[OPGELOST] toepassingsfout bij installatie (0xc0150004) APPCRASH ntdll.dll

[goelever]

Ik heb zonet nieuwe laptop gekocht (dell XPS) en probeer mijn legaal softwarepakket van dreamweaver CS3 te installeren. Alles verloopt normaal tot wanneer ik de toepassing wil starten... ik krijg gewoon de melding "Kan de toepassing niet juist initialiseren (0xc0150004).Klik op OK om de toepassing te beëindigen."

In de details van het probleem vind ik dan het volgende terug :

Gebeurtenisnaam van probleem: APPCRASH

Naam van de toepassing: Dreamweaver.exe

Versie van toepassing: 9.0.0.3496

Tijdstempel van toepassing: 4615f4e6

Naam van foutmodule: ntdll.dll

Versie van foutmodule: 6.0.6001.18000

Tijdstempel van foutmodule: 4791a7a6

Uitzonderingscode: c0150004

Uitzonderingsmarge: 00009cac

Versie van besturingssysteem: 6.0.6001.2.1.0.768.3

Landinstelling-id: 2067

Aanvullende informatie 1: 9d13

Aanvullende informatie 2: 1abee00edb3fc1158f9ad6f44f0f6be8

Aanvullende informatie 3: 9d13

Aanvullende informatie 4: 1abee00edb3fc1158f9ad6f44f0f6be8

Ditzelfde probleem ondervond ik wanneer ik pinnacle studio11 wilde installeren. De installatie verloopt normaal tot wanneer ik ze de eerste keer wil opstarten.

In de details van het probleem vind ik dan het volgende terug :

Gebeurtenisnaam van probleem: APPCRASH

Naam van de toepassing: Studio.exe

Versie van toepassing: 11.0.0.5082

Tijdstempel van toepassing: 4616b026

Naam van foutmodule: ntdll.dll

Versie van foutmodule: 6.0.6001.18000

Tijdstempel van foutmodule: 4791a7a6

Uitzonderingscode: c0150004

Uitzonderingsmarge: 00009cac

Versie van besturingssysteem: 6.0.6001.2.1.0.768.3

Landinstelling-id: 2067

Aanvullende informatie 1: 9d13

Aanvullende informatie 2: 1abee00edb3fc1158f9ad6f44f0f6be8

Aanvullende informatie 3: 9d13

Aanvullende informatie 4: 1abee00edb3fc1158f9ad6f44f0f6be8

Beide softwarepakketten draaiden wel op een medionlaptop met eveneens vista. Kan iemand mij helpen ? Heb al veel gegoogeld maar niks bruikbaars teruggevonden.

[stegisoft]

ntdll.dll is noodzakelijk voor Windows.

Mogelijk is die besmet.

Download

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Dubbelklik op HJTInstall.exe

Klik op "Do a systemscan and save a logfile".

Zet hier dat logje aan je volgende bericht.

Bij Vista moet je eerst met rechterknopmuis klikken op Hijackthis en run as administrator.

[goelever]

Dank je wel voor de vlugge reactie !! Het zou me sterk verwonderen dat mijn nieuw pceetje al besmet is...Ik heb gedaan wat je vroeg en zie niks speciaals...maar jij misschien wel.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:15:22, on 31/05/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Dell Video Chat\DellVideoChat.exe

C:\Program Files\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\conime.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Pinnacle\Studio 11\programs\umi.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell / MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer aangeboden door Dell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: FAIESSO Helper Object - {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - C:\Program Files\Sensible Vision\Fast Access\FAIESSO.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [FATrayAlert] C:\Program Files\Sensible Vision\Fast Access\FATrayMon.exe

O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m

O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKCU\..\Run: [VistaBatterySaver] C:\Program Files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [sightSpeed] "C:\Program Files\Dell Video Chat\DellVideoChat.exe" -bootmode

O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')

O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O13 - Gopher Prefix:

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - Winlogon Notify: FastAccess - C:\Program Files\Sensible Vision\Fast Access\FALogNot.dll

O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - c:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_d3d17bc1\aestsrv.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe

O23 - Service: FAService - Sensible Vision - C:\Program Files\Sensible Vision\Fast Access\FAService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys

O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_d3d17bc1\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

--

End of file - 11097 bytes

[stegisoft]

Ik denk dat er 3 verdachte bestanden zijn.

