geertje1983

okee dit gedeelte had ik even gemist, dus deze stap alsnog gedaan en hier dus het logbestandje: ---------- Post toegevoegd om 01:15 ---------- Vorige post was om 01:00 ---------- ComboFix 11-04-26.02 - geertje 27-04-2011 1:01.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.2039 [GMT 2:00] Gestart vanuit: c:\users\geertje\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-03-26 to 2011-04-26 )))))))))))))))))))))))))))))) . . 2011-04-26 23:07 . 2011-04-26 23:07 -------- d-----w- c:\users\geertje\AppData\Local\temp 2011-04-26 23:07 . 2011-04-26 23:07 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-04-26 16:27 . 2011-04-26 16:28 -------- d-----w- c:\users\geertje\AppData\Local\{412DACDA-1BE3-4BA1-9E48-C6C7491EF800} 2011-04-25 20:52 . 2011-04-25 20:52 -------- d-----w- c:\users\geertje\AppData\Local\{4E60E316-DA45-40CC-81A4-7DA21589CBA1} 2011-04-25 08:51 . 2011-04-25 08:51 -------- d-----w- c:\users\geertje\AppData\Local\{301CA1F8-A5DE-4F6C-A06A-E498ABCE9F57} 2011-04-24 12:08 . 2011-04-24 12:09 -------- d-----w- c:\users\geertje\AppData\Local\{88D39B5A-E349-43C1-B5C9-65AB7D9E4B73} 2011-04-23 21:58 . 2011-04-23 21:58 -------- d-----w- c:\windows\Sun 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\users\geertje\AppData\Roaming\Malwarebytes 2011-04-22 22:01 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\programdata\Malwarebytes 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-22 22:01 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-22 12:10 . 2011-04-22 13:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-22 12:10 . 2011-04-22 12:10 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-22 11:56 . 2011-04-22 11:56 388096 ----a-r- c:\users\geertje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-22 11:56 . 2011-04-22 11:56 -------- d-----w- c:\program files\Trend Micro 2011-04-22 10:32 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC904EE1-B0AF-4D12-9B0B-3342D57F9B64}\mpengine.dll 2011-04-20 16:37 . 2011-04-20 16:37 -------- d-----w- c:\users\geertje\AppData\Local\ElevatedDiagnostics 2011-04-20 16:36 . 2011-04-20 16:36 -------- d-----w- c:\program files\Microsoft ATS 2011-04-20 10:52 . 2011-04-20 10:52 -------- d-----w- c:\users\geertje\AppData\Roaming\Unity 2011-04-19 19:21 . 2011-04-24 12:07 -------- d-----w- c:\users\geertje\AppData\Local\Unity 2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-04-12 22:51 . 2011-04-12 22:51 -------- d-----w- c:\program files\Common Files\xing shared 2011-04-12 22:51 . 2011-04-13 12:23 -------- d-----w- c:\program files\Real 2011-04-12 11:03 . 2011-04-12 11:03 -------- d-----w- c:\users\geertje\AppData\Roaming\ScanToPDF_4 2011-04-12 10:29 . 2011-04-12 10:29 -------- d-----w- c:\program files\O Imaging Corporation 2011-04-09 21:25 . 2011-04-10 20:04 -------- d-----w- c:\program files\Fiddler2 2011-04-05 19:22 . 2011-04-05 19:22 -------- d-----w- c:\users\geertje\AppData\Roaming\Printer's Apprentice 2011-04-05 19:22 . 2011-04-05 19:22 -------- d-----w- c:\programdata\Printer's Apprentice 2011-04-05 19:21 . 2011-04-05 19:21 -------- d-----w- c:\users\geertje\AppData\Local\Caphyon 2011-04-05 18:35 . 2011-04-05 18:36 -------- d-----w- c:\program files\Windows Live . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-12 22:51 . 2009-01-14 22:28 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-04-12 22:51 . 2009-01-14 22:28 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-04-05 18:37 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-19 10:49 . 2010-11-20 23:19 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-02-22 14:13 . 2011-03-23 09:29 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-02-22 13:33 . 