Ga naar inhoud

TorchuS

Lid
  • Items

    16
  • Registratiedatum

  • Laatst bezocht

Berichten die geplaatst zijn door TorchuS

  1. HD Tune: Hitachi HTS543225L9A300 Information

    Firmware version : FBEOC40C

    Serial number : 090621FB2D06LJCS0Z1H

    Capacity : 232.9 GB (~250.1 GB)

    Buffer size : 7285248 bytes

    Standard : ATA/ATAPI-0 - SATA II

    Supported mode : UDMA Mode 6 (Ultra ATA/133)

    Current mode : UDMA Mode 6 (Ultra ATA/133)

    S.M.A.R.T : yes

    48-bit Address : yes

    Read Look-Ahead : yes

    Write Cache : yes

    Host Protected Area : yes

    Device Configuration Overlay : yes

    Automatic Acoustic Management: yes

    Power Management : yes

    Advanced Power Management : yes

    Power-up in Standby : yes

    Security Mode : yes

    Firmware Upgradable : yes

    Partition : 1

    Drive letter :

    Label :

    Capacity : 10000 MB

    Usage : 0.00%

    Type : unknown (27h)

    Bootable : No

    Partition : 2

    Drive letter : C:\

    Label : ACER

    Capacity : 114243 MB

    Usage : 74.11%

    Type : NTFS

    Bootable : Yes

    Partition : 3

    Drive letter : D:\

    Label : DATA

    Capacity : 114230 MB

    Usage : 66.13%

    Type : NTFS

    Bootable : No

    __________________________________________________________________

    HD Tune: Hitachi HTS543225L9A300 Health

    ID Current Worst ThresholdData Status

    (01) Raw Read Error Rate 100 100 62 0 Ok

    (02) Throughput Performance 100 100 40 0 Ok

    (03) Spin Up Time 253 253 33 0 Ok

    (04) Start/Stop Count 95 95 0 7942 Ok

    (05) Reallocated Sector Count 100 100 5 0 Ok

    (07) Seek Error Rate 100 100 67 0 Ok

    (08) Seek Time Performance 100 100 40 0 Ok

    (09) Power On Hours Count 82 82 0 8255 Ok

    (0A) Spin Retry Count 100 100 60 0 Ok

    (0C) Power Cycle Count 95 95 0 7926 Ok

    (BF) G-sense Error Rate 100 100 0 0 Ok

    (C0) Power Off Retract Count 100 100 0 33 Ok

    (C1) Load Cycle Count 95 95 0 58472 Ok

    (C2) Temperature 122 122 0 524333 Ok

    (C4) Reallocated Event Count 100 100 0 0 Ok

    (C5) Current Pending Sector 100 100 0 0 Ok

    (C6) Offline Uncorrectable 100 100 0 0 Ok

    (C7) Ultra DMA CRC Error Count 200 200 0 0 Ok

    (DF) Load/Unload Retry Count 100 100 0 0 Ok

    Power On Time : 8255

    Health Status : Ok

    ___________________________________________________________________

    HD Tune: Hitachi HTS543225L9A300 Error Scan

    Scanned data : 238379 MB

    Damaged Blocks : 0.0 %

    Elapsed Time : 236:35

  2. De laptop lijkt enkel niet te kunnen afsluiten als hij lange tijd heeft opgestaan. Als hij minder dan pakweg 6 uren heeft opgestaan lijkt hij steeds normaal af te sluiten.

    Ik krijg geen melding van beveiligingscertificaten meer sinds ik Firefox gebruik, maar de laptop loopt nog wel vaak vast.

    Ik denk dat hij gewoon oud en versleten is, en graag op pensioen wil.

  3. Ik gebruik nu ongeveer een week firefox en ik ben er best tevreden van.

    Wel zijn er twee zaken waarvan ik nu last heb en die ik voorheen niet had:

    - Het gebeurt regelmatig dat mijn scherm bevriest terwijl ik op internet surf. Na een paar minuten is het terug normaal.

    - Mijn laptop sluit 1 op de 3 keren niet af. Het scherm 'afsluiten' van windows gaat dan niet weg. Er zit dan niets anders op dan de PC af te zetten door de aan/uit knop enkele seconden in de drukken ... maar of dat goed is voor de laptop weet ik niet.

