Beste,

Mijn pc start langzaam op en firefox openen duurt lang
Hierbij log gmer, malware geen foutmelding
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2017-10-05 14:32:38
Windows 6.2.9200 x64
Running: drivhwwd.exe


---- Registry - GMER 2.2 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@ SystemStartTime 0x8F 0x94 0xFB 0x96 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@ CMFStartTime 0x8F 0x94 0xFB 0x96 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@ CMFLastStartTime 0x5A 0x13 0x9E 0x1A ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@ SystemLastStartTime 0x5A 0x13 0x9E 0x1A ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\ BootLanguages@nl-NL 126
Reg HKLM\SYSTEM\CurrentControlSet\Control\Diagnostics\ Performance@ActiveShutdownDCL C:\WINDOWS\System32\WDI\LogFiles\WdiContextLog.etl .001
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDriv ers\Configuration\GSM57A3102TPNY0M207_02_07DB_94^9 B23E65E84D68C21DC400A36682D90BA@Timestamp 0xCE 0xEF 0xD1 0x0D ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 776
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager\Defrag@LastRun 09:30:2017
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Configuration Manager\Defrag@TotalBytesSaved 0x00 0xF0 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Executive@UuidSequenceNumber 3900154
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -2009835242
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BootId 175
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters@BaseTime 516424428
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime 8733
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@FwPOSTTime 8022
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime 13151
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeBootMgrTime 195
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppTime 486
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeAppStartTimestamp 8929
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeInitTime 193
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeHiberFileTime 213
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeRestoreImageStartTimestamp 9198
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeIoTime 139
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressTime 114
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeKernelSwitchTimestamp 9416
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp 9438
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp 12740
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TimeStampCounterAtSwitchTime 9434
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState 13144
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime 3243
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime 178
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime 10551
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeHiberFileTime 3298
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeInitTime 222
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeSharedBufferTime 8
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime 388
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelAnimationTime 51
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed 445975
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten 0xA0 0x60 0x02 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed 20626
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten 0xED 0x25 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate 52
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeReadRate 201
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeDecompressRate 124
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelResumeIoCpuTime 301
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime 120
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HybridBootAnimationTime 2957
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp 0x19 0xA4 0xCF 0x03 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID bb65ce7c-b6be-447d-bb30-0f1fa7f
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@GlassSessionId 3
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologg er\AITEventLog@FileCounter 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologg er\SQMLogger@FileCounter 5
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologg er\WdiContextLog@FileCounter 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswbidsh\Pa rameters@Reboot 125
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Par ameters@SystemRoot \Device\HarddiskVolume5\WINDOWS
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Par ameters@BootCounter 76
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Par ameters\Instup_15005007374212303@SetupOperations ???4?????4?4?4???????????????????????????k??? ??????????????? ???????????_??????????? ??????? ??????????? ? ????????????&????????????????????????????????????? ???d???????????????????????_??????=??????????????? ??????????????????????? ?????4?4?????????????????d?????????????????l?????4 ?4? ? ? ??A?(?????????????????????????? ???????3?????=????????????????^????????????^?????? ? ??????F????S???????????????????m??????????FSFilter Activity Monitor????????7??192.168.2.1?????? ???????4???????????4???????? ??????????????????????????4???4??Commited?4???4?4? 4?4?4?4??????????????????????????????????????????? ??????4???w??????as???????4???????????7??????????? ????k??????????????? ???????4???????????4???????? ??????????????????????????4??????Commited?????4?4? 4?4?4?4?????????????????????5???????????.?????t85? ??????4??????????ro???????4??????????????????????? ????k???N??????????? ???????4???????????4???????? ??????????????????????????4??? ??Commited?????4?4?4?4?4?4?????????????.?????teF?? ????????? ???????????????4??? ??????? ?????