2011-03-23 09:29 1068544 ----a-w- c:\windows\system32\DWrite.dll 2011-02-22 13:33 . 2011-03-23 09:29 797696 ----a-w- c:\windows\system32\FntCache.dll 2011-02-02 16:11 . 2009-12-23 12:48 222080 ------w- c:\windows\system32\MpSigStub.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1029416] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-01-07 288872] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2009-08-28 11:57 75048 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut] 2009-04-27 16:50 50472 ------w- c:\program files\CyberLink\PowerDVD9\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9] 2009-07-06 13:22 87336 ------w- c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 136176] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 136176] R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2010-11-18 21744] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/06 14:52];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-08-28 11:57 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2008-01-02 73728] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-23 155648] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-18 179712] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2011-04-26 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-11-10 09:47] . 2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 10:41] . 2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 10:41] . 2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13] . 2011-04-26 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.facebook.com/home.php?ref=hp IE: E&xporteren naar Microsoft Excel . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-04-27 01:07 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-04-27 01:08:27 ComboFix-quarantined-files.txt 2011-04-26 23:08 ComboFix2.txt 2011-04-26 22:46 ComboFix3.txt 2011-04-23 21:46 . Pre-Run: 145.565.863.936 bytes beschikbaar Post-Run: 145.532.203.008 bytes beschikbaar . - - End Of File - - 87C1364B7032CF02C981A66D01C039EA

in feite is er nog niets verbeterd. eigenlijk zelfs eerder verslechterd. voordat ik wow ga spelen, wil ik eerst curse opstarten om mijn addons te updaten, maar het duurt nu onwijs lang voordat curse opgestart is. dus wat nu?

ComboFix 11-04-23.01 - geertje 23-04-2011 23:34:06.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3069.2069 [GMT 2:00] Gestart vanuit: c:\users\geertje\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PCDr\5744\Downloads\162088e9-0b41-471a-947d-e6bfb7774266.dll c:\programdata\PCDr\5744\Downloads\26671a7e-758b-4293-8191-e6b81368d7ac.dll c:\programdata\PCDr\5744\Downloads\2da1393a-9d2c-436b-a660-c3dd133e9836.dll c:\programdata\PCDr\5744\Downloads\3060b7ae-c612-4b71-be9a-0721727ba831.dll c:\programdata\PCDr\5744\Downloads\38db339b-86cf-40c4-86da-57495513b374.dll c:\programdata\PCDr\5744\Downloads\3abc4f65-3752-4824-83cd-674c30d9f41c.dll c:\programdata\PCDr\5744\Downloads\4128ef4c-5308-415e-947b-b523a115be2d.dll c:\programdata\PCDr\5744\Downloads\48edbc2f-6595-43d2-a911-c3713e9b499f.dll c:\programdata\PCDr\5744\Downloads\4b07fd4d-6cb2-4166-8e08-7e3d0fb96a24.dll c:\programdata\PCDr\5744\Downloads\5f66a5f6-96e8-487a-b1da-d49f4e9f0813.dll c:\programdata\PCDr\5744\Downloads\61963b16-da7a-4faf-ba6b-14eb102d0df8.dll c:\programdata\PCDr\5744\Downloads\654e4133-96c6-421b-9240-26a29538de3f.dll c:\programdata\PCDr\5744\Downloads\69bf7709-6da5-40eb-b648-3731ebda143c.dll c:\programdata\PCDr\5744\Downloads\69df3b5e-bee6-4786-8070-a683635a81cd.dll c:\programdata\PCDr\5744\Downloads\70b66070-48fe-4fad-ac33-5f17042d5ee7.dll c:\programdata\PCDr\5744\Downloads\7cfc7ddb-2ff0-41ad-a5d7-3e2c7c6da278.dll c:\programdata\PCDr\5744\Downloads\890823c6-b297-4c5e-8839-80468e0508dc.dll