  4. ComboFix 13-07-11.03 - Stef 12/07/2013 12:04:16.3.2 - x86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3000.1881 [GMT 2:00]

    Gestart vanuit: c:\users\Stef\Desktop\ComboFix.exe

    AV: Norman Security Suite *Disabled/Updated* {F86A2F90-6CAD-D491-E1E0-29799D9EE21F}

    SP: Norman Security Suite *Disabled/Updated* {430BCE74-4A97-DB1F-DB50-120BE619A8A2}

    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\programdata\8qVWm83O.exe_.b

    c:\windows\system32\C

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2013-06-12 to 2013-07-12 ))))))))))))))))))))))))))))))

    .

    .

    2013-07-12 10:16 . 2013-07-12 10:16 -------- d-----w- c:\users\Public\AppData\Local\temp

    2013-07-12 10:16 . 2013-07-12 10:16 -------- d-----w- c:\users\Default\AppData\Local\temp

    2013-07-12 09:39 . 2013-04-18 07:10 462040 ----a-w- c:\windows\system32\drivers\tdi_nf.sys

    2013-07-12 09:39 . 2013-04-18 07:10 122352 ----a-w- c:\windows\system32\drivers\ale7_nf64.sys

    2013-07-12 09:39 . 2013-04-18 07:10 120280 ----a-w- c:\windows\system32\drivers\ale_nf64.sys

    2013-07-12 09:39 . 2013-04-18 07:09 114088 ----a-w- c:\windows\system32\drivers\ale7_nf.sys

    2013-07-12 09:39 . 2013-04-18 07:09 111016 ----a-w- c:\windows\system32\drivers\ale_nf.sys

    2013-07-12 09:39 . 2011-08-26 08:03 53928 ----a-w- c:\windows\system32\drivers\nnetsec.sys

    2013-07-12 09:39 . 2011-08-11 11:52 34440 ----a-w- c:\windows\system32\drivers\nnetsecl64.sys

    2013-07-12 09:39 . 2011-08-11 11:52 30856 ----a-w- c:\windows\system32\drivers\nnetsecl.sys

    2013-07-12 09:39 . 2013-01-23 09:43 49384 ----a-w- c:\windows\system32\drivers\nvcv32mf.sys

    2013-07-12 09:39 . 2012-10-01 10:52 221880 ----a-w- c:\windows\system32\nscrnsav.scr

    2013-07-12 09:37 . 2013-07-12 09:49 -------- d-----w- c:\program files\Norman

    2013-07-10 19:35 . 2013-04-17 11:28 219648 ----a-w- c:\windows\system32\d3d10_1core.dll

    2013-07-10 19:35 . 2013-04-17 11:28 189952 ----a-w- c:\windows\system32\d3d10core.dll

    2013-07-10 19:35 . 2013-04-17 11:28 1029120 ----a-w- c:\windows\system32\d3d10.dll

    2013-07-10 19:35 . 2013-04-17 10:34 1172480 ----a-w- c:\windows\system32\d3d10warp.dll

    2013-07-10 19:35 . 2013-04-17 10:33 486400 ----a-w- c:\windows\system32\d3d10level9.dll

    2013-07-10 19:35 . 2013-04-17 10:14 683008 ----a-w- c:\windows\system32\d2d1.dll

    2013-07-10 19:35 . 2013-04-17 10:10 1069056 ----a-w- c:\windows\system32\DWrite.dll

    2013-07-10 19:35 . 2013-04-17 10:10 798208 ----a-w- c:\windows\system32\FntCache.dll

    2013-07-10 19:35 . 2013-04-17 11:28 160768 ----a-w- c:\windows\system32\d3d10_1.dll

    2013-07-10 19:35 . 2013-06-04 01:50 2049024 ----a-w- c:\windows\system32\win32k.sys

    2013-07-10 19:35 . 2013-05-08 04:04 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL

    2013-07-10 19:35 . 2013-06-01 04:06 505344 ----a-w- c:\windows\system32\qedit.dll

    2013-07-10 19:32 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

    2013-07-10 19:32 . 2013-04-09 03:52 1218048 ----a-w- c:\program files\Windows Journal\NBDoc.DLL

    2013-07-10 19:32 . 2013-04-09 03:51 983552 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll

    2013-07-10 19:32 . 2013-04-09 03:51 964608 ----a-w- c:\program files\Windows Journal\JNWDRV.dll