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Par ameters\Instup_15048189499212310@SetupOperations ???5?????5?5?5???????????w???????????????????m???? ??????? ???????4???????????5???????? ???E??????????????????????5??????Commited?&???5?5? 5?5?5?5?????????????0?????tas???????????e????????? ??????5???????????????????????????????r??????????? ????????.??????????? ???????4???????????5???????? ???F??????????????????????5??????Reverted?????5?5? 5?5?5?5?????????????i?????tow???????????E?????tn|? ??????5???|??????53???????????????????e??????????? ????????3??????????? ???????4???????????5???????? ???G??????????????????????5??????Reverted?????5?5? 5?5?5?5?????????????e???????????????????a?????t??? ??????5??????????????????in???????????v??????????? ????????5??????????? ???????4???????????5???????? ???H??????????????????????5??????Reverted?????5?5? 5?5?5?5?????????????C?????ter?????????????????t??? ??????5??? ??????AV??????ft???????????i???????????????????8?? ????????? ???????4???????????5???????? ???I??????????????????????5??????Commited?????5?5? 5?5?5?5?????????????l?????t???????????????????t?i? ??????5???????????A?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\aswRvrt\Par ameters\Instup_15071249046252314@SetupOperations ??? ????????????????????????????????????? ??????? ??????????? ? ????????????&???????????????????????????????? ???????????????????????????d?????????????????????? ????????????????????????????????????Service?????? ??????? ??????????? ? ????????????&????????????????????d??????? ???3???????d??????? ??????????? ??????????????? ??????? ??????????? ? ????????????&????????????????????d???????????????? ???d??????????? ???d??????????? ???"????????? ??? ??? ??? ??? ??????? ??? ??? ??? ??? ??? ??? ???8???=???R??? ??? ???????????f??????? ??? ??? ??? ??? ???4???????????=???R????????&????????????????????? ???&???=?????????????????????????????????????g???? ?????????????????d??????? ??? ??????????????? ??? ??????????? ??????? ??????????? ? ????????????&????????????????????d???????????????? ???d??????? ??? ???????????4???????d???????4???????????d???????,?? ?d???????d??? ??????? ??????????? ? ???????????l&????????????????????????????????????? ??????????? ???????????????????^???d??Commited? ??????????? ???????d??????? ?????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Pa rameters\Probe\{b2e2380a-1f07-4941-a741-30a57722c624}@LastProbeTime 1507133051
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Pa rameters\Isatap\{C508EA75-0D2C-49D4-9FB6-E3034BC2DED3}@DefunctTimestamp 0xFA 0xE3 0xD5 0x59 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMChamele on@ProtectedRegistry ????Pr???????????????^??????Ap??????????????mp???? ???????????\??????????????Fi??????? ??????ot??????? ??????st?????????????????????????????????????????? ????????Sp ??????????c??? ?????????????ma ??????????b???? ?????????????il ??????????y??? ?????????????tr ??????????r???5 ?????????????ro ?????????????6) ??????????e???h ?????????????v\ ??????????s???? ?????????????m ??????????\???b ?????????????De ??????????s???t ?? ? ? ? ? ??:\ ??????????e???x ?? ? ? ? ? ??ea ??????????o???\ ?? ? ? ? ? ??s.??????????? ???????????????i??????????? ???? ?? ? ? ? ? ???? ??????????????a ?? ? ? ? ? ?? P ??????????r???? ?? ? ? ? ? ???? ?????????? ??? ?? ? ? ? ? ???? ??????????????? ?? ? ?^?_?????? ??????????O???? ?? ???????????? ??????????????9 ?????? ??????:\ ??????????t???? ?? ??? ??????oo ??????????D???E ?? ??????????WS ??????????r???? ??/? ????????lt ??????????a???t ??/???4???????m ??????????t???A ??3??????????r? ??????????W???? ??=???????????? ??????????????? ??_??????????Ma ??????????A???- ??f??????????? ????L??8?????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt@ Tag 8
Reg HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtect ion@Tag 7
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Pa rameters@LastBootPlanUserTime ?wo?, ?okt ?04 ?17, 04:05:37???????????????????????????????????
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Epoch@Epoch 49906
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Epoch2@Epoch 4226
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Para meters@MajorSequence 170
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{C4B338D1-E6F9-4FD3-AA9D-09B700F522D7}@LeaseObtainedTime 1507189755
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{C4B338D1-E6F9-4FD3-AA9D-09B700F522D7}@T1 -640293894
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{C4B338D1-E6F9-4FD3-AA9D-09B700F522D7}@T2 2044060666
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{DB92AAA6-20A1-42F1-BDDD-FBCA15045D33}@LeaseObtainedTime 1507189761
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{DB92AAA6-20A1-42F1-BDDD-FBCA15045D33}@T1 -640293888
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Param eters\Interfaces\{DB92AAA6-20A1-42F1-BDDD-FBCA15045D33}@T2 2044060672
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer@GlobalAssocChangedCounter 116
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Shutdown@CleanShutdown 1
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@PolicyDocumentLastRefresh 0xA5 0x88 0x9A 0x05 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@WindowsBandwidthBucketCounter 14253
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastWindowsBandwidthBucketDra inTime 0xE7 0xAB 0x9F 0x0A ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@WindowsRequestBucketCounter 34
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastWindowsRequestBucketDrain Time 0x9F 0x35 0xC0 0x8D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastWindowsLargeBandwidthBuck etDrainTime 0xE7 0xAB 0x9F 0x0A ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastWindowsLargeRequestBucket DrainTime 0x9F 0x35 0xC0 0x8D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@OtherBandwidthBucketCounter 1444
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastOtherBandwidthBucketDrain Time 0xE7 0xAB 0x9F 0x0A ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@OtherRequestBucketCounter 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastOtherRequestBucketDrainTi me 0x9F 0x35 0xC0 0x8D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@GlobalBandwidthBucketCounter 15697
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@GlobalRequestBucketCounter 0
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastGlobalRequestBucketDrainT ime 0x9F 0x35 0xC0 0x8D ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@LastUploadTime 0xC1 0xD3 0x7D 0x46 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyData@RoamingSyncToken LM%3d63642722487077%3bID%3d3274D2E4AB2684AA!107%3b LR%3d63642722681687%3bEP%3d16%3bSI%3d73%3bTD%3dTru e%3bSO%3d0%3bPI%3d49
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\PolicyDocument@Etag wX3C+p8FmkIo8aqBOhFVHYUn9OI=
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\RegistrarData@LastRenewCollectionsIntere st 0xAB 0xFC 0x1B 0x44 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Liv e\Roaming\RegistrarData@LastDownloadCollectionInte rest 0x4D 0x56 0xF1 0xCE ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Sto re@LastTileRefresh 0x6E 0x9A 0x77 0xB0 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Sto re\RefreshBannedAppList@BannedAppsLastModified 0x80 0xA7 0x9C 0x91 ...

---- EOF - GMER 2.2 ----