c:\programdata\PCDr\5744\Downloads\920b4bdb-56cb-44d8-b977-2de6535367f0.dll c:\programdata\PCDr\5744\Downloads\94c1bf6e-ecf1-4c5d-ad15-1b8540879958.dll c:\programdata\PCDr\5744\Downloads\a12cd2ff-9e6d-4d89-a010-63188cb6a861.dll c:\programdata\PCDr\5744\Downloads\a2f393bb-92a1-4fda-a382-66896efa06dd.dll c:\programdata\PCDr\5744\Downloads\b0ad9f03-890a-4558-bcd7-38c10ea44def.dll c:\programdata\PCDr\5744\Downloads\c6bcc260-2097-4f4f-a0c3-098183f01ac5.dll c:\programdata\PCDr\5744\Downloads\db49fe36-7c40-41f5-b9c1-5a7c3297c269.dll c:\programdata\PCDr\5744\Downloads\db760e79-da96-4a2b-a687-8256c6e72fb6.dll c:\programdata\PCDr\5744\Downloads\e3d50fea-9128-4ef0-9ea5-b4d74186612f.dll c:\programdata\PCDr\5744\Downloads\f6b10855-5837-4857-9c20-c7b6a6dc2589.dll c:\windows\Fonts\Eurosymb.TTF . . (((((((((((((((((((( Bestanden Gemaakt van 2011-03-23 to 2011-04-23 )))))))))))))))))))))))))))))) . . 2011-04-23 21:39 . 2011-04-23 21:39 -------- d-----w- c:\users\geertje\AppData\Local\temp 2011-04-23 11:07 . 2011-04-23 11:08 -------- d-----w- c:\users\geertje\AppData\Local\{3ED83FF4-E4DC-44F7-B38E-FC56DF7C9AD6} 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\users\geertje\AppData\Roaming\Malwarebytes 2011-04-22 22:01 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\programdata\Malwarebytes 2011-04-22 22:01 . 2011-04-22 22:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-04-22 22:01 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-04-22 12:10 . 2011-04-22 13:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-04-22 12:10 . 2011-04-22 12:10 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-04-22 11:56 . 2011-04-22 11:56 388096 ----a-r- c:\users\geertje\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-04-22 11:56 . 2011-04-22 11:56 -------- d-----w- c:\program files\Trend Micro 2011-04-22 10:32 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC904EE1-B0AF-4D12-9B0B-3342D57F9B64}\mpengine.dll 2011-04-22 10:29 . 2011-04-22 10:30 -------- d-----w- c:\users\geertje\AppData\Local\{332469B8-CE34-49E4-BBE3-9FBBFFE51F11} 2011-04-21 22:11 . 2011-04-21 22:11 -------- d-----w- c:\users\geertje\AppData\Local\{0904F79F-A67B-4DDA-8C2A-AB05EB5F4A51} 2011-04-21 10:10 . 2011-04-21 10:11 -------- d-----w- c:\users\geertje\AppData\Local\{0FDB8381-B1CB-49F7-AF01-DB8594F690F2} 2011-04-20 16:37 . 2011-04-20 16:37 -------- d-----w- c:\users\geertje\AppData\Local\ElevatedDiagnostics 2011-04-20 16:36 . 2011-04-20 16:36 -------- d-----w- c:\program files\Microsoft ATS 2011-04-20 10:52 . 2011-04-20 10:52 -------- d-----w- c:\users\geertje\AppData\Roaming\Unity 2011-04-19 20:56 . 2011-04-19 20:57 -------- d-----w- c:\users\geertje\AppData\Local\{BC2B9717-7286-46E0-9381-05173635FCDB} 2011-04-19 19:21 . 2011-04-19 19:21 -------- d-----w- c:\users\geertje\AppData\Local\Unity 2011-04-19 08:40 . 2011-04-19 08:41 -------- d-----w- c:\users\geertje\AppData\Local\{35E25983-60D1-446D-843B-A4ACFA849A96} 2011-04-18 20:40 . 2011-04-18 20:40 -------- d-----w- c:\users\geertje\AppData\Local\{E5DCA1AF-4836-4CD1-804A-68E5EA0CB06B} 2011-04-18 08:39 . 2011-04-18 08:39 -------- d-----w- c:\users\geertje\AppData\Local\{35421345-D70F-4501-9A97-828EBAE710BB} 2011-04-17 07:46 . 2011-04-17 07:47 -------- d-----w- c:\users\geertje\AppData\Local\{3663E81A-E563-498B-A961-4318C99C7796} 2011-04-16 19:10 . 2011-04-16 19:10 -------- d-----w- c:\users\geertje\AppData\Local\{B2EECEB8-DAA0-4027-B45E-13939DAB6D24} 2011-04-15 23:27 . 2011-04-15 23:27 -------- d-----w- c:\users\geertje\AppData\Local\{8CDF2C7F-9B2D-4A5F-BFE9-37E924F76132} 2011-04-15 10:53 . 2011-04-15 10:53 -------- d-----w- c:\users\geertje\AppData\Local\{EFB2C5E3-1AF2-4DD2-921A-3107BC1B1C06} 2011-04-14 11:20 . 