    2013-06-25 15:45 . 2013-06-25 16:16 -------- d-----w- c:\program files\SAMSUNG

    2013-06-25 15:43 . 2013-06-25 15:43 -------- d-----w- c:\programdata\Samsung

    2013-06-25 15:34 . 2013-06-25 15:34 -------- d-----w- c:\users\Stef\AppData\Local\Downloaded Installations

    2013-06-25 15:21 . 2013-06-25 15:21 -------- d-----w- c:\users\Stef\AppData\Roaming\mypcdrivers

    2013-06-25 15:21 . 2013-06-25 15:25 -------- d-----w- c:\program files\MyPCDrivers

    2013-06-25 15:11 . 2013-06-25 15:11 -------- d-----w- c:\users\Stef\AppData\Roaming\driveridentifier

    2013-06-25 15:11 . 2013-06-25 15:14 -------- d-----w- c:\program files\Driver Identifier

    2013-06-21 19:53 . 2013-06-12 19:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2013-06-16 12:49 . 2013-06-16 12:49 -------- d-----w- c:\programdata\Last.fm

    2013-06-16 12:49 . 2013-01-28 11:21 393728 ----a-w- c:\program files\Windows Media Player\Plugins\wmp_scrobbler.dll

    2013-06-16 12:48 . 2013-07-10 18:50 -------- d-----w- c:\users\Stef\AppData\Local\Last.fm

    2013-06-16 12:48 . 2013-06-16 12:48 -------- d-----w- c:\program files\Last.fm

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-07-10 19:28 . 2012-06-11 05:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2013-07-10 19:28 . 2011-09-09 12:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2013-06-12 19:48 . 2012-06-21 18:42 867240 ----a-w- c:\windows\system32\npdeployJava1.dll

    2013-06-12 19:48 . 2011-08-07 11:55 789416 ----a-w- c:\windows\system32\deployJava1.dll

    2013-05-12 07:48 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

    2013-05-08 19:05 . 2013-05-08 19:05 388096 ----a-r- c:\users\Stef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2013-05-08 04:37 . 2013-06-11 20:37 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys

    2013-05-02 22:03 . 2013-06-11 20:37 3603832 ----a-w- c:\windows\system32\ntkrnlpa.exe

    2013-05-02 22:03 . 2013-06-11 20:37 3551096 ----a-w- c:\windows\system32\ntoskrnl.exe

    2013-05-02 04:04 . 2013-06-11 20:37 443904 ----a-w- c:\windows\system32\win32spl.dll

    2013-05-02 04:03 . 2013-06-11 20:37 37376 ----a-w- c:\windows\system32\printcom.dll

    2013-04-24 04:00 . 2013-06-11 20:37 985600 ----a-w- c:\windows\system32\crypt32.dll

    2013-04-24 04:00 . 2013-06-11 20:37 98304 ----a-w- c:\windows\system32\cryptnet.dll

    2013-04-24 04:00 . 2013-06-11 20:37 133120 ----a-w- c:\windows\system32\cryptsvc.dll

    2013-04-24 04:00 . 2013-06-11 20:37 41984 ----a-w- c:\windows\system32\certenc.dll

    2013-04-24 01:46 . 2013-06-11 20:37 812544 ----a-w- c:\windows\system32\certutil.exe

    2013-04-17 12:30 . 2013-06-11 20:37 24576 ----a-w- c:\windows\system32\cryptdlg.dll

    2013-04-15 14:20 . 2013-05-17 17:23 638328 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

    2013-04-13 10:56 . 2013-05-17 17:23 37376 ----a-w- c:\windows\system32\cdd.dll

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]

    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-21 68856]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]

    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]

    "RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]

    "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]

    "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-08-21 3724800]

    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-01-10 196608]

    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]

    "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

    "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-03-08 66888]

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableLUA"= 0 (0x0)

    "EnableUIADesktopToggle"= 0 (0x0)

    "DisableCAD"= 1 (0x1)

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

    2009-08-21 08:34 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]

    2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

    2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

    2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]

    2012-06-04 08:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

    .

    R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [2004-04-30 24832]

    .

    .

    --- Andere Services/Drivers In Geheugen ---

    .

    *NewlyCreated* - NGS

    *NewlyCreated* - NREGSEC

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    bthsvcs REG_MULTI_SZ BthServ

    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    .

    Inhoud van de 'Gedeelde Taken' map

    .

    2013-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 19:28]

    .