Er moeten ook een paar regels weg.

Mijn collega zal u zo spoedig mogelijk helpen.

[kape]

Dit logje ziet er prima uit. Enkel over Sensible Vision bestaat wel wat twijfel, omdat dit wel eens als "riskware" wordt bestempeld. Maar als dit standaard meegeleverd werd met je Dell (en meestal is dat het geval), zou dat ook geen probleem mogen zijn. Heb je het zelf later geïnstalleerd, dan zou je het eens verder kritisch moeten bekijken.

[goelever]

Dit programma is inderdaad een service van Dell dat voorgeïnstalleerd was.

En hebben jullie nog enig idee wat er dan echt fout gaat. Dit is toch niet normaal dat ik een bepaalde software niet kan installeren ? Dit heb ik nog nooit meegemaakt. De programma's starten gewoon niet op...

[kape]

Nog even iets proberen :

Download Combofix naar je Bureaublad.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

• 
  Dubbelklik op Combofix.exe om het te starten.
  Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
  Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
  Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
  Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
  Klik na afloop terug op Ja om het scannen op malware te starten.
  Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
  

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

[goelever]

Hier is ie : ik zie niks verdachts maar dit gaat dan ook boven mijn petje...

Ik hoop dat jij iets vindt...

ComboFix 09-05-31.06 - ward 01/06/2009 19:12.1 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.32.1043.18.3066.1943 [GMT 2:00]

Gestart vanuit: c:\users\ward\Downloads\ComboFix.exe

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-05-01 to 2009-06-01 ))))))))))))))))))))))))))))))

.

2009-06-01 17:16 . 2009-06-01 17:16 -------- d-----w- c:\users\ward\AppData\Local\temp

2009-06-01 16:52 . 2009-06-01 16:52 -------- d-----w- c:\programdata\D2dWizardTemp

2009-06-01 16:50 . 2009-06-01 16:51 -------- d-----w- c:\users\ward\TESTMAP

2009-06-01 16:49 . 2009-06-01 16:49 -------- d-----w- c:\users\ward\Nieuwe map

2009-06-01 16:49 . 2009-06-01 16:49 -------- d-----w- c:\users\ward\AppData\Local\Pinnacle

2009-06-01 16:22 . 2009-06-01 16:22 -------- d-----w- c:\program files\MSXML 4.0

2009-05-31 20:15 . 2009-05-31 20:15 -------- d-----w- c:\program files\Trend Micro

2009-05-31 19:07 . 2009-05-31 19:07 -------- d-----w- c:\users\ward\AppData\Local\Google

2009-05-31 19:07 . 2009-05-31 19:07 -------- d-----w- c:\program files\Google

2009-05-31 19:02 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2009-05-31 19:02 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll

2009-05-31 19:02 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll

2009-05-31 18:25 . 2009-05-31 18:25 -------- d-----w- c:\users\ward\AppData\Local\Dell

2009-05-31 17:48 . 2005-07-12 12:25 401408 ----a-w- c:\windows\system32\pvmjpg30.dll

2009-05-31 17:48 . 2003-04-21 14:11 82432 ----a-w- c:\windows\system32\msxml4r.dll

2009-05-31 17:48 . 2003-04-21 14:11 44544 ----a-w- c:\windows\system32\msxml4a.dll

2009-05-31 17:48 . 2007-03-06 16:53 41984 ----a-w- c:\windows\system32\cacheX.dll

2009-05-31 17:48 . 2006-04-11 13:03 233472 ------w- c:\windows\system32\DiskIO.dll

2009-05-31 17:48 . 2006-04-11 13:03 184320 ------w- c:\windows\system32\RALMain.dll

2009-05-31 17:48 . 2005-12-12 13:57 32768 ------w- c:\windows\system32\MLPagAx.dll