2011-04-14 11:20 -------- d-----w- c:\users\geertje\AppData\Local\{BACC3B7D-6D64-4CBD-8772-DE44522B4550} 2011-04-14 01:39 . 2011-04-14 01:39 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-04-13 11:38 . 2011-04-13 11:38 -------- d-----w- c:\users\geertje\AppData\Local\{85026AE4-BE84-4774-8E74-773388DAFBB1} 2011-04-12 22:51 . 2011-04-12 22:51 -------- d-----w- c:\program files\Common Files\xing shared 2011-04-12 22:51 . 2011-04-13 12:23 -------- d-----w- c:\program files\Real 2011-04-12 11:21 . 2011-04-12 11:21 -------- d-----w- c:\users\geertje\AppData\Local\{E37394C7-A1DD-439A-9284-DB786A5853C2} 2011-04-12 11:03 . 2011-04-12 11:03 -------- d-----w- c:\users\geertje\AppData\Roaming\ScanToPDF_4 2011-04-12 10:29 . 2011-04-12 10:29 -------- d-----w- c:\program files\O Imaging Corporation 2011-04-11 23:21 . 2011-04-11 23:21 -------- d-----w- c:\users\geertje\AppData\Local\{9A81434D-25B2-479C-A441-31E49EA21737} 2011-04-11 10:52 . 2011-04-11 10:53 -------- d-----w- c:\users\geertje\AppData\Local\{76790B06-B4C4-4287-8F5B-1F714F16A7D4} 2011-04-10 10:22 . 2011-04-10 10:22 -------- d-----w- c:\users\geertje\AppData\Local\{4FC66EDD-513D-4A79-BFE8-CA22ADD42CF2} 2011-04-09 21:25 . 2011-04-10 20:04 -------- d-----w- c:\program files\Fiddler2 2011-04-09 20:43 . 2011-04-09 20:43 -------- d-----w- c:\users\geertje\AppData\Local\{064FB34E-87E4-43F9-9E4F-8E51ACC8DE1E} 2011-04-09 08:42 . 2011-04-09 08:42 -------- d-----w- c:\users\geertje\AppData\Local\{F6407CC1-BC60-438F-90F4-E3F8A5329402} 2011-04-08 11:21 . 2011-04-08 11:21 -------- d-----w- c:\users\geertje\AppData\Local\{980E8CAC-EB5B-4C13-A47D-25AEBD7D3CE4} 2011-04-07 08:53 . 2011-04-07 20:54 -------- d-----w- c:\users\geertje\AppData\Local\{0FD0BA6A-35C2-4B07-AEC1-DBA2EF82838C} 2011-04-06 12:31 . 2011-04-06 12:31 -------- d-----w- c:\users\geertje\AppData\Local\{233E8C5A-16FB-4A4B-B6EE-042881E63F6C} 2011-04-05 19:22 . 2011-04-05 19:22 -------- d-----w- c:\users\geertje\AppData\Roaming\Printer's Apprentice 2011-04-05 19:22 . 2011-04-05 19:22 -------- d-----w- c:\programdata\Printer's Apprentice 2011-04-05 19:21 . 2011-04-05 19:21 -------- d-----w- c:\users\geertje\AppData\Local\Caphyon 2011-04-05 18:38 . 2011-04-05 18:38 -------- d-----w- c:\users\geertje\AppData\Local\{1E479293-B171-4440-B33E-6E0E656231F0} 2011-04-05 18:35 . 2011-04-05 18:36 -------- d-----w- c:\program files\Windows Live 2011-03-27 14:55 . 2011-03-27 14:55 -------- d-----w- c:\programdata\Electronic Arts 2011-03-27 14:55 . 2011-03-27 14:55 -------- d-----w- c:\programdata\EA Core 2011-03-27 14:53 . 2010-11-23 01:09 447752 ----a-w- c:\windows\system32\vp6vfw.dll 2011-03-27 14:53 . 2011-03-27 14:53 -------- d-----w- c:\program files\Microsoft WSE 2011-03-27 13:10 . 2011-03-27 13:10 -------- d-----w- c:\users\geertje\AppData\Roaming\NVIDIA 2011-03-25 14:22 . 2011-04-10 20:05 -------- d-----w- c:\users\geertje\AppData\Local\Conduit . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-12 22:51 . 2009-01-14 22:28 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-04-12 22:51 . 2009-01-14 22:28 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-04-05 18:37 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-03-19 10:49 . 2010-11-20 23:19 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-02-22 14:13 . 2011-03-23 09:29 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2011-02-22 13:33 . 2011-03-23 09:29 1068544 ----a-w- c:\windows\system32\DWrite.dll 2011-02-22 13:33 . 2011-03-23 09:29 797696 ----a-w- c:\windows\system32\FntCache.dll 2011-02-02 16:11 . 2009-12-23 12:48 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-03-18 18:03 . 