    2013-07-12 c:\windows\Tasks\Google Software Updater.job

    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 15:19]

    .

    2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

    .

    2013-07-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = https://www.google.be/

    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0809&m=travelmate_5730

    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

    TCP: DhcpNameServer = 192.168.1.1 195.130.131.132 195.130.130.4

    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

    DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} - hxxps://mailhost.smetboring.be/dwa85W.cab

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    SafeBoot-WudfPf

    SafeBoot-WudfRd

    AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe

    AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe

    AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe

    AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe

    AddRemove-05_Sloan - c:\program files\SAMSUNG\USB Drivers\05_Sloan\Uninstall.exe

    AddRemove-06_Spencer - c:\program files\SAMSUNG\USB Drivers\06_Spencer\Uninstall.exe

    AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe

    AddRemove-08_EMPChipset - c:\program files\SAMSUNG\USB Drivers\08_EMPChipset\Uninstall.exe

    AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe

    AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe

    AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe

    AddRemove-17_EMP_Chipset2 - c:\program files\SAMSUNG\USB Drivers\17_EMP_Chipset2\Uninstall.exe

    AddRemove-18_Zinia_Serial_Driver - c:\program files\SAMSUNG\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe

    AddRemove-19_VIA_driver - c:\program files\SAMSUNG\USB Drivers\19_VIA_driver\Uninstall.exe

    AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe

    AddRemove-21_Searsburg - c:\program files\SAMSUNG\USB Drivers\21_Searsburg\Uninstall.exe

    AddRemove-22_WiBro_WiMAX - c:\program files\SAMSUNG\USB Drivers\22_WiBro_WiMAX\Uninstall.exe

    AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe

    AddRemove-25_escape - c:\program files\SAMSUNG\USB Drivers\25_escape\Uninstall.exe

    .

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

    Rootkit scan 2013-07-12 12:16

    Windows 6.0.6002 Service Pack 2 NTFS

    .

    scannen van verborgen processen ...

    .

    scannen van verborgen autostart items ...

    .

    scannen van verborgen bestanden ...

    .

    Scan succesvol afgerond

    verborgen bestanden: 0

    .

    **************************************************************************

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

    @Denied: (2) (LocalSystem)

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

    72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

    "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

    ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

    @Denied: (2) (LocalSystem)

    "Timestamp"=hex:4f,0e,e8,78,14,45,ce,01

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

    @Denied: (2) (LocalSystem)

    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

    .

    [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

    @Denied: (2) (LocalSystem)

    "Progid"="WindowsLiveMail.Email.1"

    .

    [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

    @Denied: (2) (LocalSystem)

    "Progid"="WindowsLiveMail.VCard.1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    Voltooingstijd: 2013-07-12 12:20:53

    ComboFix-quarantined-files.txt 2013-07-12 10:20

    ComboFix2.txt 2013-05-09 19:21

    .

    Pre-Run: 42.368.950.272 bytes beschikbaar

    Post-Run: 44.400.689.152 bytes beschikbaar

    .

    - - End Of File - - 5690E0EA0917CBBBF903FEBCEB2D6508

    A863475757CC50891AA8458C415E4B25

  5. Reeds enige tijd kan ik niet meer inloggen op hotmail (hotmail.com, outlook.com, etc.). Ik krijg namelijk de melding 'Er is een probleem met het beveiligingscertificaat van deze website'. Als ik vervolgens op doorgaan klik, krijg ik de melding

    Acces denied

    You don't have permission to access

    "/D/16382/142608/000/sslcachekey.bayw.mail.live.com/default.aspx?id=64855" on

    this server.

    Reference #18.e47cf8d5.1373549579.e6ac4eb

    Als ik mijn PC heropstart kan ik wel gewoon inloggen, maar als ik dan uitlog, en nadien terug inlog lukt het me niet meer.

