TorchuS
-
Items
16 -
Registratiedatum
-
Laatst bezocht
TorchuS's prestaties
-
Ik heb bovenstaande uitgevoerd. Na enige tijd is de scan gestopt zonder dat ik iets deed. Verificatie is 80% voltooid. De aangevraagde bewerking kan niet worden uitgevoerd.
-
HD Tune: Hitachi HTS543225L9A300 Information Firmware version : FBEOC40C Serial number : 090621FB2D06LJCS0Z1H Capacity : 232.9 GB (~250.1 GB) Buffer size : 7285248 bytes Standard : ATA/ATAPI-0 - SATA II Supported mode : UDMA Mode 6 (Ultra ATA/133) Current mode : UDMA Mode 6 (Ultra ATA/133) S.M.A.R.T : yes 48-bit Address : yes Read Look-Ahead : yes Write Cache : yes Host Protected Area : yes Device Configuration Overlay : yes Automatic Acoustic Management: yes Power Management : yes Advanced Power Management : yes Power-up in Standby : yes Security Mode : yes Firmware Upgradable : yes Partition : 1 Drive letter : Label : Capacity : 10000 MB Usage : 0.00% Type : unknown (27h) Bootable : No Partition : 2 Drive letter : C:\ Label : ACER Capacity : 114243 MB Usage : 74.11% Type : NTFS Bootable : Yes Partition : 3 Drive letter : D:\ Label : DATA Capacity : 114230 MB Usage : 66.13% Type : NTFS Bootable : No __________________________________________________________________ HD Tune: Hitachi HTS543225L9A300 Health ID Current Worst ThresholdData Status (01) Raw Read Error Rate 100 100 62 0 Ok (02) Throughput Performance 100 100 40 0 Ok (03) Spin Up Time 253 253 33 0 Ok (04) Start/Stop Count 95 95 0 7942 Ok (05) Reallocated Sector Count 100 100 5 0 Ok (07) Seek Error Rate 100 100 67 0 Ok (08) Seek Time Performance 100 100 40 0 Ok (09) Power On Hours Count 82 82 0 8255 Ok (0A) Spin Retry Count 100 100 60 0 Ok (0C) Power Cycle Count 95 95 0 7926 Ok (BF) G-sense Error Rate 100 100 0 0 Ok (C0) Power Off Retract Count 100 100 0 33 Ok (C1) Load Cycle Count 95 95 0 58472 Ok (C2) Temperature 122 122 0 524333 Ok (C4) Reallocated Event Count 100 100 0 0 Ok (C5) Current Pending Sector 100 100 0 0 Ok (C6) Offline Uncorrectable 100 100 0 0 Ok (C7) Ultra DMA CRC Error Count 200 200 0 0 Ok (DF) Load/Unload Retry Count 100 100 0 0 Ok Power On Time : 8255 Health Status : Ok ___________________________________________________________________ HD Tune: Hitachi HTS543225L9A300 Error Scan Scanned data : 238379 MB Damaged Blocks : 0.0 % Elapsed Time : 236:35
-
De laptop lijkt enkel niet te kunnen afsluiten als hij lange tijd heeft opgestaan. Als hij minder dan pakweg 6 uren heeft opgestaan lijkt hij steeds normaal af te sluiten. Ik krijg geen melding van beveiligingscertificaten meer sinds ik Firefox gebruik, maar de laptop loopt nog wel vaak vast. Ik denk dat hij gewoon oud en versleten is, en graag op pensioen wil.
-
http://speccy.piriform.com/results/Bvkl63r7jNj5lv2rYAJjZ2K
-
Ik gebruik nu ongeveer een week firefox en ik ben er best tevreden van. Wel zijn er twee zaken waarvan ik nu last heb en die ik voorheen niet had: - Het gebeurt regelmatig dat mijn scherm bevriest terwijl ik op internet surf. Na een paar minuten is het terug normaal. - Mijn laptop sluit 1 op de 3 keren niet af. Het scherm 'afsluiten' van windows gaat dan niet weg. Er zit dan niets anders op dan de PC af te zetten door de aan/uit knop enkele seconden in de drukken ... maar of dat goed is voor de laptop weet ik niet.
-
Bedankt. Ik ga Firefox een tijdje gebruiken en we zullen of ik hier ook deze meldingen krijg.
-
Daarnaast krijg ik, elke keer ik een nieuwe site open, de melding 'het weergeven van inhoud met beveiligingscertificaten wordt door internet explorer geblokkeerd'.