2011-04-20 09:22 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1029416] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-01-07 288872] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-23 1295656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion] 2009-08-28 11:57 75048 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut] 2009-04-27 16:50 50472 ------w- c:\program files\CyberLink\PowerDVD9\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9] 2009-07-06 13:22 87336 ------w- c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 136176] R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2010-11-18 21744] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 64288] S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/03/06 14:52];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-08-28 11:57 87536] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2008-01-02 73728] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-09-23 155648] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-18 179712] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2011-04-23 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2010-11-10 09:47] . 2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 10:41] . 2011-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 10:41] . 2011-04-07 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2010-11-18 15:13] . 2011-04-23 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\pcdrcui.exe [2010-11-18 15:13] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.facebook.com/home.php?ref=hp IE: E&xporteren naar Microsoft Excel FF - ProfilePath - c:\users\geertje\AppData\Roaming\Mozilla\Firefox\Profiles\fikj3f8h.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp|Google FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file) WebBrowser-{69D1A568-FFDF-4EF5-8919-7003582E0EE8} - (no file) SafeBoot-Lavasoft Ad-Aware Service . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-04-23 23:39 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2011-04-23 23:46:58 ComboFix-quarantined-files.txt 2011-04-23 21:46 . Pre-Run: 141.495.980.032 bytes beschikbaar Post-Run: 142.467.256.320 bytes beschikbaar . - - End Of File - - C093E6326AE0271DC2AC0ADCAF6DC321

ja de problemen lijken onveranderd

Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 6422 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 23-4-2011 0:13:43 mbam-log-2011-04-23 (00-13-43).txt Scantype: Snelle scan Objecten gescand: 155972 Verstreken tijd: 7 minuut/minuten, 49 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 2 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ---------- Post toegevoegd om 00:29 ---------- Vorige post was om 00:29 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:27:39, on 23-4-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\OEM02Mon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Aanmelden | Facebook R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 5327 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:40:03, on 22-4-2011 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Windows\OEM02Mon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Program Files\Creative Live! Cam\VideoFX\StartFX.exe C:\Windows\system32\conime.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Aanmelden | Facebook R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {69d1a568-ffdf-4ef5-8919-7003582e0ee8} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- End of file - 6143 bytes

hoi ik heb een dell xps m1730, ik heb m nu 2 jaar en hij is enorm langzaam geworden. ik heb gekeken naar procesmanager en wat me opvalt is dat wanneer ik een internetbrowser open heb staan me cpu 98% gebruikt. plus dat wanneer ik me spelletje world of warcraft speel, de van continu aanslaat en evengoed me toetsenbord onwijs heet is. help? alvast bedankt geertje