Traag opstarten en traag reageren

[Have0]

Beste Kape, sorry maar het lukt nog niet om combofix te laten scannen. Ik heb eerst combofix verwijderd. Toen p.c. opnieuw opgestart, toen combofix gedownload maar hij gaat niet verder dan een balk die dan blauw wordt en vervolgens gebeurt er niets. Wel een keer dat ik de p.c. opnieuw moest opstarten maar toen stopte hij ook. Ook uw advies om naam te wijzigen, helaas nog zonder resultaat. Neem aan dat dit niet door virusscan AVG Free komt toch ?

[kape]

Erg vreemd Is er inmiddels iets gewijzigd aan de snelheid van het opstarten ?

[Have0]

Beste Kape, ik heb combofix verwijderd. Weer opnieuw gedownload, naam veranderd op uw advies in .exe Nadat hij op het bureaublad staat, vraag uitvoeren antwoord ja. Balk wordt blauw, dan een piepgeluid. Vervolgens mededeling Garantiebeperking inzake software volgende websiteds hebben geen enkel binding met combofix ComboFix | freeware en ComboFix Download ComboFix Free | ComboFix.exe (2.9MB) optie ja of nee. Op ja geklikt maar dan gebeurt er niets meer. Wat nu ? Toch te maken met blokkering door anti-virus AVG Free,maar weet niet hoe ik deze moet uitschakelen.

---------- Post toegevoegd om 18:18 ---------- Vorige post was om 18:10 ----------

Nee de snelheid van opstarten is gelijk gebleven totaal 3 minuten en 15 seconden. Vreemd vooral en dat is tijdsverlies na welkom blijft het scherm 90 seconden blauw en lijkt er niets te veranderen. Eerste 55 seconden tot Welkom, vervolgens 90 seconden blauw scherm.

[kape]

HIER kan je tips vinden om je scanner uit te schakelen.

[Have0]

Hoi Kape, Yes het is gelukt. Ik had nogmaals een scan laten uitvoeren mbv Malwarebytes Anti-malware maar dan een volledige scan. Hij heeft toen 3 wormen gevonden en verwijderd. Toen lukte de scan van Combofix totdat hij aangaf zet virus AVG uit. Hieronder resultaten logs combofix en malwarebytes anti-malware. Ondanks het verwijderen van de 3 wormen zie ik nog geen verschil maar ben erg nieuwsgierig naar uw adviezen, alvast bedankt

boFix 10-02-09.04 - Eigenaar 10-02-2010 15:09:16.11.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1590 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\Combofix.exe.exe

AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-01-10 to 2010-02-10 ))))))))))))))))))))))))))))))

.

2010-02-10 14:06 . 2010-02-10 14:07 -------- dc----w- C:\Combofix.exe

2010-02-10 11:21 . 2010-02-10 11:21 -------- dc-h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2010-02-07 23:02 . 2010-02-07 23:03 -------- dc----w- C:\rsit

2010-02-07 21:15 . 2010-02-10 12:42 0 -c--a-w- c:\documents and settings\Eigenaar\Local Settings\Application Data\prvlcl.dat

2010-02-05 22:02 . 2010-02-05 22:02 -------- dc----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\AVG Security Toolbar

2010-02-05 19:15 . 2010-02-05 19:46 -------- dc----w- C:\$AVG

2010-02-05 19:14 . 2010-02-05 19:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll

2010-02-05 19:14 . 2010-02-05 19:14 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-02-05 19:14 . 2010-02-05 19:14 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-02-05 19:14 . 2010-02-05 19:14 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys

2010-02-05 19:14 . 2010-02-10 09:58 -------- d-----w- c:\windows\system32\drivers\Avg

2010-02-05 19:14 . 2010-02-05 19:14 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar

2010-02-05 19:14 . 2010-02-05 19:14 -------- d-----w- c:\program files\AVG

2010-02-05 19:13 . 2010-02-05 19:14 -------- dc----w- c:\documents and settings\All Users\Application Data\avg9

2010-01-13 06:42 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-02-07 14:34 . 2007-07-30 16:17 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\Vso

2010-02-05 22:25 . 2005-03-16 21:41 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\Lavasoft

2010-02-05 22:22 . 2008-09-13 18:07 -------- dc--a-w- c:\documents and settings\All Users\Application Data\TEMP

2010-02-05 18:57 . 2005-10-25 20:53 -------- d-----w- c:\program files\Eset

2010-02-05 18:42 . 2005-03-16 21:08 -------- dc----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2010-02-03 18:56 . 2009-11-16 18:59 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\uTorrent