2009-05-31 17:48 . 2004-01-02 10:28 126976 ------w- c:\windows\system32\AVIPrAx.dll

2009-05-31 17:48 . 2001-12-11 20:21 73728 ------w- c:\windows\system32\MMAviAx.dll

2009-05-31 17:45 . 2004-07-02 15:28 84992 ----a-w- c:\windows\system32\ATL70.DLL

2009-05-31 17:45 . 2007-01-26 00:04 57856 ----a-w- c:\windows\system32\masd32.dll

2009-05-31 17:45 . 2007-01-26 00:04 27648 ----a-w- c:\windows\system32\ma32.dll

2009-05-31 17:45 . 2007-01-26 00:04 196096 ----a-w- c:\windows\system32\macd32.dll

2009-05-31 17:45 . 2007-01-26 00:04 138752 ----a-w- c:\windows\system32\mase32.dll

2009-05-31 17:45 . 2007-01-26 00:04 136192 ----a-w- c:\windows\system32\mamc32.dll

2009-05-31 17:42 . 2005-02-09 10:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys

2009-05-31 17:40 . 2007-01-04 08:07 171520 ----a-w- c:\windows\system32\drivers\MarvinBus.sys

2009-05-31 17:40 . 2004-02-24 11:04 41219 ----a-w- c:\windows\RSETPATH.exe

2009-05-31 17:38 . 2009-06-01 16:52 -------- d-----w- c:\program files\Pinnacle

2009-05-31 17:38 . 2009-05-31 17:38 -------- d-----w- c:\programdata\Pinnacle Studio

2009-05-31 17:34 . 2009-05-31 17:34 -------- d-----w- c:\programdata\Pinnacle

2009-05-31 17:33 . 2009-05-31 17:33 -------- d-----w- c:\users\ward\AppData\Roaming\InstallShield

2009-05-31 17:20 . 2009-05-31 17:20 -------- d-----w- c:\program files\Bonjour

2009-05-31 17:08 . 2009-05-31 17:08 -------- d-----w- c:\users\ward\AppData\Roaming\Windows Live Writer

2009-05-31 17:08 . 2009-05-31 17:08 -------- d-----w- c:\users\ward\AppData\Local\Windows Live Writer

2009-05-31 16:59 . 2009-05-31 16:59 -------- d-----w- c:\users\ward\AppData\Roaming\CyberLink

2009-05-31 14:29 . 2009-05-31 14:29 -------- d-----w- c:\users\ward\AppData\Local\Stardock_Corporation

2009-05-21 11:04 . 2002-08-29 17:00 1703936 ----a-w- c:\windows\system32\gdiplus.dll

2009-05-21 11:04 . 2000-05-01 21:02 110592 ----a-w- c:\windows\system32\ccrpbds6.dll

2009-05-21 11:04 . 2009-05-21 11:04 -------- d-----w- c:\program files\PIXresizer

2009-05-21 10:55 . 2009-05-21 10:55 -------- d-----w- c:\program files\2BrightSparks

2009-05-21 10:53 . 2009-05-21 10:53 -------- d-----w- c:\users\ward\AppData\Roaming\vlc

2009-05-21 10:51 . 2009-05-21 10:51 -------- d-----w- c:\program files\VideoLAN

2009-05-21 10:46 . 2009-05-21 10:46 -------- d-----w- c:\users\ward\AppData\Local\Tamir_Khason

2009-05-21 10:45 . 2009-05-21 10:45 -------- d-----w- c:\program files\SharpSoft

2009-05-20 23:56 . 2009-05-21 00:26 -------- d-----w- c:\program files\Microsoft Works

2009-05-20 23:56 . 2009-05-20 23:56 -------- d-----w- c:\program files\Microsoft.NET

2009-05-20 23:54 . 2009-05-20 23:54 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2009-05-20 23:51 . 2009-05-20 23:51 -------- d--h--r- C:\MSOCache

2009-05-20 23:14 . 2009-05-20 23:14 -------- d-----w- c:\program files\DAEMON Tools