-
ComboFix 13-07-11.03 - Stef 12/07/2013 12:04:16.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3000.1881 [GMT 2:00] Gestart vanuit: c:\users\Stef\Desktop\ComboFix.exe AV: Norman Security Suite *Disabled/Updated* {F86A2F90-6CAD-D491-E1E0-29799D9EE21F} SP: Norman Security Suite *Disabled/Updated* {430BCE74-4A97-DB1F-DB50-120BE619A8A2} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\8qVWm83O.exe_.b c:\windows\system32\C . . (((((((((((((((((((( Bestanden Gemaakt van 2013-06-12 to 2013-07-12 )))))))))))))))))))))))))))))) . . 2013-07-12 10:16 . 2013-07-12 10:16 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-07-12 10:16 . 2013-07-12 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-07-12 09:39 . 2013-04-18 07:10 462040 ----a-w- c:\windows\system32\drivers\tdi_nf.sys 2013-07-12 09:39 . 2013-04-18 07:10 122352 ----a-w- c:\windows\system32\drivers\ale7_nf64.sys 2013-07-12 09:39 . 2013-04-18 07:10 120280 ----a-w- c:\windows\system32\drivers\ale_nf64.sys 2013-07-12 09:39 . 2013-04-18 07:09 114088 ----a-w- c:\windows\system32\drivers\ale7_nf.sys 2013-07-12 09:39 . 2013-04-18 07:09 111016 ----a-w- c:\windows\system32\drivers\ale_nf.sys 2013-07-12 09:39 . 2011-08-26 08:03 53928 ----a-w- c:\windows\system32\drivers\nnetsec.sys 2013-07-12 09:39 . 2011-08-11 11:52 34440 ----a-w- c:\windows\system32\drivers\nnetsecl64.sys 2013-07-12 09:39 . 2011-08-11 11:52 30856 ----a-w- c:\windows\system32\drivers\nnetsecl.sys 2013-07-12 09:39 . 2013-01-23 09:43 49384 ----a-w- c:\windows\system32\drivers\nvcv32mf.sys 2013-07-12 09:39 . 2012-10-01 10:52 221880 ----a-w- c:\windows\system32\nscrnsav.scr 2013-07-12 09:37 . 2013-07-12 09:49 -------- d-----w- c:\program files\Norman 2013-07-10 19:35 . 2013-04-17 11:28 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-07-10 19:35 . 2013-04-17 11:28 189952 ----a-w- c:\windows\system32\d3d10core.dll 2013-07-10 19:35 . 2013-04-17 11:28 1029120 ----a-w- c:\windows\system32\d3d10.dll 2013-07-10 19:35 . 2013-04-17 10:34 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2013-07-10 19:35 . 2013-04-17 10:33 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2013-07-10 19:35 . 2013-04-17 10:14 683008 ----a-w- c:\windows\system32\d2d1.dll 2013-07-10 19:35 . 2013-04-17 10:10 1069056 ----a-w- c:\windows\system32\DWrite.dll 2013-07-10 19:35 . 2013-04-17 10:10 798208 ----a-w- c:\windows\system32\FntCache.dll 2013-07-10 19:35 . 2013-04-17 11:28 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2013-07-10 19:35 . 2013-06-04 01:50 2049024 ----a-w- c:\windows\system32\win32k.sys 2013-07-10 19:35 . 2013-05-08 04:04 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-10 19:35 . 2013-06-01 04:06 505344 ----a-w- c:\windows\system32\qedit.dll 2013-07-10 19:32 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-07-10 19:32 . 2013-04-09 03:52 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-07-10 19:32 . 2013-04-09 03:51 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-07-10 19:32 . 2013-04-09 03:51 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-06-25 15:45 . 2013-06-25 16:16 -------- d-----w- c:\program files\SAMSUNG 2013-06-25 15:43 . 2013-06-25 15:43 -------- d-----w- c:\programdata\Samsung 2013-06-25 15:34 . 2013-06-25 15:34 -------- d-----w- c:\users\Stef\AppData\Local\Downloaded Installations 2013-06-25 15:21 . 2013-06-25 15:21 -------- d-----w- c:\users\Stef\AppData\Roaming\mypcdrivers 2013-06-25 15:21 . 2013-06-25 15:25 -------- d-----w- c:\program files\MyPCDrivers 2013-06-25 15:11 . 2013-06-25 15:11 -------- d-----w- c:\users\Stef\AppData\Roaming\driveridentifier 2013-06-25 15:11 . 2013-06-25 15:14 -------- d-----w- c:\program files\Driver Identifier 2013-06-21 19:53 . 2013-06-12 19:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-06-16 12:49 . 2013-06-16 12:49 -------- d-----w- c:\programdata\Last.fm 2013-06-16 12:49 . 2013-01-28 11:21 393728 ----a-w- c:\program files\Windows Media Player\Plugins\wmp_scrobbler.dll 2013-06-16 12:48 . 2013-07-10 18:50 -------- d-----w- c:\users\Stef\AppData\Local\Last.fm 2013-06-16 12:48 . 2013-06-16 12:48 -------- d-----w- c:\program files\Last.fm . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-10 19:28 . 2012-06-11 05:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-07-10 19:28 . 2011-09-09 12:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-12 19:48 . 2012-06-21 18:42 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-06-12 19:48 . 2011-08-07 11:55 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-05-12 07:48 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-08 19:05 . 2013-05-08 19:05 388096 ----a-r- c:\users\Stef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-05-08 04:37 . 2013-06-11 20:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-02 22:03 . 2013-06-11 20:37 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 22:03 . 2013-06-11 20:37 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-02 04:04 . 