2010-02-03 18:56 . 2007-09-09 19:20 -------- d-----w- c:\program files\LimeWire

2010-02-02 20:15 . 2007-09-09 19:23 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\LimeWire

2010-02-01 20:53 . 2003-07-30 14:51 -------- d-----w- c:\program files\hp deskjet 3420 series

2010-02-01 19:25 . 2003-01-21 17:50 -------- d-----w- c:\program files\Hewlett-Packard

2010-01-31 10:20 . 2009-12-07 17:57 -------- d-----w- c:\program files\Ad Muncher

2010-01-30 22:49 . 2009-12-07 17:57 -------- dc----w- c:\documents and settings\All Users\Application Data\Ad Muncher

2010-01-30 22:42 . 2003-01-21 17:18 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-01-30 22:36 . 2009-11-06 17:30 -------- d-----w- c:\program files\IObit

2010-01-30 22:35 . 2009-12-24 17:23 -------- d-----w- c:\program files\RegistryFix8

2010-01-12 16:30 . 2009-10-14 20:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-01-12 16:29 . 2009-12-06 11:26 5115824 -c--a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2010-01-10 19:37 . 2009-10-18 11:07 -------- dc----w- c:\documents and settings\All Users\Application Data\TuneUp Software

2010-01-08 20:26 . 2010-01-08 19:43 -------- d-----w- c:\program files\GemistDownloader

2010-01-07 15:07 . 2009-10-14 20:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-01-07 15:07 . 2009-10-14 20:42 19160 -c--a-w- c:\windows\system32\drivers\mbam.sys

2009-12-31 16:50 . 2003-03-25 17:16 353792 ----a-w- c:\windows\system32\drivers\srv.sys

2009-12-29 17:22 . 2006-11-07 18:39 -------- d-----w- c:\program files\Brother

2009-12-29 17:18 . 2003-01-21 17:18 -------- d-----w- c:\program files\Common Files\InstallShield

2009-12-28 17:12 . 2006-11-07 18:36 57 -c--a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat

2009-12-28 17:08 . 2006-11-07 18:40 50 -c--a-w- c:\windows\system32\bridf05a.dat

2009-12-24 20:00 . 2009-12-24 20:00 -------- dc----w- c:\documents and settings\LocalService\Application Data\TuneUp Software

2009-12-24 18:07 . 2006-02-28 19:29 -------- dc----w- c:\documents and settings\All Users\Application Data\DVD Shrink

2009-12-22 05:21 . 2004-08-23 18:35 670208 ----a-w- c:\windows\system32\wininet.dll

2009-12-22 05:20 . 2004-08-04 08:03 81920 ----a-w- c:\windows\system32\ieencode.dll

2009-12-21 17:26 . 2009-01-01 17:13 -------- d-----w- c:\program files\Uniblue

2009-12-21 17:25 . 2009-12-21 14:06 -------- d-----w- c:\program files\CodeStuff

2009-12-20 18:55 . 2009-12-20 18:55 -------- dcsh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

2009-12-17 07:42 . 2003-03-25 17:16 345600 ----a-w- c:\windows\system32\mspaint.exe

2009-12-14 07:10 . 2003-03-25 17:39 33280 ----a-w- c:\windows\system32\csrsrv.dll

2009-12-10 15:43 . 2003-01-22 00:22 91518 -c--a-w- c:\windows\system32\perfc013.dat

2009-12-10 15:43 . 2003-01-22 00:22 510428 -c--a-w- c:\windows\system32\perfh013.dat

2009-12-09 10:11 . 2002-09-10 03:18 2028544 ------w- c:\windows\system32\ntkrnlpa.exe

2009-12-09 10:11 . 2002-09-10 03:17 2149888 ------w- c:\windows\system32\ntoskrnl.exe

2009-12-04 18:22 . 2003-03-25 17:41 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2009-11-30 22:27 . 2003-01-21 16:34 79179 -c--a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat

2009-11-27 17:14 . 2003-05-13 09:32 1295872 ----a-w- c:\windows\system32\quartz.dll

2009-11-27 17:14 . 2001-09-07 11:27 17920 ----a-w- c:\windows\system32\msyuv.dll

2009-11-27 16:10 . 2003-03-25 17:38 85504 ----a-w- c:\windows\system32\avifil32.dll

2009-11-27 16:10 . 2003-03-25 17:16 28672 ----a-w- c:\windows\system32\msvidc32.dll