    Blijkbaar is de meest voorkomende oorzaak van dit probleem een foutieve datum/tijd van de pc. Dat is bij mij niet het geval, dus misschien zit het probleem wat dieper. Daarom een logje:

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 15:31:27, on 11/07/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16496)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\RtHDVCpl.exe

    C:\Windows\PLFSetI.exe

    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

    C:\Program Files\Apoint2K\Apoint.exe

    C:\Program Files\Launch Manager\LManager.exe

    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    C:\Program Files\Norman\Npm\Bin\zlh.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Program Files\Apoint2K\ApMsgFwd.exe

    C:\Windows\system32\igfxsrvc.exe

    C:\Program Files\Apoint2K\HidFind.exe

    C:\Windows\system32\igfxext.exe

    C:\Program Files\Apoint2K\Apntex.exe

    C:\Users\Stef\AppData\Local\Temp\RtkBtMnt.exe

    C:\Program Files\Norman\Npm\Bin\zlhh.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\System32\mobsync.exe

    C:\Program Files\Norman\Nvc\Bin\cclaw.exe

    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show

    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

    O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - Global Startup: Bluetooth.lnk = ?

    O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O16 - DPF: {CEF002D2-5A9F-4656-AA41-85DA2534ACBD} (IBM Lotus iNotes 8.5 Control) - https://mailhost.smetboring.be/dwa85W.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

    O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

    O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe

    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate1ca230afad8c58b) (gupdate1ca230afad8c58b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: ICM_UpdaterService Disp (ICM_UpdaterService) - Unknown owner - C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe (file missing)

    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

    O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

    O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

    O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

    O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

    O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

    O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

    O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --

    End of file - 10468 bytes

  6. ComboFix 13-05-09.01 - Stef 09/05/2013 21:03:09.2.2 - x86

    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3000.1694 [GMT 2:00]

    Gestart vanuit: c:\users\Stef\Desktop\ComboFix.exe

    AV: Norman Security Suite *Enabled/Updated* {F86A2F90-6CAD-D491-E1E0-29799D9EE21F}

    SP: Norman Security Suite *Enabled/Updated* {430BCE74-4A97-DB1F-DB50-120BE619A8A2}

    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    * Aanwezig AV is actief

    .

    .

    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    c:\programdata\8qVWm83O.exe.b

    .

    .

    (((((((((((((((((((( Bestanden Gemaakt van 2013-04-09 to 2013-05-09 ))))))))))))))))))))))))))))))

    .

    .

    2013-05-09 19:16 . 2013-05-09 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp

    2013-05-08 19:05 . 2013-05-08 19:05 388096 ----a-r- c:\users\Stef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

    2013-05-08 19:02 . 2013-05-08 19:03 -------- d-----w- c:\program files\Hijack This

    2013-05-01 15:47 . 2013-05-01 15:47 -------- d-----w- c:\program files\CCleaner

    2013-05-01 15:46 . 2013-05-01 15:47 4346816 ----a-w- C:\ccsetup401.exe

    2013-04-24 18:25 . 2013-04-18 07:10 462040 ----a-w- c:\windows\system32\drivers\tdi_nf.sys

    2013-04-24 18:25 . 2013-04-18 07:10 122352 ----a-w- c:\windows\system32\drivers\ale7_nf64.sys

    2013-04-24 18:25 . 2013-04-18 07:10 120280 ----a-w- c:\windows\system32\drivers\ale_nf64.sys

    2013-04-24 18:25 . 2013-04-18 07:09 114088 ----a-w- c:\windows\system32\drivers\ale7_nf.sys

    2013-04-24 18:25 . 2013-04-18 07:09 111016 ----a-w- c:\windows\system32\drivers\ale_nf.sys

    2013-04-20 00:53 . 2013-04-20 00:53 -------- d-----w- c:\program files\Common Files\Java

    2013-04-20 00:53 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

    2013-04-10 15:56 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

    2013-04-10 15:56 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll

    2013-04-10 15:56 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll

    2013-04-10 15:56 . 2013-03-11 13:25 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

    2013-04-10 15:56 . 2013-03-11 13:25 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

    2013-04-10 15:56 . 2013-03-09 03:45 49152 ----a-w- c:\windows\system32\csrsrv.dll

    2013-04-10 15:56 . 2013-03-09 01:28 64000 ----a-w- c:\windows\system32\smss.exe

    2013-04-10 15:56 . 2013-03-05 01:40 2049024 ----a-w- c:\windows\system32\win32k.sys

    .

    .

    .

