2bz2p

Alles is kunnen gebeuren zoals jij het beschreef. Bedankt

Ik heb net een DVD gebrand en alles werkte zoals het hoort. De schijf kwam er ook uit dus dat ik ook weer positief ;o) Ik vermoed dat het euvel er dus uit is tenzij jij nog iets opmerkt in het log hierboven. Als jij niets meer opmerkt wat erniet hoort zet ik hem als opgelost. Tot horen en bedankt voor de hulp.

De laptop sluit weer sneller af, ik ben niet meer vastgelopen. Het DVD station wordt nog "gezien". Een DVD branden moet ik nog doen of het weer werkt en of de DVD er dan ook weer terug zal uitkomen. Ik hoop dat het in orde zal zijn en dat ik dit draadje als opgelost kan zetten. Alvast bedankt voor je hulp. Hierbij het volgende log, als ik nog iets moet doen hoor ik het wel. ComboFix 12-02-05.02 - XXXX 05/02/2012 16:11:01.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3061.1878 [GMT 1:00] Gestart vanuit: c:\users\XXXX\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\XXXX\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-05 to 2012-02-05 )))))))))))))))))))))))))))))) . . 2012-02-05 15:17 . 2012-02-05 15:17 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-03 19:09 . 2012-02-03 19:09 -------- d-----w- c:\program files\Trend Micro 2012-02-03 18:34 . 2012-02-03 18:34 -------- d-----w- c:\users\XXXX\AppData\Local\PackageAware 2012-02-03 14:10 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2A962C4-4046-4B3E-8FD2-792C37CC9E27}\mpengine.dll 2012-02-01 19:49 . 2012-02-01 19:49 -------- d-----w- c:\program files\CDBurnerXP 2012-02-01 18:58 . 2012-02-01 18:58 -------- d-----w- c:\program files\Microsoft ATS 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\users\XXXX\AppData\Local\VS Revo Group 2012-01-29 11:22 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\program files\VS Revo Group 2012-01-29 10:41 . 2012-01-29 10:41 -------- d-----w- c:\program files\uTorrent 2012-01-29 10:39 . 2012-02-03 15:29 -------- d-----w- c:\users\XXXXAppData\Roaming\uTorrent 2012-01-24 17:21 . 2012-01-24 17:21 -------- d-----w- c:\program files\Weather Watcher Live 2012-01-24 10:04 . 2012-01-24 10:04 -------- d-----w- c:\windows\Sun 2012-01-24 10:03 . 2012-01-24 10:02 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-23 12:43 . 2012-01-23 12:47 -------- d-----w- c:\users\XXXX\AppData\Local\sabnzbd 2012-01-23 12:42 . 2012-01-23 12:47 -------- d-----w- c:\program files\SABnzbd 2012-01-13 12:38 . 2012-01-13 12:38 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-01-13 12:26 . 2012-01-13 12:26 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-13 12:26 . 2012-01-13 12:26 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-13 12:26 . 2012-01-13 12:26 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-13 12:26 . 2012-01-13 12:26 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-13 12:26 . 2012-01-13 12:26 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-13 12:26 . 2012-01-13 12:26 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-13 12:23 . 2011-12-30 16:02 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-01-13 12:09 . 2012-01-13 12:09 -------- d-----w- c:\users\XXXX\AppData\Roaming\IObit 2012-01-11 11:17 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 11:17 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 11:17 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 11:17 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 11:17 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 11:16 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-11 11:16 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 11:16 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-26 23:21 . 2009-10-02 15:47 237072 ------w- c:\windows\system32\MpSigStub.exe 2011-12-10 14:24 . 2011-02-07 09:56 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-28 18:01 . 2010-06-29 14:47 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2008-09-09 15:02 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-03-12 18:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2008-09-09 15:02 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2008-09-09 15:02 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2008-09-09 15:02 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2008-09-09 15:02 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2008-09-09 15:02 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-23 13:37 . 2011-12-15 13:06 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 20:50 . 2011-05-13 15:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-08 14:42 . 2011-12-15 13:06 2048 ----a-w- c:\windows\system32\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712] "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-11 30192] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-02-19 438403] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-03-13 163840] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-16 483428] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] . c:\users\XXXXAppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-5-2 1211472] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-08-05 21:14 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-16 81920] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-01-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-05 08:37] . 2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-01-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-01-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-05 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-05 c:\windows\Tasks\WpsUpdateTask_XXXXjob - c:\program files\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-08-24 16:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://partnerpage.google.com/dell.com/nl_be?hl=nl&client=dell-row&channel=be&ibd=5080806 uInternet Settings,ProxyOverride = *.local IE: {{520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - {DB536AF2-E422-402d-B7FD-887297F1A198} - TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-05 16:18 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-02-05 16:20:04 ComboFix-quarantined-files.txt 2012-02-05 15:20 ComboFix2.txt 2012-02-05 12:10 ComboFix3.txt 2012-02-05 11:33 ComboFix4.txt 2012-02-04 11:24 . Pre-Run: 29800321024 bytes beschikbaar Post-Run: 29757259776 bytes beschikbaar . - - End Of File - - AC2169D0F06A012671F8DA7FBB05FDF9