2009-05-20 23:11 . 2009-05-20 23:11 682232 ----a-w- c:\windows\system32\drivers\sptd.sys

2009-05-20 23:10 . 2009-05-20 23:10 -------- d-----w- c:\programdata\Roxio

2009-05-20 23:10 . 2009-05-20 23:10 -------- d-----w- c:\users\ward\AppData\Roaming\Roxio

2009-05-20 22:19 . 2009-05-20 22:19 6944 ----a-w- c:\users\ward\AppData\Local\d3d9caps.dat

2009-05-20 22:04 . 2009-05-20 22:04 -------- d-----w- c:\programdata\Office Genuine Advantage

2009-05-20 22:00 . 2009-05-20 22:00 -------- d-----w- c:\users\ward\AppData\Local\Microsoft Help

2009-05-20 21:25 . 2009-05-20 21:25 -------- d-----w- c:\users\ward\AppData\Roaming\Reallusion

2009-05-20 21:24 . 2009-05-20 21:25 -------- d-----w- c:\programdata\Creative

2009-05-20 21:24 . 2009-05-20 21:24 -------- d-----w- c:\users\ward\AppData\Roaming\Creative

2009-05-20 21:19 . 2009-05-20 21:19 780104 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2009-05-20 21:16 . 2009-05-31 15:06 -------- d-----w- c:\users\ward\AppData\Local\Adobe

2009-05-20 21:16 . 2009-05-23 16:41 -------- d-----w- c:\programdata\FLEXnet

2009-05-20 21:13 . 2009-05-20 21:13 -------- d-----w- c:\users\ward\AppData\Local\MigWiz

2009-05-20 20:26 . 2009-05-20 20:26 604416 ----a-w- c:\windows\system32\TUProgSt.exe

2009-05-20 20:26 . 2009-04-27 12:21 17152 ----a-w- c:\windows\system32\authuitu.dll

2009-05-20 20:26 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll

2009-05-20 20:26 . 2009-05-20 20:26 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe

2009-05-20 20:25 . 2009-05-20 20:25 -------- d-----w- c:\users\ward\AppData\Roaming\TuneUp Software

2009-05-20 20:25 . 2009-05-31 16:23 -------- d-----w- c:\program files\TuneUp Utilities 2009

2009-05-20 20:25 . 2009-05-20 20:25 -------- d-----w- c:\programdata\TuneUp Software

2009-05-20 20:25 . 2009-05-20 20:25 -------- d-sh--w- c:\programdata\{55A29068-F2CE-456C-9148-C869879E2357}

2009-05-20 18:34 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2009-05-20 18:34 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2009-05-20 18:34 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2009-05-20 18:34 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2009-05-20 18:34 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2009-05-20 18:34 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2009-05-20 18:34 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe

2009-05-20 18:30 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll

2009-05-20 18:30 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll

2009-05-20 18:30 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll

2009-05-20 18:30 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2009-05-20 18:30 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2009-05-20 18:28 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll

2009-05-20 18:28 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2009-05-20 18:23 . 2009-02-09 03:10 2033152 ----a-w- c:\windows\system32\win32k.sys

2009-05-20 18:17 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll

2009-05-20 18:17 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe

2009-05-20 18:17 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll

2009-05-20 18:17 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll

2009-05-20 18:16 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll

2009-05-20 18:16 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll

2009-05-20 18:16 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll

2009-05-20 18:16 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll

2009-05-20 18:16 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe

2009-05-19 20:10 . 2009-06-01 16:16 -------- d-----w- c:\users\ward\Tracing

2009-05-19 20:02 . 2009-05-19 20:02 -------- d-----w- c:\users\ward\AppData\Local\SupportSoft

2009-05-19 19:44 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-05-19 19:44 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-05-19 19:44 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-05-19 19:44 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-05-19 19:44 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-05-19 19:44 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe

2009-05-19 19:44 . 2009-02-05 20:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2009-05-19 19:44 . 2009-05-19 19:44 -------- d-----w- c:\program files\Alwil Software