2009-11-27 16:10 . 2003-03-25 17:16 11264 ----a-w- c:\windows\system32\msrle32.dll

2009-11-27 16:10 . 2001-09-07 11:27 8704 ----a-w- c:\windows\system32\tsbyuv.dll

2009-11-27 16:10 . 2001-09-07 11:26 48128 ----a-w- c:\windows\system32\iyuv_32.dll

2009-11-21 16:03 . 2003-03-25 17:15 471552 ----a-w- c:\windows\AppPatch\aclayers.dll

2006-08-27 11:18 . 2006-08-27 11:18 477 -c--a-w- c:\program files\Snelkoppeling naar Samsung.lnk

2002-09-30 01:12 . 2002-09-30 01:12 31477231 -c--a-w- c:\program files\fo-pm8.exe

2002-09-30 01:10 . 2002-09-30 01:10 154 -c--a-w- c:\program files\file_id.diz

2002-09-30 01:09 . 2002-09-30 01:09 5390 -c--a-w- c:\program files\fosi.nfo

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]

2009-11-25 12:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-02-19 202064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2010-02-05 19:14 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

2008-09-01 10:17 87352 ----a-w- c:\windows\system32\LMIinit.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk

backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office Snelstarten.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office Snelstarten.lnk

backup=c:\windows\pss\Microsoft Office Snelstarten.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office Snelzoeken Indexer.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office Snelzoeken Indexer.lnk

backup=c:\windows\pss\Microsoft Office Snelzoeken Indexer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Microsoft Office.lnk

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk

backup=c:\windows\pss\Statusvenster.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^Registration-Studio 8 LE.lnk]

path=c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\Registration-Studio 8 LE.lnk

backup=c:\windows\pss\Registration-Studio 8 LE.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Eigenaar^Menu Start^Programma's^Opstarten^TA_Start.lnk]

path=c:\documents and settings\Eigenaar\Menu Start\Programma's\Opstarten\TA_Start.lnk

backup=c:\windows\pss\TA_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]

c:\kittyfix5210k\CF20613.cfxxe [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KYE_Showicon]

c:\program files\USB Storage RW\shwicon.exe -tKYE\USB Storage RW [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]

2009-11-20 12:51 2335880 -c--a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContentTransferWMDetector.exe]

2008-07-11 15:51 423200 -c--a-w- c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 17:02 15360 ------w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]

1998-05-07 22:04 52736 -c--a-w- c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]

2002-10-16 12:18 155648 -c--a-w- c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]

2005-03-18 11:53 40960 -c--a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)]

2004-11-01 17:22 262144 -c--a-w- c:\windows\system32\ElkCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]

2005-01-18 16:07 196608 -c--a-w- c:\program files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]]

2005-09-07 05:39 73728 -c--a-w- c:\program files\Logitech\Video\InstallHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]

2008-07-24 16:46 63048 -c--a-w- c:\program files\LogMeIn\x86\LogMeInSystray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

2005-09-01 12:04 221184 -c--a-w- c:\windows\system32\LVCOMSX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2010-01-07 15:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 17:03 1695232 -c----w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]

2004-09-24 16:22 1916928 -c----w- c:\program files\Ahead\Nero BackItUp\NBJ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 10:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2002-09-10 04:35 372736 -c--a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

2002-06-03 09:38 49152 -c--a-w- c:\program files\ScanSoft\OmniPageSE\opware32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]

2005-03-18 11:40 57393 -c--a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-01-05 14:18 413696 -c--a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StorageGuard]

2002-06-18 13:01 155648 -c--a-w- c:\program files\VERITAS Software\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2009-07-31 13:23 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2007-07-11 16:07 68856 -c--a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2005-10-27 19:26 180269 -c--a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WCOLOREAL]

2002-11-26 23:14 131072 -c--a-w- c:\program files\Coloreal\COLOREAL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"MSConfig"=c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5-2-2010 20:14 333192]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5-2-2010 20:14 360584]

R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [5-2-2010 20:14 285392]

R2 CaretakerAntispam;Caretaker Antispam Service;c:\program files\SurfRight\Caretaker\AntispamService.exe [17-6-2008 14:30 172280]

R2 CaretakerSvc;Caretaker Service;c:\program files\SurfRight\Caretaker\CaretakerService.exe [17-6-2008 14:27 1218296]

R2 CaretakerUpdate;Caretaker Updater;c:\program files\SurfRight\Caretaker\CaretakerUpdater.exe [17-6-2008 14:27 187640]

R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24-7-2008 17:46 12856]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [13-9-2008 18:04 47640]

S2 CaretakerProxy;Caretaker Proxy;c:\program files\SurfRight\Caretaker\CaretakerProxy.exe [17-6-2008 14:30 1151736]

S4 LMIRfsClientNP;LMIRfsClientNP; [x]

S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16-12-2006 17:54 639224]

.

