-08-07 22:33:46 ----D---- C:\ProgramData\Samsung
2014-08-07 22:33:43 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-07 22:18:58 ----D---- C:\Users\Koen\AppData\Roaming\IrfanView
2014-08-07 22:17:18 ----D---- C:\Program Files\MediaMonkey
2014-08-07 22:17:15 ----D---- C:\Users\Koen\AppData\Roaming\MediaMonkey
2014-08-07 22:15:56 ----D---- C:\Program Files\Acer GameZone
2014-08-07 22:05:22 ----D---- C:\Program Files\Games
2014-08-07 21:57:42 ----D---- C:\Program Files\Acro Software
2014-08-07 21:57:04 ----A---- C:\Windows\wininit.ini
2014-08-07 21:51:29 ----D---- C:\Program Files\Common Files\Spigot
2014-08-06 16:44:57 ----D---- C:\Windows\system32\nl-NL

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2013-03-13 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2013-05-09 204784]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-03-04 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-05-14 721904]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2013-05-09 21576]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2008-07-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-01-18 196784]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
S0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-12-04 175176]
S1 aswFW;avast! TDI Firewall Driver; \??\C:\Windows\system32\drivers\aswFW.sys [2013-05-09 104752]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-05-09 49760]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-12-04 770344]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-12-04 369584]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
S1 igkcxawc;igkcxawc; \??\C:\Windows\system32\drivers\igkcxawc.sys []
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
S2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
S2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-03-04 16944]
S2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-03-04 60464]
S3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AVerA310USB.sys [2008-04-15 25856]
S3 ACSSCR;ACR38 Smart Card Reader; C:\Windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]
S3 arpvzr5x;arpvzr5x; C:\Windows\system32\drivers\arpvzr5x.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AVerA310Cap.sys [2008-04-15 42880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 83168]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-28 2127512]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296]
S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM); C:\Windows\system32\drivers\lmvac.sys [2010-05-05 18944]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-08-09 110296]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-08-07 44064]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-08-07 7545824]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 181344]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 USBCCID;USB-smartcardlezer; C:\Windows\system32\DRIVERS\usbccid.sys [2009-04-11 30208]
S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2013-05-09 137960]
S2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-04 500784]
S2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe []
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-08-07 196608]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-12-26 66872]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-14 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-22 115608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-16 755880]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

logje hitman pro

Code: Selecteer alles

HitmanPro 3.7.9.221
www.hitmanpro.com

   Computer name . . . . : SJOENMACHINE
   Windows . . . . . . . : 6.0.2.6002.X86/2
   Safe Mode Boot  . . . : MINIMAL
   User name . . . . . . : SJOENMACHINE\Koen
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-08-10 11:17:56
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 5s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : No connection
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 8

   Objects scanned . . . : 2.009.068
   Files scanned . . . . : 15.939
   Remnants scanned  . . : 373.003 files / 1.620.126 keys

Suspicious files ____________________________________________________________

   C:\System Volume Information\SystemRestore\FRStaging\Users\Koen\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Plugins\DeviceMusic\DeviceMusic.dll
      Size . . . . . . . : 116.224 bytes
      Age  . . . . . . . : 0.6 days (2014-08-09 22:04:36)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : ADFC6AF611498F6A65F22A9F6C4EEA2204315F6DBA52713B7D6620FCC54156B5
      Product  . . . . . : Kies.Plugin.DeviceMusic
      Publisher  . . . . : MSC
      Description  . . . : Kies.Plugin.DeviceMusic
      Version  . . . . . : 1.0.0.128
      LanguageID . . . . : 0
      Fuzzy  . . . . . . : 22.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Koen\AppData\Local\PunkBuster\WAW\pb\pbcl.dll
      Size . . . . . . . : 733.004 bytes
      Age  . . . . . . . : 2052.7 days (2008-12-26 17:36:20)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 8715126E77E8E6F98B4487C11B4656ADAC59145A86D56A0370F2FAE86E40FDC7
      Fuzzy  . . . . . . : 25.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.


Cookies _____________________________________________________________________

   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad-emea.doubleclick.net
   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com


maar dus niks van kunnen verwijderen

hopelijk kunt u helpen? dank!
Gesloten

Terug naar “Hulp bij malware problemen, adware, ongewenste software en een trage computer”