laptop loopt regelmatig vast.

[DieBir]

Ik heb de bestanden inderdaad via Safe Mode kunnen verwijderen.

Bedankt.

Nu Combifix nog installeren en laten draaien...

[DieBir]

Het heeft even geduurd, maar hieronder het Combofix-logje:

ComboFix 11-05-15.04 - Dieter 17/05/2011 17:58:21.2.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1033.18.2526.1235 [GMT 2:00]

Gestart vanuit: c:\users\Dieter\Desktop\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-04-17 to 2011-05-17 ))))))))))))))))))))))))))))))

.

.

2011-05-17 16:16 . 2011-05-17 16:16 -------- d-----w- c:\users\Dieter\AppData\Local\temp

2011-05-17 16:16 . 2011-05-17 16:16 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-05-17 07:20 . 2011-04-18 07:15 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ED0D76D2-2D48-435F-8F51-FCEAE08EA27E}\mpengine.dll

2011-05-16 07:01 . 2011-05-16 07:01 388096 ----a-r- c:\users\Dieter\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-05-16 06:22 . 2011-05-16 06:22 -------- d-----w- c:\users\Dieter\AppData\Roaming\Malwarebytes

2011-05-16 06:22 . 2011-05-16 06:22 -------- d-----w- c:\programdata\Malwarebytes

2011-05-16 06:22 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-16 06:22 . 2011-05-16 06:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-05-16 06:22 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-13 12:50 . 2011-05-13 12:50 -------- d-----w- c:\program files\Trend Micro

2011-05-13 07:41 . 2011-05-13 07:41 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-12 06:19 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-05-05 15:14 . 2011-05-05 15:14 -------- d-----w- c:\programdata\ATI

2011-04-29 11:55 . 2011-05-17 15:45 -------- d-----w- c:\programdata\AVAST Software

2011-04-29 11:55 . 2011-04-29 11:55 -------- d-----w- c:\program files\AVAST Software

2011-04-28 06:35 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-04-28 06:35 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-04-28 06:35 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll

2011-04-27 15:12 . 2011-04-27 15:12 -------- d-----w- c:\users\Dieter\AppData\Roaming\AVG10

2011-04-27 15:01 . 2011-04-29 11:44 -------- d-----w- c:\programdata\MFAData

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-03-10 17:03 . 2011-04-15 11:30 1162240 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-10 17:03 . 2011-04-15 11:30 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-03-10 07:13 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2011-03-03 15:42 . 2011-04-15 11:30 739328 ----a-w- c:\windows\system32\inetcomm.dll

2011-03-03 15:40 . 2011-04-28 06:35 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll

2011-03-03 15:40 . 2011-04-28 06:35 542720 ----a-w- c:\windows\apppatch\AcLayers.dll

2011-03-03 15:40 . 2011-04-28 06:35 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2011-03-03 15:40 . 2011-04-28 06:35 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll

2011-03-03 13:25 . 2011-04-15 11:30 2041856 ----a-w- c:\windows\system32\win32k.sys

2011-03-02 15:44 . 2011-04-15 11:30 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-02-22 14:13 . 2011-03-23 07:41 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-02-22 13:33 . 2011-03-23 07:41 1068544 ----a-w- c:\windows\system32\DWrite.dll

2011-02-22 13:33 . 2011-03-23 07:41 797696 ----a-w- c:\windows\system32\FntCache.dll

2011-02-22 13:24 . 2011-04-15 11:30 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-02-22 13:24 . 2011-04-15 11:30 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-02-22 13:23 . 2011-04-15 11:30 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-02-22 13:23 . 2011-04-15 11:30 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-02-18 14:03 . 2011-04-15 11:30 305152 ----a-w- c:\windows\system32\drivers\srv.sys

2011-02-18 14:03 . 2011-04-15 11:30 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-02-18 14:03 . 2011-04-15 11:30 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NSUFloatingUI"="c:\program files\Sony\Network Utility\LANUtil.exe" [2008-07-30 262144]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-23 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2011-01-21 624056]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]

"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-06-13 1097728]

"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-14 61440]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2008-07-16 01:04 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]

R3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2009-01-23 36736]

R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 135664]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2008-05-21 103712]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2008-05-21 353568]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2008-05-21 62752]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2008-06-12 337184]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2009-09-08 83312]

R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 722288]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-01 136192]

S2 NSUService;NSUService;c:\program files\Sony\Network Utility\NSUService.exe [2008-07-30 299008]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]

S2 RtkAudioService;Realtek Audio Service;c:\windows\RtkAudioService.exe [2008-07-18 104992]

S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-12-07 2013992]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-23 29736]

S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2009-05-28 4233728]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2008-03-10 9344]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

WindowsMobile REG_MULTI_SZ wcescomm rapimgr

LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

hpdevmgmt REG_MULTI_SZ hpqcxs08

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

Inhoud van de 'Gedeelde Taken' map

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 07:34]

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 07:34]

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3434557470-2526977329-2163495793-1000Core.job

- c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-02 12:34]

.