Inhoud van de 'Gedeelde Taken' map

2010-01-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-02-07 c:\windows\Tasks\FRU Task 2002-06-04 23:12ewlett-Packardeskjet768CF46A416DAEA075A48BB6EA78B0FA439DC8556BB62429D48976F92C495F5A420.job

- c:\program files\Hewlett-Packard\upapp\hpqfruv.exe [2002-06-04 14:12]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Connection Wizard,ShellNext = hxxp://home.service.freesurf.nl/

uInternet Settings,ProxyOverride = <local>;*.local

uInternet Settings,ProxyServer = proxy:8080

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

DPF: {426784E5-24B2-4708-820D-117342FAD009} - hxxp://www.hyves.nl/cab/outlookaddressbook.cab

DPF: {D6BBBC13-56A9-4E62-92AC-4DBEF6CCB38B} - hxxp://playz.project.streamtech.nl/clientdownloads/SFAutoInstall.CAB

DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab

FF - ProfilePath - c:\documents and settings\Eigenaar\Application Data\Mozilla\Firefox\Profiles\12zgfw3k.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/

FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/webResults.html?src=ffb&q=

FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.urlbar.autofill - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.notify.backoffcount - 5

FF - user.js: content.notify.interval - 750000

FF - user.js: content.notify.ontimer - true

FF - user.js: content.switch.threshold - 750000

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: network.http.pipelining - true

FF - user.js: network.http.pipelining.firstrequest - true

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.proxy.pipelining - true

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: nglayout.initialpaint.delay - 0

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

.

- - - - ORPHANS VERWIJDERD - - - -

Notify-WRNotifier - (no file)

MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-02-10 15:16

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(752)

c:\windows\system32\LMIinit.dll

c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(3992)

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\windows\system32\LMIRfsClientNP.dll

.

Voltooingstijd: 2010-02-10 15:22:38

ComboFix-quarantined-files.txt 2010-02-10 14:22

Pre-Run: 17.587.347.456 bytes beschikbaar

Post-Run: 17.559.572.480 bytes beschikbaar

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=,1,2,3,4

- - End Of File - - 2612C6DE055EAC562351F755F4AE81C2

Malwarebytes' Anti-Malware 1.44

Database versie: 3718

Windows 5.1.2600 Service Pack 3

Internet Explorer 6.0.2900.5512

10-2-2010 15:30:02

mbam-log-2010-02-10 (15-30-02).txt

Scan type: Snelle Scan

Objecten gescand: 116190

Verstreken tijd: 6 minute(s), 10 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

[kape]

Het programma RegistryFix : heb je dat binnengehaald op een legale manier of via cracks of keygens ?

[Have0]

Ik heb het niet origineel gekocht maar van een of andere site gedownload. Het mag er van mij af.

[kape]

Ik heb het niet origineel gekocht maar van een of andere site gedownload. Het mag er van mij af.

Niet dat het (zeker) de problemen zal oplossen, maar veel van die downloads zijn onbetrouwbaar. Vandaar dat het me beter lijkt om dit eens te verwijderen. Mogelijk kan dit via je software (als het daar te vinden is) ?

[Have0]

Gezocht en gevonden. Via zoekfunctie gevonden. Er komen ook onderstaande bestanden voor. Moeten deze ook verwijderd worden, of welke in ieder geval wel ?

Registry Booster 2

Registry Booster

Registry

Advanced Register Optimizer

Registry Winner

Registry Backups

SUP REGISTRYDEFRAG.EXE.0675d590.pf

RMIGISTRY

RMIGISTRY

RMIGISTRY

Registry.pol

Rmistry.pol

RMIregistry

Registry.class

RegistykeydollartekenSecurity_attributes.class

RegistryKey.class

Registrypermission.class

RegistryReguest.class

Registry

RgegistyTab.class

Advanced Registry Optimizer

[kape]

Is er een verband tussen deze bestanden en RegistryFix ?

Kijk anders eens of je deze map kan vinden : c:\program files\RegistryFix8. Zo ja, mag je die verwijderen.