Ik merkte in bovenstaande log deze regel: [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 Ik dacht dat ik lang geleden die McAfee en alle aanverwanten er af gegooigd had (stond een trialversie op van bij de aankoop) Als het mogelijk is wil ik deze ook graag kwijt. Zo hoop ik dat hij weer wat sneller opstart en stopt. Alvast bedankt

Hetvolgende kwam eruit: ComboFix 12-02-05.02 - XXXX 05/02/2012 12:39:17.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3061.1494 [GMT 1:00] Gestart vanuit: c:\users\XXXX\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\XXXX\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Conduit c:\program files\Conduit\Community Alerts\Alert.dll c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.bitness.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.data.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.elements.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}.native.weight.log c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\mia.lib c:\users\XXXX\AppData\Local\Conduit . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-05 to 2012-02-05 )))))))))))))))))))))))))))))) . . 2012-02-05 12:02 . 2012-02-05 12:02 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-03 19:09 . 2012-02-03 19:09 -------- d-----w- c:\program files\Trend Micro 2012-02-03 18:34 . 2012-02-03 18:34 -------- d-----w- c:\users\XXXX\AppData\Local\PackageAware 2012-02-03 14:10 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2A962C4-4046-4B3E-8FD2-792C37CC9E27}\mpengine.dll 2012-02-01 19:49 . 2012-02-01 19:49 -------- d-----w- c:\program files\CDBurnerXP 2012-02-01 18:58 . 2012-02-01 18:58 -------- d-----w- c:\program files\Microsoft ATS 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\users\XXXX\AppData\Local\VS Revo Group 2012-01-29 11:22 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\program files\VS Revo Group 2012-01-29 10:41 . 2012-01-29 10:41 -------- d-----w- c:\program files\uTorrent 2012-01-29 10:39 . 2012-02-03 15:29 -------- d-----w- c:\users\XXXX\AppData\Roaming\uTorrent 2012-01-24 17:21 . 2012-01-24 17:21 -------- d-----w- c:\program files\Weather Watcher Live 2012-01-24 10:04 . 2012-01-24 10:04 -------- d-----w- c:\windows\Sun 2012-01-24 10:03 . 2012-01-24 10:02 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-23 12:43 . 2012-01-23 12:47 -------- d-----w- c:\users\XXXX\AppData\Local\sabnzbd 2012-01-23 12:42 . 2012-01-23 12:47 -------- d-----w- c:\program files\SABnzbd 2012-01-13 12:38 . 2012-01-13 12:38 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-01-13 12:26 . 2012-01-13 12:26 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-13 12:26 . 2012-01-13 12:26 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-13 12:26 . 2012-01-13 12:26 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-13 12:26 . 2012-01-13 12:26 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-13 12:26 . 2012-01-13 12:26 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-13 12:26 . 2012-01-13 12:26 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-13 12:23 . 2011-12-30 16:02 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-01-13 12:09 . 2012-01-13 12:09 -------- d-----w- c:\users\XXXX\AppData\Roaming\IObit 2012-01-11 11:17 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 11:17 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 11:17 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 11:17 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 11:17 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 11:16 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-11 11:16 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 11:16 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-26 23:21 . 2009-10-02 15:47 237072 ------w- c:\windows\system32\MpSigStub.exe 2011-12-10 14:24 . 2011-02-07 09:56 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-28 18:01 . 2010-06-29 14:47 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2008-09-09 15:02 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-03-12 18:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2008-09-09 15:02 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2008-09-09 15:02 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2008-09-09 15:02 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2008-09-09 15:02 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2008-09-09 15:02 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-23 13:37 . 2011-12-15 13:06 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 20:50 . 2011-05-13 15:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-08 14:42 . 2011-12-15 13:06 2048 ----a-w- c:\windows\system32\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712] "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-11 30192] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-02-19 438403] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-03-13 163840] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-16 483428] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] . c:\users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-5-2 1211472] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-08-05 21:14 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-16 81920] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - PCDSRVC{E9D79540-57D5953E-06020101}_0 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-01-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-05 08:37] . 2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-01-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-01-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-05 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-05 c:\windows\Tasks\WpsUpdateTask_XXXX.job - c:\program files\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-08-24 16:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://partnerpage.google.com/dell.com/nl_be?hl=nl&client=dell-row&channel=be&ibd=5080806 uInternet Settings,ProxyOverride = *.local IE: {{520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - {DB536AF2-E422-402d-B7FD-887297F1A198} - TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-05 13:02 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-02-05 13:10:25 ComboFix-quarantined-files.txt 2012-02-05 12:10 ComboFix2.txt 2012-02-05 11:33 ComboFix3.txt 2012-02-04 11:24 . Pre-Run: 30128168960 bytes beschikbaar Post-Run: 30066806784 bytes beschikbaar . - - End Of File - - D348259630B6263FF76F00FC169946A4

Beste Kape, Daarstraks was mijn laptop weer eens vastgelopen en moest ik een eerder herstelpunt aanvaarden om weer verder te kunnen. Gevolg, malwarebytes en combofix waren verdwenen, wie weet is er nog wat weg. Ik vrees dus dat ik alle handelingen weer opnieuw moet maken. Of weet u een andere oplossing. Of kan ik combofix weer installer en gewoon verder gaan?