    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    2013-05-08 18:45 . 2012-06-11 05:52 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

    2013-05-08 18:45 . 2011-09-09 12:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

    2013-04-04 12:50 . 2012-05-29 16:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

    2013-03-27 20:28 . 2010-06-24 10:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

    2013-03-23 22:29 . 2013-03-23 22:29 161792 ----a-w- c:\windows\system32\msls31.dll

    2013-03-23 22:29 . 2013-03-23 22:29 86528 ----a-w- c:\windows\system32\iesysprep.dll

    2013-03-23 22:29 . 2013-03-23 22:29 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

    2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

    2013-03-23 22:29 . 2013-03-23 22:29 48640 ----a-w- c:\windows\system32\mshtmler.dll

    2013-03-23 22:29 . 2013-03-23 22:29 63488 ----a-w- c:\windows\system32\tdc.ocx

    2013-03-23 22:29 . 2013-03-23 22:29 367104 ----a-w- c:\windows\system32\html.iec

    2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\iesetup.dll

    2013-03-23 22:29 . 2013-03-23 22:29 23552 ----a-w- c:\windows\system32\licmgr10.dll

    2013-03-23 22:29 . 2013-03-23 22:29 152064 ----a-w- c:\windows\system32\wextract.exe

    2013-03-23 22:29 . 2013-03-23 22:29 150528 ----a-w- c:\windows\system32\iexpress.exe

    2013-03-23 22:29 . 2013-03-23 22:29 11776 ----a-w- c:\windows\system32\mshta.exe

    2013-03-23 22:29 . 2013-03-23 22:29 101888 ----a-w- c:\windows\system32\admparse.dll

    2013-03-23 22:29 . 2013-03-23 22:29 35840 ----a-w- c:\windows\system32\imgutil.dll

    2013-03-23 22:29 . 2013-03-23 22:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll

    2013-03-13 17:26 . 2012-06-21 18:42 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

    2013-03-13 17:26 . 2011-08-07 11:55 782240 ----a-w- c:\windows\system32\deployJava1.dll

    2013-02-12 01:57 . 2013-03-20 14:24 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

    .

    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

    .

    .

    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    REGEDIT4

    .

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]

    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-21 68856]

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]

    "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]

    "RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]

    "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]

    "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-08-21 3724800]

    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-01-10 196608]

    "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]

    "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]

    "Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-03-08 66888]

    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]

    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]

    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

    .

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

    "EnableLUA"= 0 (0x0)

    "EnableUIADesktopToggle"= 0 (0x0)

    "DisableCAD"= 1 (0x1)

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

    2009-08-21 08:34 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]

    2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

    "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    @="Driver"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    @="Service"

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

    2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

    2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]

    2012-06-04 08:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

    2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

    .

    R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [x]

    .

    .

    --- Andere Services/Drivers In Geheugen ---

    .

    *NewlyCreated* - NSAK_2BDA1B62

    *Deregistered* - nsak_2BDA1B62

    .

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

    bthsvcs REG_MULTI_SZ BthServ

    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

    .

    Inhoud van de 'Gedeelde Taken' map

    .

    2013-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job

    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 18:45]

    .

    2013-05-09 c:\windows\Tasks\Google Software Updater.job

    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 15:19]

    .

    2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

    .

    2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

    - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

    .

    .

    ------- Bijkomende Scan -------

    .

    uStart Page = hxxp://www.google.be/

    mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0809&m=travelmate_5730

    uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

    TCP: DhcpNameServer = 192.168.1.1 195.130.131.132 195.130.130.4

    DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

    .

    - - - - ORPHANS VERWIJDERD - - - -

    .

    Toolbar-Locked - (no file)

    HKLM-Run-eRecoveryService - (no file)

    SafeBoot-WudfPf

    SafeBoot-WudfRd

    AddRemove-Signature995 - c:\pdf995\res\utilities\Signature995\thinsetup.exe

    .

    .

    .

    **************************************************************************

    .

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

    Rootkit scan 2013-05-09 21:17

    Windows 6.0.6002 Service Pack 2 NTFS

    .

    scannen van verborgen processen ...

    .

    scannen van verborgen autostart items ...

    .

    scannen van verborgen bestanden ...

    .

    Scan succesvol afgerond

    verborgen bestanden: 0

    .

    **************************************************************************

    .

    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

    @Denied: (2) (LocalSystem)

    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

    72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

    "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

    ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

    "{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

    df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

    "{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

    fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

    "{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

    b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

    @Denied: (2) (LocalSystem)

    "Timestamp"=hex:4f,0e,e8,78,14,45,ce,01

    .

    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

    @Denied: (2) (LocalSystem)

    "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

    "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

    .

    [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

    @Denied: (2) (LocalSystem)

    "Progid"="WindowsLiveMail.Email.1"

    .