2009-05-19 19:24 . 2009-05-19 19:24 -------- d-----w- c:\users\ward\AppData\Roaming\ATI

2009-05-19 19:24 . 2009-05-19 19:24 -------- d-----w- c:\users\ward\AppData\Local\ATI

2009-05-19 19:24 . 2009-05-19 19:24 -------- d-----w- c:\programdata\ATI

2009-05-19 19:24 . 2009-05-19 19:24 -------- d-----w- c:\users\ward\AppData\Local\DataSafeOnline

2009-05-19 19:23 . 2009-05-31 17:07 -------- d-----w- c:\users\ward\AppData\Local\PowerDVD DX

2009-05-19 19:22 . 2009-05-31 17:58 -------- d-----w- c:\users\ward\AppData\Local\VirtualStore

2009-05-19 19:20 . 2009-05-19 19:20 -------- d-----w- c:\users\ward\AppData\Roaming\Dell

2009-05-19 19:20 . 2009-05-31 17:55 113920 ----a-w- c:\users\ward\AppData\Local\GDIPFONTCACHEV1.DAT

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\users\Default\Sjablonen

2009-05-15 21:30 . 2009-02-25 07:37 44288 ----a-w- c:\windows\system32\drivers\hcw17bda.sys

2009-05-15 21:28 . 2009-05-15 21:28 26112 ----a-w- c:\windows\system32\hidserv.dll

2009-05-15 21:28 . 2009-05-15 21:28 22016 ----a-w- c:\windows\system32\hid.dll

2009-05-15 21:27 . 2009-05-15 21:27 1191936 ----a-w- c:\windows\system32\msxml3.dll

2009-05-15 21:27 . 2009-05-15 21:27 74752 ----a-w- c:\windows\system32\newdev.exe

2009-05-15 21:27 . 2009-05-15 21:27 468992 ----a-w- c:\windows\system32\newdev.dll

2009-05-15 21:27 . 2009-05-15 21:27 180224 ----a-w- c:\windows\system32\scrobj.dll

2009-05-15 21:27 . 2009-05-15 21:27 172032 ----a-w- c:\windows\system32\scrrun.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-06-01 16:20 . 2008-01-21 06:47 670308 ----a-w- c:\windows\system32\perfh013.dat

2009-06-01 16:20 . 2008-01-21 06:47 127900 ----a-w- c:\windows\system32\perfc013.dat

2009-05-20 23:56 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild

2009-05-20 21:34 . 2009-05-20 21:34 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\programdata\Sjablonen

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\programdata\Menu Start

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\programdata\Favorieten

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\programdata\Documenten

2009-05-19 19:15 . 2009-05-19 19:15 -------- d-sh--we c:\programdata\Bureaublad

2009-05-15 21:29 . 2009-05-15 21:29 -------- d-----w- c:\program files\Synaptics

2009-05-15 21:29 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-05-15 21:19 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-05-15 21:10 . 2008-01-21 03:13 6656 ------w- c:\windows\system32\drivers\errdev.sys

2009-05-15 21:09 . 2006-11-02 08:30 141880 ----a-w- c:\windows\system32\halacpi.dll

2009-05-15 21:09 . 2006-11-02 08:30 177208 ----a-w- c:\windows\system32\halmacpi.dll

2009-05-15 21:05 . 2009-05-15 21:05 5333 ----a-w- c:\windows\system32\drivers\1028_Dell_STU_1640.mrk

2009-05-15 13:36 . 2009-05-15 13:36 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf

2009-05-15 12:16 . 2009-05-15 12:16 -------- d-----w- c:\windows\Fonts\Fonts

2009-05-15 12:15 . 2009-05-15 12:15 129784 ------w- c:\windows\system32\pxafs.dll

2009-05-15 12:15 . 2009-05-15 12:15 118520 ------w- c:\windows\system32\pxinsi64.exe

2009-05-15 12:15 . 2009-05-15 12:15 116472 ------w- c:\windows\system32\pxcpyi64.exe