2011-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3434557470-2526977329-2163495793-1000UA.job

- c:\users\Dieter\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-02 12:34]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

FF - ProfilePath - c:\users\Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\wzjilqbb.default\

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-05-17 18:16

Windows 6.0.6002 Service Pack 2 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-3434557470-2526977329-2163495793-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\ActiveSync]

"Name"="ActiveSync"

"DisplayName"="Microsoft ActiveSync"

"Param1"="ActiveSync"

"Type"="wellknown"

"Order"=dword:00000001

"State"=dword:00000020

.

[HKEY_USERS\S-1-5-21-3434557470-2526977329-2163495793-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\IESettings]

"Name"="IESettings"

"Type"="IESettings"

"Order"=dword:00000003

"State"=dword:0000000b

.

[HKEY_USERS\S-1-5-21-3434557470-2526977329-2163495793-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\MediaFiles]

"Name"="MediaFiles"

"Type"="MediaFiles"

"Order"=dword:00000002

"State"=dword:0000000b

.

[HKEY_USERS\S-1-5-21-3434557470-2526977329-2163495793-1000\Software\Microsoft\Windows Mobile Disc\W*i*n*d*o*w*s* *M*o*b*i*l*e*"!\CriticalAppInstall\Outlook]

"Name"="Outlook"

"DisplayName"="Microsoft Outlook"

"Param1"="Outlook"

"Type"="wellknown"

"Order"=dword:00000000

"State"=dword:0000000b

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b4

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Voltooingstijd: 2011-05-17 18:19:39

ComboFix-quarantined-files.txt 2011-05-17 16:19

.

Pre-Run: 362.933.075.968 bytes free

Post-Run: 363.761.610.752 bytes free

.

- - End Of File - - 03CA8D417972F222B3AB5C22FE884628

[kape]

Mooi zo ... hoe staat het nu met het vastlopen ?

[DieBir]

Gisteren is hij nog eens vastgelopen...

Ik probeer het in het oog te houden wanneer het juist gebeurt.

[Gast correos]

Hallo DieBir,

Heb je al eens geprobeerd,zoals 'k helemaal in het begin opperde,om op netstroom te werken zonder accu.Het is maar een idee daarmede wil 'k het evangelie niet verkondigen hoor!

Vriendelijke groet.

Correos.

[DieBir]

Mijn laptop blijft toch zo ongeveer 1 keer per dag vastlopen. Meestal als ik even niet gewerkt heb. Bijvoorbeeld na de middagpauze.

Iemand een idee?

Batterij er uit halen zal ik ook eens proberen.

[clarkie]

Je hebt misschien bij energiebeheer instellingen staan waardoor je PC in slaapstand gaat?

[DieBir]

Ondertussen blijft de laptop ongeveer elke dag eens crashen en zoals gezegd meestal als ik even niets gedaan heb.

Ik heb hem ingesteld dat hij niet in slaapstand of zo gaat. Ook sluit ik tijdens de middag alle programma's af en toch crasht hij nog.

Aangezien ik hem dan enkel kan uitzetten en terug opstarten vraagt hij nu om een disk check te doen. Deze geeft op het einde echter volgende melding: insufficient disk space to correct errors in index $SII of file 9. Waarna ik hem dus manueel opnieuw moet opstarten en dan maar de disk check cancel.

Iemand een idee wat dit betekent?

Mijn harde schijf is in iedere geval alles behalve vol.

[kweezie wabbit]

Download en installeer Speccy.

Start het programma en er zal nu een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " File - Publish Snapshot " en vervolgens bevestig je die keuze met " Yes ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht.

Dit (KLIK) filmpje laat zien hoe je een Speccy-logje moet plakken in je antwoord.

[DieBir]

Voila:

http://speccy.piriform.com/results/HbCcs3F7SZ6dcW7LtEK5zfB