Ga naar inhoud

Erg trage PC

TorchuS
 Delen

Aanbevolen berichten

TorchuS Leerling

TorchuS

Geplaatst:
  • Auteur
Geplaatst:

Mijn antivirus software is Norman Security Suite. Ik heb standaard het "N" symbool onderaan rechts de taakbalk staan. Als ik hier nu echter op klik (om naar het startscherm te gaan) krijg ik het volgende scherm:

post-43510-1417705411,2556_thumb.jpg

Het laden gaat oneindig door. Ik kom dus niet in het menu scherm.

Kan dit te maken hebben met de uitgevoerde acties?

Hoe kan ik Norman dan uitschakelen als ik niet in het menu kom?

Link naar reactie
Delen op andere sites
TorchuS Leerling

TorchuS

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 13-05-09.01 - Stef 09/05/2013 21:03:09.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3000.1694 [GMT 2:00]

Gestart vanuit: c:\users\Stef\Desktop\ComboFix.exe

AV: Norman Security Suite *Enabled/Updated* {F86A2F90-6CAD-D491-E1E0-29799D9EE21F}

SP: Norman Security Suite *Enabled/Updated* {430BCE74-4A97-DB1F-DB50-120BE619A8A2}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Aanwezig AV is actief

.

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\8qVWm83O.exe.b

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-09 to 2013-05-09 ))))))))))))))))))))))))))))))

.

.

2013-05-09 19:16 . 2013-05-09 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-08 19:05 . 2013-05-08 19:05 388096 ----a-r- c:\users\Stef\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-05-08 19:02 . 2013-05-08 19:03 -------- d-----w- c:\program files\Hijack This

2013-05-01 15:47 . 2013-05-01 15:47 -------- d-----w- c:\program files\CCleaner

2013-05-01 15:46 . 2013-05-01 15:47 4346816 ----a-w- C:\ccsetup401.exe

2013-04-24 18:25 . 2013-04-18 07:10 462040 ----a-w- c:\windows\system32\drivers\tdi_nf.sys

2013-04-24 18:25 . 2013-04-18 07:10 122352 ----a-w- c:\windows\system32\drivers\ale7_nf64.sys

2013-04-24 18:25 . 2013-04-18 07:10 120280 ----a-w- c:\windows\system32\drivers\ale_nf64.sys

2013-04-24 18:25 . 2013-04-18 07:09 114088 ----a-w- c:\windows\system32\drivers\ale7_nf.sys

2013-04-24 18:25 . 2013-04-18 07:09 111016 ----a-w- c:\windows\system32\drivers\ale_nf.sys

2013-04-20 00:53 . 2013-04-20 00:53 -------- d-----w- c:\program files\Common Files\Java

2013-04-20 00:53 . 2013-04-04 03:35 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-04-10 15:56 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 15:56 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll

2013-04-10 15:56 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll

2013-04-10 15:56 . 2013-03-11 13:25 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-04-10 15:56 . 2013-03-11 13:25 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-04-10 15:56 . 2013-03-09 03:45 49152 ----a-w- c:\windows\system32\csrsrv.dll

2013-04-10 15:56 . 2013-03-09 01:28 64000 ----a-w- c:\windows\system32\smss.exe

2013-04-10 15:56 . 2013-03-05 01:40 2049024 ----a-w- c:\windows\system32\win32k.sys

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-08 18:45 . 2012-06-11 05:52 691592 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-08 18:45 . 2011-09-09 12:10 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-04-04 12:50 . 2012-05-29 16:21 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-03-27 20:28 . 2010-06-24 10:33 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-03-23 22:29 . 2013-03-23 22:29 161792 ----a-w- c:\windows\system32\msls31.dll

2013-03-23 22:29 . 2013-03-23 22:29 86528 ----a-w- c:\windows\system32\iesysprep.dll

2013-03-23 22:29 . 2013-03-23 22:29 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-03-23 22:29 . 2013-03-23 22:29 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-03-23 22:29 . 2013-03-23 22:29 63488 ----a-w- c:\windows\system32\tdc.ocx

2013-03-23 22:29 . 2013-03-23 22:29 367104 ----a-w- c:\windows\system32\html.iec

2013-03-23 22:29 . 2013-03-23 22:29 74752 ----a-w- c:\windows\system32\iesetup.dll

2013-03-23 22:29 . 2013-03-23 22:29 23552 ----a-w- c:\windows\system32\licmgr10.dll

2013-03-23 22:29 . 2013-03-23 22:29 152064 ----a-w- c:\windows\system32\wextract.exe

2013-03-23 22:29 . 2013-03-23 22:29 150528 ----a-w- c:\windows\system32\iexpress.exe

2013-03-23 22:29 . 2013-03-23 22:29 11776 ----a-w- c:\windows\system32\mshta.exe

2013-03-23 22:29 . 2013-03-23 22:29 101888 ----a-w- c:\windows\system32\admparse.dll

2013-03-23 22:29 . 2013-03-23 22:29 35840 ----a-w- c:\windows\system32\imgutil.dll

2013-03-23 22:29 . 2013-03-23 22:29 110592 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-03-13 17:26 . 2012-06-21 18:42 861088 ----a-w- c:\windows\system32\npdeployJava1.dll

2013-03-13 17:26 . 2011-08-07 11:55 782240 ----a-w- c:\windows\system32\deployJava1.dll

2013-02-12 01:57 . 2013-03-20 14:24 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-21 68856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]

"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-30 30192]

"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 6183456]

"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]

"ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2009-08-21 3724800]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-01-10 196608]

"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]

"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]

"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2013-03-08 66888]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-4-13 791840]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"DisableCAD"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]

2009-08-21 08:34 3167744 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]

2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater]

2012-06-04 08:31 1466760 ----a-w- c:\program files\Garmin\Lifetime Updater\GarminLifetime.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usbxp.sys [x]

.

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - NSAK_2BDA1B62

*Deregistered* - nsak_2BDA1B62

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 18:45]

.

2013-05-09 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-21 15:19]

.

2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

.

2013-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 09:28]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&s=2&o=vp32&d=0809&m=travelmate_5730

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

TCP: DhcpNameServer = 192.168.1.1 195.130.131.132 195.130.130.4

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

.

- - - - ORPHANS VERWIJDERD - - - -

.

Toolbar-Locked - (no file)

HKLM-Run-eRecoveryService - (no file)

SafeBoot-WudfPf

SafeBoot-WudfRd

AddRemove-Signature995 - c:\pdf995\res\utilities\Signature995\thinsetup.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2013-05-09 21:17

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (LocalSystem)

"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,

27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b

"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,

1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7

"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,

72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57

"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,

94,30,02,d1,0f,f1,da,12,24,73,56,27,d2

"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,

ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3

"{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}"=hex:51,66,7a,6c,4c,1d,38,12,2d,dd,7a,

ab,6a,33,56,03,c9,ec,8d,26,b0,f3,64,49

"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,

df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd

"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,

fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17

"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,

b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]

@Denied: (2) (LocalSystem)

"Timestamp"=hex:4f,0e,e8,78,14,45,ce,01

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,fa,c0,b8,65,dc,2e,44,b6,59,13,\

.

[HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-2547544030-3966831556-1252637820-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2013-05-09 21:21:39

ComboFix-quarantined-files.txt 2013-05-09 19:21

.

Pre-Run: 50.660.585.472 bytes beschikbaar

Post-Run: 50.886.373.376 bytes beschikbaar

.

- - End Of File - - B19AC2A872F2DB6AAE9FAFE8C2875C20

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Verwijder manueel dit bestand C:\ccsetup401.exe

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /).

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.