    [HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

    @Denied: (2) (LocalSystem)

    "Progid"="WindowsLiveMail.VCard.1"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="FlashBroker"

    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

    "Enabled"=dword:00000001

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

    @Denied: (A 2) (Everyone)

    @="IFlashBroker5"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

    @="{00020424-0000-0000-C000-000000000046}"

    .

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    "Version"="1.0"

    .

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

    @Denied: (A) (Users)

    @Denied: (A) (Everyone)

    @Allowed: (B 1 2 3 4 5) (S-1-5-20)

    "BlindDial"=dword:00000000

    .

    Voltooingstijd: 2013-05-09 21:21:39

    ComboFix-quarantined-files.txt 2013-05-09 19:21

    .

    Pre-Run: 50.660.585.472 bytes beschikbaar

    Post-Run: 50.886.373.376 bytes beschikbaar

    .

    - - End Of File - - B19AC2A872F2DB6AAE9FAFE8C2875C20

  7. Mijn antivirus software is Norman Security Suite. Ik heb standaard het "N" symbool onderaan rechts de taakbalk staan. Als ik hier nu echter op klik (om naar het startscherm te gaan) krijg ik het volgende scherm:

    post-43510-1417705411,2556_thumb.jpg

    Het laden gaat oneindig door. Ik kom dus niet in het menu scherm.

    Kan dit te maken hebben met de uitgevoerde acties?

    Hoe kan ik Norman dan uitschakelen als ik niet in het menu kom?

  8. Malwarebytes Anti-Malware 1.75.0.1300

    www.malwarebytes.org

    Databaseversie: v2013.05.09.02

    Windows Vista Service Pack 2 x86 NTFS

    Internet Explorer 9.0.8112.16421

    Stef :: PC_VAN_STEF [administrator]

    9/05/2013 15:43:25

    mbam-log-2013-05-09 (15-43-25).txt

    Scan type: Snelle scan

    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scan opties: P2P

    Objecten gescand: 219969

    Verstreken tijd: 25 minuut/minuten, 3 seconde(n)

    Geheugenprocessen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    (einde)

  9. # AdwCleaner v2.300 - Verslag gemaakt op 09/05/2013 om 15:19:08

    # Geactualiseerd op 28/04/2013 door Xplode

    # Besturingssysteem : Windows Vista Home Premium Service Pack 2 (32 bits)

    # Gebruiker : Stef - PC_VAN_STEF

    # Opstarten Modus : Normale modus

    # Gelanceerd vanaf : C:\Users\Stef\Desktop\adwcleaner.exe

    # Optie [Verwijderen]

    ***** [Diensten] *****

    ***** [Files / Mappen] *****

    File Verwijdert : C:\user.js

    Map Verwijdert : C:\ProgramData\Babylon

    Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

    Map Verwijdert : C:\Users\Stef\AppData\Local\Babylon

    Map Verwijdert : C:\Users\Stef\AppData\Roaming\Babylon

    Map Verwijdert : C:\Users\Stef\AppData\Roaming\Media Finder

    Map Verwijdert : C:\Users\Stef\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\MediaFinder

    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

    Sleutel Verwijdert : HKLM\Software\Babylon

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\MF

    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

    ***** [browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[s1].txt - [1440 octets] - [09/05/2013 15:19:08]

    ########## EOF - C:\AdwCleaner[s1].txt - [1500 octets] ##########

  10. Na het opvolgen van Kape's advies:

    Tijdens en na de Malwarebytes scan gaf Norman de melding dat het een Trojaans paard had gedetecteerd dat niet verwijderd kon worden. Het gaat om volgende Trojan: wimpe/Cridex.HD.

    Malwarebytes log:

    Malwarebytes Anti-Malware 1.75.0.1300

    www.malwarebytes.org

    Databaseversie: v2013.05.09.02

    Windows Vista Service Pack 2 x86 NTFS

    Internet Explorer 9.0.8112.16421

    Stef :: PC_VAN_STEF [administrator]

    9/05/2013 11:25:17

    mbam-log-2013-05-09 (11-25-17).txt

    Scan type: Snelle scan

    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

    Uitgeschakelde scan opties: P2P

    Objecten gescand: 217272

    Verstreken tijd: 30 minuut/minuten, 14 seconde(n)

    Geheugenprocessen gedetecteerd: 7

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5192 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4356 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4240 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5376 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 5952 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 4504 -> Zal worden verwijderd tijdens het herstarten.