2009-05-15 12:15 . 2009-05-15 12:15 69120 ----a-w- c:\programdata\SupportSoft\DellSupportCenter\_default\data\f9cd5860-4b46-43fa-aa04-46ba9e956204\7e7d3c88-958b-4607-85a7-8c1cc5188887.1\NOTEPAD.EXE

2009-05-15 12:15 . 2009-05-15 12:15 -------- d-----w- c:\programdata\SupportSoft

2009-05-15 12:15 . 2009-05-15 12:15 -------- d-----w- c:\programdata\PCDr

2009-05-15 12:15 . 2009-05-15 12:15 -------- d-----w- c:\programdata\PC-Doctor

2009-05-15 12:15 . 2009-05-15 12:14 -------- d-----w- c:\program files\Dell Support Center

2009-03-17 03:38 . 2009-05-20 18:26 13824 ----a-w- c:\windows\system32\apilogen.dll

2009-03-17 03:38 . 2009-05-20 18:26 24064 ----a-w- c:\windows\system32\amxread.dll

2009-03-08 11:34 . 2009-05-20 18:40 914944 ----a-w- c:\windows\system32\wininet.dll

2009-03-08 11:34 . 2009-05-20 18:40 43008 ----a-w- c:\windows\system32\licmgr10.dll

2009-03-08 11:33 . 2009-05-20 18:40 18944 ----a-w- c:\windows\system32\corpol.dll

2009-03-08 11:33 . 2009-05-20 18:40 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-03-08 11:33 . 2009-05-20 18:40 109568 ----a-w- c:\windows\system32\PDMSetup.exe

2009-03-08 11:33 . 2009-05-20 18:40 132608 ----a-w- c:\windows\system32\ieUnatt.exe

2009-03-08 11:33 . 2009-05-20 18:40 107520 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2009-03-08 11:33 . 2009-05-20 18:40 107008 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2009-03-08 11:33 . 2009-05-20 18:40 103936 ----a-w- c:\windows\system32\SetDepNx.exe

2009-03-08 11:33 . 2009-05-20 18:40 420352 ----a-w- c:\windows\system32\vbscript.dll

2009-03-08 11:32 . 2009-05-20 18:40 72704 ----a-w- c:\windows\system32\admparse.dll

2009-03-08 11:32 . 2009-05-20 18:40 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-03-08 11:32 . 2009-05-20 18:40 66560 ----a-w- c:\windows\system32\wextract.exe

2009-03-08 11:32 . 2009-05-20 18:40 169472 ----a-w- c:\windows\system32\iexpress.exe

2009-03-08 11:31 . 2009-05-20 18:40 34816 ----a-w- c:\windows\system32\imgutil.dll

2009-03-08 11:31 . 2009-05-20 18:40 48128 ----a-w- c:\windows\system32\mshtmler.dll

2009-03-08 11:31 . 2009-05-20 18:40 45568 ----a-w- c:\windows\system32\mshta.exe

2009-03-08 11:22 . 2009-05-20 18:40 156160 ----a-w- c:\windows\system32\msls31.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2007-04-03 165784]

"VistaBatterySaver"="c:\program files\SharpSoft\Vista Battery Saver\VistaBatterySaver.exe" [2007-08-24 479232]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"SightSpeed"="c:\program files\Dell Video Chat\DellVideoChat.exe" [2008-12-18 4823928]

"LaunchList"="c:\program files\Pinnacle\Studio 11\LaunchList2.exe" [2007-03-21 145496]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-31 39408]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-11-21 1422632]

"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-01-19 483420]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"FATrayAlert"="c:\program files\Sensible Vision\Fast Access\FATrayMon.exe" [2008-09-05 95488]

"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2008-11-03 1745648]

"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-01-09 405639]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-01-29 206064]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-04-02 128232]

"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-05-31 68592]

c:\users\ward\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-27 1316192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]

2008-09-05 15:16 140544 ----a-w- c:\program files\Sensible Vision\Fast Access\FALogNot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]

2009-05-15 12:10 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Notification Packages REG_MULTI_SZ scecli FAPassSync