2013-06-11 20:37 443904 ----a-w- c:\windows\system32\win32spl.dll 2013-05-02 04:03 . 2013-06-11 20:37 37376 ----a-w- c:\windows\system32\printcom.dll 2013-04-24 04:00 . 2013-06-11 20:37 985600 ----a-w- c:\windows\system32\crypt32.dll 2013-04-24 04:00 . 2013-06-11 20:37 98304 ----a-w- c:\windows\system32\cryptnet.dll 2013-04-24 04:00 . 2013-06-11 20:37 133120 ----a-w- c:\windows\system32\cryptsvc.dll 2013-04-24 04:00 . 2013-06-11 20:37 41984 ----a-w- c:\windows\system32\certenc.dll 2013-04-24 01:46 . 2013-06-11 20:37 812544 ----a-w- c:\windows\system32\certutil.exe 2013-04-17 12:30 . 2013-06-11 20:37 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-04-15 14:20 . 2013-05-17 17:23 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2013-04-13 10:56 . 2013-05-17 17:23 37376 ----a-w- c:\windows\system32\cdd.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-21 68856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-08-21 3724800] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-01-10 196608] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-03-08 66888] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2009-08-21 08:34 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba] 2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater] 2012-06-04 08:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - NGS *NewlyCreated* - NREGSEC . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2013-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 19:28] . 2013-07-12 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 15:19] . 2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28] . 2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28] . . ------- Bijkomende Scan ------- . uStart Page = https://www.google.be/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0809&m=travelmate_5730 uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s TCP: DhcpNameServer = 192.168.1.1 195.130.131.132 195.130.130.4 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} - hxxps://mailhost.smetboring.be/dwa85W.cab . - - - - ORPHANS VERWIJDERD - - - - . SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-07-12 12:16 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3 "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a, ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:4f,0e,e8,78,14,45,ce,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\ . [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2013-07-12 12:20:53 ComboFix-quarantined-files.txt 2013-07-12 10:20 ComboFix2.txt 2013-05-09 19:21 . Pre-Run: 42.368.950.272 bytes beschikbaar Post-Run: 44.400.689.152 bytes beschikbaar . - - End Of File - - 5690E0EA0917CBBBF903FEBCEB2D6508 A863475757CC50891AA8458C415E4B25
-
Reeds enige tijd kan ik niet meer inloggen op hotmail (hotmail.com, outlook.com, etc.). Ik krijg namelijk de melding 'Er is een probleem met het beveiligingscertificaat van deze website'. Als ik vervolgens op doorgaan klik, krijg ik de melding Acces denied You don't have permission to access "/D/16382/142608/000/sslcachekey.bayw.mail.live.com/default.aspx?id=64855" on this server. Reference #18.e47cf8d5.1373549579.e6ac4eb Als ik mijn PC heropstart kan ik wel gewoon inloggen, maar als ik dan uitlog, en nadien terug inlog lukt het me niet meer. Blijkbaar is de meest voorkomende oorzaak van dit probleem een foutieve datum/tijd van de pc. Dat is bij mij niet het geval, dus misschien zit het probleem wat dieper. Daarom een logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:31:27, on 11/07/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16496) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Apoint2K\HidFind.exe C:\Windows\system32\igfxext.exe C:\Program Files\Apoint2K\Apntex.exe C:\Users\Stef\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\mobsync.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Bluetooth.lnk = ? O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} (IBM Lotus iNotes 8.5 Control) - https://mailhost.smetboring.be/dwa85W.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate1ca230afad8c58b) (gupdate1ca230afad8c58b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICM_UpdaterService Disp (ICM_UpdaterService) - Unknown owner - C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe (file missing) O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10468 bytes
-