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> 484 -> Zal worden verwijderd tijdens het herstarten.

    Geheugenmodulen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 1

    C:\ProgramData\8qVWm83O.exe (Trojan.Agent) -> Zal worden verwijderd tijdens het herstarten.

    (einde)

    Hijack This log (na uitvoeren Malwarebytes scan en heropstart pc):

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 12:07:31, on 9/05/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\RtHDVCpl.exe

    C:\Windows\PLFSetI.exe

    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

    C:\Program Files\Apoint2K\Apoint.exe

    C:\Program Files\Launch Manager\LManager.exe

    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    C:\Program Files\Norman\Npm\Bin\zlh.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Windows\system32\igfxsrvc.exe

    C:\Program Files\Apoint2K\ApMsgFwd.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\Apoint2K\HidFind.exe

    C:\Program Files\Apoint2K\Apntex.exe

    C:\Users\Stef\AppData\Local\Temp\RtkBtMnt.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Windows\system32\igfxext.exe

    C:\Program Files\Norman\Npm\Bin\zlhh.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Norman\Nvc\Bin\cclaw.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\SearchProtocolHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show

    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

    O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - Global Startup: Bluetooth.lnk = ?

    O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL

    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

    O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

    O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe

    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate1ca230afad8c58b) (gupdate1ca230afad8c58b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

    O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

    O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

    O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

    O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

    O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

    O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

    O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --

    End of file - 10472 bytes

    Zal ik nu meteen kweezie wabbit's raad ook opvolgen?

  11. Hoi.

    Enkele maanden geleden heb ik een bezoekje gekregen van het beruchte politie virus op mijn laptop. Met veel moeite is het me gelukt om dit te verwijderen.

    Sindsdien heb ik echter de indruk dat mijn laptop erg traag is. Ook internet is erg traag. Ik krijg vaak de melding dat internet explorer is afgesloten vanwege DEP? Heel wat sites duren een eeuwigheid om te laden, en lopen voortdurend vast. Muziek beluisteren via youtube lukt me niet zonder schokken.

    Mijn antivirus is Norman. Daarnaast gebruik ik regelmatig Malwarebytes en CCleaner.

    Ik zou graag beroep doen op jullie expertise om onderstaande log te beoordelen.

    Dank alvast.

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 21:09:04, on 8/05/2013

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v9.00 (9.00.8112.16476)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\system32\taskeng.exe

    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    C:\Windows\RtHDVCpl.exe

    C:\Windows\PLFSetI.exe

    C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe

    C:\Program Files\Apoint2K\Apoint.exe

    C:\Program Files\Launch Manager\LManager.exe

    C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    C:\Program Files\Norman\Npm\Bin\zlh.exe

    C:\Windows\System32\hkcmd.exe

    C:\Windows\System32\igfxpers.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Windows\system32\igfxsrvc.exe

    C:\Program Files\Apoint2K\ApMsgFwd.exe

    C:\Users\Stef\AppData\Local\Temp\RtkBtMnt.exe

    C:\Program Files\Apoint2K\HidFind.exe

    C:\Program Files\Apoint2K\Apntex.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\Windows\system32\igfxext.exe

    C:\Program Files\Norman\Npm\Bin\zlhh.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Norman\Nvc\Bin\cclaw.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [bkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"

    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

    O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe

    O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show

    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

    O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe

    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

    O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKCU\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"

    O4 - HKCU\..\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex (User 'SYSTEEM')

    O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -update activex (User 'Default user')

    O4 - Global Startup: Bluetooth.lnk = ?

    O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe

    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

    O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

    O20 - AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOOGLEDESKTOPNETWORK3.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL

    O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

    O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

    O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

    O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman AS - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe

    O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

    O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

    O23 - Service: Google Updateservice (gupdate1ca230afad8c58b) (gupdate1ca230afad8c58b) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

    O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

    O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

    O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

    O23 - Service: Norman Network Filtering service (NNFSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

    O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

    O23 - Service: Norman ZANDA - Norman AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

    O23 - Service: Norman Security service (NPROSECSVC) - Norman AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman AS - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

    O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

    O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

    O23 - Service: Norman Scheduler Service (Scheduler) - Norman AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

    --

    End of file - 10891 bytes

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.