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2484369902-369203502-187462692-1000]

"EnableNotificationsRef"=dword:0000000a

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{D2A36FE8-71F4-4DE4-AB8F-E5DA115E3286}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{24C81282-774E-4065-9B1F-70D85107FC6C}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server

"{2B14692D-D936-45E9-A748-A69746566CE7}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

"TCP Query User{9C64C431-3139-477B-8B29-2A08F9DFDFA5}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"UDP Query User{23D8E828-1254-43C4-B18C-078FE99D8F2A}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer

"{516F8CA8-72E6-4FCB-B4FD-3A1B725CF68B}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook

"{FD549E43-125F-4B84-A5E8-117FAB66103C}"= c:\program files\CyberLink\PowerDVD DX\PowerDVD.exe:CyberLink PowerDVD DX

"{CCFC35C1-E6FB-45C6-811E-FBBC20661ACC}"= c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:CyberLink PowerDVD DX Resident Program

"{350C50B1-CBDB-4B5A-B3D2-B2AEF7AF0445}"= UDP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager

"{3BC0757B-50D4-41B9-BF2F-47C24AFDC119}"= TCP:c:\program files\Pinnacle\Studio 11\programs\RM.exe:Render Manager

"{5C05A3FD-4EC7-4519-8F7D-AD24A5462C08}"= UDP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio

"{A6E3728B-446A-4A95-94A8-1A918293ACB9}"= TCP:c:\program files\Pinnacle\Studio 11\programs\Studio.exe:Studio

"{45EC0618-D6B6-4D21-8D7E-0ABD37C60D99}"= UDP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile

"{8D688C9C-C1F1-46FD-8BE7-8B7CFD2566DC}"= TCP:c:\program files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:PMSRegisterFile

"{68F5AB2B-BA83-49E7-83D9-8C3D3FFE92D9}"= UDP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi

"{64CC5A33-3147-44FC-80D9-11EAA84D01E7}"= TCP:c:\program files\Pinnacle\Studio 11\programs\umi.exe:umi

"{FFD81D3B-0399-4DBF-A493-EEB4D3CEDB15}"= UDP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat

"{71D51728-71FE-4A8A-B749-0814966C9A52}"= TCP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat

"{BDCB2550-9B8A-45E9-A1AF-712B44D0B830}"= UDP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat

"{28BFC8C1-0E2A-41F5-BC93-3CE430EDFF17}"= TCP:c:\program files\Dell Video Chat\DellVideoChat.exe:Dell Video Chat

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [19/05/2009 21:44 114768]

R2 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7};Power Control [2009/05/31 19:07];c:\program files\CyberLink\PowerDVD DX\000.fcl [15/05/2009 14:14 87536]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [16/09/2008 12:03 169312]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_d3d17bc1\AEstSrv.exe [15/05/2009 23:29 81920]

R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [19/05/2009 21:44 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [19/05/2009 21:44 51792]

R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [18/12/2008 13:05 155648]

R2 FAService;FAService;c:\program files\Sensible Vision\Fast Access\FAService.exe [5/09/2008 17:16 2340096]

R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [20/05/2009 22:26 604416]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\System32\drivers\CtClsFlt.sys [15/05/2009 14:31 144128]

R3 hcw17bda;Hauppauge SMS1000-based;c:\windows\System32\drivers\hcw17bda.sys [15/05/2009 23:30 44288]

R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [15/05/2009 23:29 54784]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\k57nd60x.sys [15/05/2009 23:29 203264]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [15/05/2009 23:29 3662848]

R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [15/05/2009 23:29 133472]

R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [15/05/2009 23:29 279488]

S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [15/05/2009 13:53 29736]

S3 FACAP;facap, FastAccess Video Capture;c:\windows\System32\drivers\facap.sys [2/08/2008 16:36 230912]

--- Andere Services/Drivers In Geheugen ---

*Deregistered* - sptd

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Inhoud van de 'Gedeelde Taken' map

2009-06-01 c:\windows\Tasks\1-klik Onderhoud.job

- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:51]

2009-05-20 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-06-01 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

2009-06-01 c:\windows\Tasks\User_Feed_Synchronization-{3491E84E-87EE-4E1C-A34E-7CFAC252657D}.job

- c:\windows\system32\msfeedssync.exe [2009-05-20 11:31]

.