Hieronder het log van combofix ComboFix 12-02-03.02 - XXXX 04/02/2012 12:14:14.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3061.1527 [GMT 1:00] Gestart vanuit: c:\users\XXXX\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files\Downloaded Installers c:\programdata\PCDr\5907\Downloads\82c29976-999d-4c8f-bac9-590e78eef64b.dll c:\programdata\PCDr\5907\Downloads\8d357f17-07ad-4392-ba06-fb67564c98cd.dll c:\programdata\PCDr\5907\Downloads\b9ce760f-6209-48f2-a4a3-695324591c45.dll c:\programdata\PCDr\5907\Downloads\d1f4dc82-bc4c-4916-b37c-3ab9c30ae468.dll c:\programdata\PCDr\5907\Downloads\f8338de4-40cb-4494-bc70-93db3ab9e32d.dll c:\programdata\PCDr\5907\Downloads\fa2ff61b-2c58-4071-916b-f881289a3959.dll c:\users\Yvan\AppData\Local\TempDIR c:\users\Yvan\AppData\Local\TempDIR\BetterInstaller.exe c:\users\Yvan\AppData\Roaming\desktop.ini D:\AUTORUN.INF . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-04 to 2012-02-04 )))))))))))))))))))))))))))))) . . 2012-02-04 11:21 . 2012-02-04 11:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-03 19:48 . 2012-02-03 19:48 388096 ----a-r- c:\users\Yvan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-03 19:09 . 2012-02-03 19:09 -------- d-----w- c:\program files\Trend Micro 2012-02-03 18:35 . 2012-02-03 18:54 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-02-03 18:34 . 2012-02-03 18:34 -------- d-----w- c:\users\XXXX\AppData\Local\PackageAware 2012-02-03 14:10 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F2A962C4-4046-4B3E-8FD2-792C37CC9E27}\mpengine.dll 2012-02-01 19:49 . 2012-02-01 19:49 -------- d-----w- c:\program files\CDBurnerXP 2012-02-01 18:58 . 2012-02-01 18:58 -------- d-----w- c:\program files\Microsoft ATS 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\users\XXXX\AppData\Local\VS Revo Group 2012-01-29 11:22 . 2009-12-30 09:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys 2012-01-29 11:22 . 2012-01-29 11:22 -------- d-----w- c:\program files\VS Revo Group 2012-01-29 10:41 . 2012-01-29 10:41 -------- d-----w- c:\program files\Conduit 2012-01-29 10:41 . 2012-01-29 11:29 -------- d-----w- c:\users\XXXX\AppData\Local\Conduit 2012-01-29 10:41 . 2012-01-29 10:41 -------- d-----w- c:\program files\uTorrent 2012-01-29 10:39 . 2012-02-03 15:29 -------- d-----w- c:\users\XXXX\AppData\Roaming\uTorrent 2012-01-24 17:21 . 2012-01-24 17:21 -------- d-----w- c:\program files\Weather Watcher Live 2012-01-24 10:04 . 2012-01-24 10:04 -------- d-----w- c:\windows\Sun 2012-01-24 10:03 . 2012-01-24 10:02 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-23 12:43 . 2012-01-23 12:47 -------- d-----w- c:\users\XXXX\AppData\Local\sabnzbd 2012-01-23 12:42 . 2012-01-23 12:47 -------- d-----w- c:\program files\SABnzbd 2012-01-13 12:38 . 2012-01-13 12:38 -------- d-----w- c:\users\Default\AppData\Roaming\IObit 2012-01-13 12:26 . 2012-01-13 12:26 9728 ----a-w- c:\windows\system32\lsass.exe 2012-01-13 12:26 . 2012-01-13 12:26 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-13 12:26 . 2012-01-13 12:26 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-13 12:26 . 2012-01-13 12:26 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-13 12:26 . 2012-01-13 12:26 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-13 12:26 . 2012-01-13 12:26 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-13 12:23 . 2011-12-30 16:02 21848 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe 2012-01-13 12:09 . 