ComboFix 13-05-09.01 - Stef 09/05/2013 21:03:09.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3000.1694 [GMT 2:00] Gestart vanuit: c:\users\Stef\Desktop\ComboFix.exe AV: Norman Security Suite *Enabled/Updated* {F86A2F90-6CAD-D491-E1E0-29799D9EE21F} SP: Norman Security Suite *Enabled/Updated* {430BCE74-4A97-DB1F-DB50-120BE619A8A2} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Aanwezig AV is actief . . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\8qVWm83O.exe.b . . (((((((((((((((((((( Bestanden Gemaakt van 2013-04-09 to 2013-05-09 )))))))))))))))))))))))))))))) . . 2013-05-09 19:16 . 2013-05-09 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-08 19:05 . 2013-05-08 19:05 388096 ----a-r- c:\users\Stef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-05-08 19:02 . 2013-05-08 19:03 -------- d-----w- c:\program files\Hijack This 2013-05-01 15:47 . 2013-05-01 15:47 -------- d-----w- c:\program files\CCleaner 2013-05-01 15:46 . 2013-05-01 15:47 4346816 ----a-w- C:\ccsetup401.exe 2013-04-24 18:25 . 2013-04-18 07:10 462040 ----a-w- c:\windows\system32\drivers\tdi_nf.sys 2013-04-24 18:25 . 2013-04-18 07:10 122352 ----a-w- c:\windows\system32\drivers\ale7_nf64.sys 2013-04-24 18:25 . 2013-04-18 07:10 120280 ----a-w- c:\windows\system32\drivers\ale_nf64.sys 2013-04-24 18:25 . 2013-04-18 07:09 114088 ----a-w- c:\windows\system32\drivers\ale7_nf.sys 2013-04-24 18:25 . 2013-04-18 07:09 111016 ----a-w- c:\windows\system32\drivers\ale_nf.sys 2013-04-20 00:53 . 2013-04-20 00:53 -------- d-----w- c:\program files\Common Files\Java 2013-04-20 00:53 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-04-10 15:56 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-10 15:56 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll 2013-04-10 15:56 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll 2013-04-10 15:56 . 2013-03-11 13:25 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-10 15:56 . 2013-03-11 13:25 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-04-10 15:56 . 2013-03-09 03:45 49152 ----a-w- c:\windows\system32\csrsrv.dll 2013-04-10 15:56 . 2013-03-09 01:28 64000 ----a-w- c:\windows\system32\smss.exe 2013-04-10 15:56 . 2013-03-05 01:40 2049024 ----a-w- c:\windows\system32\win32k.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-08 18:45 . 2012-06-11 05:52 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-08 18:45 . 2011-09-09 12:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-04 12:50 . 2012-05-29 16:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-27 20:28 . 2010-06-24 10:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-03-23 22:29 . 2013-03-23 22:29 161792 ----a-w- c:\windows\system32\msls31.dll 2013-03-23 22:29 . 2013-03-23 22:29 86528 ----a-w- c:\windows\system32\iesysprep.dll 2013-03-23 22:29 . 2013-03-23 22:29 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-03-23 22:29 . 2013-03-23 22:29 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-03-23 22:29 . 2013-03-23 22:29 63488 ----a-w- c:\windows\system32\tdc.ocx 2013-03-23 22:29 . 2013-03-23 22:29 367104 ----a-w- c:\windows\system32\html.iec 2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\iesetup.dll 2013-03-23 22:29 . 2013-03-23 22:29 23552 ----a-w- c:\windows\system32\licmgr10.dll 2013-03-23 22:29 . 2013-03-23 22:29 152064 ----a-w- c:\windows\system32\wextract.exe 2013-03-23 22:29 . 2013-03-23 22:29 150528 ----a-w- c:\windows\system32\iexpress.exe 2013-03-23 22:29 . 2013-03-23 22:29 11776 ----a-w- c:\windows\system32\mshta.exe 2013-03-23 22:29 . 2013-03-23 22:29 101888 ----a-w- c:\windows\system32\admparse.dll 2013-03-23 22:29 . 2013-03-23 22:29 35840 ----a-w- c:\windows\system32\imgutil.dll 2013-03-23 22:29 . 2013-03-23 22:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-03-13 17:26 . 2012-06-21 18:42 861088 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-03-13 17:26 . 2011-08-07 11:55 782240 ----a-w- c:\windows\system32\deployJava1.dll 2013-02-12 01:57 . 2013-03-20 14:24 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-21 68856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192] "RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-08-21 3724800] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-01-10 196608] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-03-08 66888] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "DisableCAD"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2009-08-21 08:34 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba] 2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater] 2012-06-04 08:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [x] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - NSAK_2BDA1B62 *Deregistered* - nsak_2BDA1B62 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2013-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 18:45] . 2013-05-09 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 15:19] . 2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28] . 