- - - - ORPHANS VERWIJDERD - - - -

HKLM-Run-FAStartup - (no file)

SafeBoot-procexp90.Sys

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-06-01 19:16

Windows 6.0.6001 Service Pack 1 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7}]

"ImagePath"="\??\c:\program files\CyberLink\PowerDVD DX\000.fcl"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,0c,bf,59,9b,72,

77,be,33,c8,28,51,af,b0,29,a3,98,67,39,b4,6e,47,33,15,75,e2,63,26,f1,3f,c8,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,1d,96,02,46,2b,

28,a9,5d,71,3b,04,66,8b,46,0d,96,0f,3b,b5,c7,24,1d,76,d3,6a,9c,d6,61,af,45,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,ae,0e,a1,3d,d1,

14,ea,78,25,da,ec,7e,55,20,c9,26,28,47,60,33,8f,fa,63,06,ff,7c,85,e0,43,d4,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,20,85,be,e9,ac,

82,38,4a,3e,1e,9e,e0,57,5a,93,61,7d,7c,d1,e0,ca,df,61,54,86,8c,21,01,be,91,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,12,ac,bb,21,37,

2a,b4,39,cd,44,cd,b9,a6,33,6c,cd,af,84,ad,1a,e2,7c,27,78,f5,1d,4d,73,a8,13,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,d4,1d,2d,48,3b,

6a,81,84,b0,18,ed,a7,3f,8d,37,a4,b7,44,a8,5b,34,68,10,03,df,20,58,62,78,6b,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:97,20,4e,9a,c7,f1,35,ee,3d,ee,4f,4e,4d,

df,56,b7,31,77,e1,ba,b1,f8,68,02,02,9f,07,55,9f,dc,23,42,fb,a7,78,e6,12,2f,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,35,b7,01,2e,e7,

0d,36,a2,83,6c,56,8b,a0,85,96,ab,14,1e,ca,37,bd,b6,77,19,01,3a,48,fc,e8,04,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,f9,2d,e3,90,dd,

3e,9b,6d,51,fa,6e,91,28,9e,14,cc,62,8f,45,78,53,2a,e0,92,f6,0f,4e,58,98,5b,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,fd,58,8d,fd,94,

42,dd,9d,b1,cd,45,5a,a8,c4,f8,b9,4b,c2,5c,b9,4a,d5,12,59,3d,ce,ea,26,2d,45,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,60,49,a2,4b,71,

20,14,40,e3,0e,66,d5,eb,bc,2f,6b,3d,8d,e7,a9,a2,3e,5f,25,2a,b7,cc,b5,b9,7f,\

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\system32\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,2a,33,21,7c,f4,

ae,c4,e6,fa,ea,66,7f,d4,3b,6b,70,4d,cb,dd,cc,57,f1,91,56,6c,43,2d,1e,aa,22,\

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'lsass.exe'(744)

c:\windows\system32\FAPassSync.dll

.

Voltooingstijd: 2009-06-01 19:17

ComboFix-quarantined-files.txt 2009-06-01 17:17

Pre-Run: 220.860.755.968 bytes beschikbaar

Post-Run: 220.953.812.992 bytes beschikbaar

375 --- E O F --- 2009-06-01 16:22

[kape]

Malware mag je nu wel zo goed als uitsluiten. Er moet dus een andere oorzaak zijn.

Verwijder eerst even Combofix via Start -> Uitvoeren -> typ combofix /u

En probeer dan eens of de herstelfunctie van Windows enige oplossing brengt : Start -> Uitvoeren -> typ sfc /scannow

[stegisoft]

Als sfc/scannow niet gelukt is dan dit eens proberen:

Kan u tijdelijk TuneUp Software uitschakelen.

Test nu eens dreamweaver.