2012-01-13 12:09 -------- d-----w- c:\users\XXXX\AppData\Roaming\IObit 2012-01-11 11:17 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 11:17 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll 2012-01-11 11:17 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll 2012-01-11 11:17 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll 2012-01-11 11:17 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll 2012-01-11 11:16 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-01-11 11:16 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 11:16 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-26 23:21 . 2009-10-02 15:47 237072 ------w- c:\windows\system32\MpSigStub.exe 2011-12-10 14:24 . 2011-02-07 09:56 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-11-28 18:01 . 2010-06-29 14:47 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2008-09-09 15:02 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-03-12 18:06 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2008-09-09 15:02 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2008-09-09 15:02 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2008-09-09 15:02 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2008-09-09 15:02 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2008-09-09 15:02 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-23 13:37 . 2011-12-15 13:06 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-20 20:50 . 2011-05-13 15:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-08 14:42 . 2011-12-15 13:06 2048 ----a-w- c:\windows\system32\tzres.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DB536AF2-E422-402d-B7FD-887297F1A198}] 2011-09-05 16:55 138032 ----a-w- c:\program files\Smart Suggestor\SmartSuggestor.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632] "NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712] "Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-11 30192] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-02-19 438403] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-11-17 3810304] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-03-13 163840] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 150552] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-25 54672] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-03-16 483428] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] . c:\users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-5-2 1211472] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-08-05 21:14 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-29 497496] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [2009-03-16 81920] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-01-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-05 08:37] . 2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-12 12:37] . 2012-01-29 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-01-30 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-04 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09] . 2012-02-04 c:\windows\Tasks\WpsUpdateTask_Yvan.job - c:\program files\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2011-08-24 16:00] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://partnerpage.google.com/dell.com/nl_be?hl=nl&client=dell-row&channel=be&ibd=5080806 uInternet Settings,ProxyOverride = *.local IE: {{520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - {DB536AF2-E422-402d-B7FD-887297F1A198} - c:\program files\Smart Suggestor\SmartSuggestor.dll TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) SafeBoot-WudfPf SafeBoot-WudfRd . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-04 12:21 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,50,b6,dc,8b,01,03,4d,48,ab,58,3e,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-02-04 12:24:19 ComboFix-quarantined-files.txt 2012-02-04 11:24 . Pre-Run: 31428907008 bytes beschikbaar Post-Run: 31598743552 bytes beschikbaar . - - End Of File - - 64EB929AF4F619B1D89DAAD023920A31