2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0809&m=travelmate_5730 uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s TCP: DhcpNameServer = 192.168.1.1 195.130.131.132 195.130.130.4 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) HKLM-Run-eRecoveryService - (no file) SafeBoot-WudfPf SafeBoot-WudfRd AddRemove-Signature995 - c:\pdf995\res\utilities\Signature995\thinsetup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-05-09 21:17 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b, 27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc, 1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7 "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07, 72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57 "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23, 94,30,02,d1,0f,f1,da,12,24,73,56,27,d2 "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b, ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3 "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a, ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49 "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db, df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16, fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17 "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9, b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration] @Denied: (2) (LocalSystem) "Timestamp"=hex:4f,0e,e8,78,14,45,ce,01 . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\ . [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2013-05-09 21:21:39 ComboFix-quarantined-files.txt 2013-05-09 19:21 . Pre-Run: 50.660.585.472 bytes beschikbaar Post-Run: 50.886.373.376 bytes beschikbaar . - - End Of File - - B19AC2A872F2DB6AAE9FAFE8C2875C20
-
Mijn antivirus software is Norman Security Suite. Ik heb standaard het "N" symbool onderaan rechts de taakbalk staan. Als ik hier nu echter op klik (om naar het startscherm te gaan) krijg ik het volgende scherm: Het laden gaat oneindig door. Ik kom dus niet in het menu scherm. Kan dit te maken hebben met de uitgevoerde acties? Hoe kan ik Norman dan uitschakelen als ik niet in het menu kom?
-
Ik heb de indruk dat ie nu weer wat sneller loopt. Nog niet zoals het zou moeten zijn, maar stukken beter dan eerder. Bedankt voor de hulp. Zijn er bepaalde zaken die ik regelmatig moet doen om de PC wat op te schonen? Ik denk aan een wekelijkse scan met Malwarebytes?
-
Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.05.09.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Stef :: PC_VAN_STEF [administrator] 9/05/2013 15:43:25 mbam-log-2013-05-09 (15-43-25).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 219969 Verstreken tijd: 25 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
-
# AdwCleaner v2.300 - Verslag gemaakt op 09/05/2013 om 15:19:08 # Geactualiseerd op 28/04/2013 door Xplode # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits) # Gebruiker : Stef - PC_VAN_STEF # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Stef\Desktop\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\user.js Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Map Verwijdert : C:\Users\Stef\AppData\Local\Babylon Map Verwijdert : C:\Users\Stef\AppData\Roaming\Babylon Map Verwijdert : C:\Users\Stef\AppData\Roaming\Media Finder Map Verwijdert : C:\Users\Stef\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\MediaFinder Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MF Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16476 [OK] Het register bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [1440 octets] - [09/05/2013 15:19:08] ########## EOF - C:\AdwCleaner[s1].txt - [1500 octets] ##########
-
Na het opvolgen van Kape's advies: Tijdens en na de Malwarebytes scan gaf Norman de melding dat het een Trojaans paard had gedetecteerd dat niet verwijderd kon worden. Het gaat om volgende Trojan: wimpe/Cridex.HD. Malwarebytes log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie: v2013.05.09.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Stef :: PC_VAN_STEF [administrator] 9/05/2013 11:25:17 mbam-log-2013-05-09 (11-25-17).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 217272 Verstreken tijd: 30 minuut/minuten, 14 seconde(n) Geheugenprocessen gedetecteerd: 7 C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5192 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4356 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4240 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5376 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5952 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4504 -> Zal worden verwijderd tijdens het herstarten. C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 484 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> Zal worden verwijderd tijdens het herstarten. (einde) Hijack This log (na uitvoeren Malwarebytes scan en heropstart pc): Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:07:31, on 9/05/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\RtHDVCpl.exe C:\Windows\PLFSetI.exe C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Users\Stef\AppData\Local\Temp\RtkBtMnt.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\system32\igfxext.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Bluetooth.lnk = ? O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updateservice (gupdate1ca230afad8c58b) (gupdate1ca230afad8c58b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 10472 bytes Zal ik nu meteen kweezie wabbit's raad ook opvolgen?