MBAM gaf geen kwaadaardige objecten, zie tekstbestand hieronder Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.02.03.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 XXXX :: XXXXXXXXXXX[administrator] 3/02/2012 21:35:24 mbam-log-2012-02-03 (21-35-24).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 172540 Verstreken tijd: 6 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Nieuw hijacklog; Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:45:46, on 3/02/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Windows\system32\conime.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\DellTPad\Apoint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Users\Yvan\Downloads\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Smart Suggestor - {DB536AF2-E422-402d-B7FD-887297F1A198} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O9 - Extra 'Tools' menuitem: Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Update Service (gupdate1c98d0eb2532413) (gupdate1c98d0eb2532413) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 10433 bytes Moet ik verder nog iets doen? Weerom bedankt en chapeau voor je snelle reactie, toppie ;o)

Beste, Op mijn laptop (Vista) heb ik allerlei verschijnsels waar ik niet echt van weet hoe het komt en wat er aan te doen. Vandaar mijn bericht hier. Het eerste wat ik echt merkte was dat ik na een langere tijd nog eens een DVD wou branden. Mijn DVD station was niet te vinden. Opgelost door een fix van windows. Dan stak ik er een DVD RW in maar deze was niet te zien met als gevolg kon ik hem ook niet uitwerpen. Na lang proberen toch gelukt, zonder reden. DVD kunnen branden maar bleef in afsluitfase te hangen. Na lang proberen uiteindelijk toch kunnen stoppen en de DVD eruit kunnen halen. Brandprogramma CDBurnerXP Mijn laptop blijft soms ook hangen bij het afsluiten, ook als wacht ik langere tijd. De windows is up to date, verder weet ik het eigelijk niet meer wat ik nog kan doen. Iemand raad? Hieronder alvast mijn Hijacklog, als iemand mij verder kan helpen over wat er nu moet of kan... Alvast bedankt voor de moeite, ook als we er niet uit zouden komen. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:49:36, on 3/02/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Dell\DellDock\DellDock.exe C:\Windows\system32\conime.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\DellTPad\Apoint.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Windows\system32\Taskmgr.exe C:\Users\Yvan\Downloads\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Gepersonaliseerde startpagina R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: Smart Suggestor - {DB536AF2-E422-402d-B7FD-887297F1A198} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_30.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O9 - Extra 'Tools' menuitem: Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: Google Update Service (gupdate1c98d0eb2532413) (gupdate1c98d0eb2532413) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 10556 bytes