wildstream

Een andere problematiek ok...mijn motto is alles kan beter. Mijn ram-geheugen kan idd x4 Ik brand één dezer een cd en hou je op de hoogte van de testresultaten.

Ok...ik vind dat wel onstabiel. Ik zal één deze een cdke branden en indien nodig mijn geheugen vervangen of verdubbelen. Ik zie hier net dat bij een download van 355 kb/sec mijn geheugengebruik 83 % is, dus mss ligt het wel degelijk daaraan.

In bericht nr 16 heb ik een afbeelding van een foutmelding gepost, dit kan toch niks met geheugen te maken hebben of heb ik het zo verkeerd voor? Het fenomeen trad idd vlak na de installatie op en ik schonk er niet zoveel aandacht aan tot ik op de site van pchelp botste...vandaar. De usb stick ligt klaar, hoe krijg ik de mogelijkheid om de optie te kiezen om op te starten via usb in de bios? Ik kan enkel kiezen tussen cd rom en hd.

Ik bedoel dat ik de opstartvolgorde niet kan aanpassen als mijn usb poort niet wordt weergegeven hé. Ahja..ik zie wel wat ik ermee doe, zou me sterk verwonderen dat het probleem bij mijn pc geheugen te zoeken is.

Hier ben ik al terug...usb drive E: is niet zichtbaar in de bios.

Ik moest blijkbaar mijn usb stick formateren als multiboot, ik denk dat het nu gelukt is en ga de memory test nu starten.

Ok, dit probeer ik vanaf ik terug lege cd's in huis heb....via usb stick lukt dit niet zeker?

Ja natuurlijk wel, zoals je vroeg heb ik enkel deze gepost die niet up to date/onbekend zijn. Bij driver staat current, bij chipset valid.

oei...blij dat ik niet alleen voor een raadsel sta ;-)

drivers identiek als vroeger, veilige modus is idem

Ik krijg geen melding, het floept vanzelf terug weg nadat het 100pct heeft gehaald.

Ik heb bovenstaande geprobeerd maar er wordt helaas geen log opgeslaan en ik kreeg ook geen overzicht. Ik moest mijn windows cd insteken en de controle ging tot 100 procent

http://speccy.piriform.com/results/hAqmLsVauFAOUYmLQAvH0d6

Nog niet optimaal, wanneer ik bv in mijn mailbox klik om je reactie te bekijken dan krijg ik volgende foutmelding : Het rare is dat die foutmelding dus verschijnt maar toch opent tergelijkertijd internet zonder probleem. Ook het opstarten gaat nog steeds traag, pc blijft een tijd hangen wanneer bureaublad achtergrond verschijnt...het duurt lang alvorens de windows taakbalk verschijnt.

ComboFix 12-07-05.02 - baco 05/07/2012 18:51:33.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1014.662 [GMT 2:00] Gestart vanuit: c:\documents and settings\baco\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\baco\Bureaublad\CFScript.txt AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-05 to 2012-07-05 )))))))))))))))))))))))))))))) . . 2012-06-13 02:19 . 2012-06-13 02:19 -------- d-----w- c:\documents and settings\baco\Local Settings\Application Data\AVG Secure Search 2012-06-07 07:36 . 2012-06-07 07:36 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-07 07:36 . 2012-06-07 07:36 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-02 06:25 . 2012-04-02 01:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-02 06:25 . 2011-09-05 20:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-11 14:35 . 2011-01-07 03:43 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-04-23 12:17 . 2012-05-10 14:53 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-04-12 03:27 . 2012-04-12 03:27 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE 2012-04-12 03:26 . 2012-04-25 22:01 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-06-16 21:51 . 2011-05-25 07:08 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-05_12.49.10 ))))))))))))))))))))))))))))))))))))))))) . + 2012-07-05 12:53 . 2012-07-05 12:53 16384 c:\windows\temp\Perflib_Perfdata_550.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-12 14:32 2068536 ----a-w- c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-12 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-10-14 3217368] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2003-12-01 892928] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 19968] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-12 1104440] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072] "RTHDCPL"="RTHDCPL.EXE" [2010-10-05 19580520] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 00:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2012-02-27 12:43 801792 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgam.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 8:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 16:03 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 6:41 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5-4-2011 0:59 297168] R2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [9-3-2011 19:24 2708024] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [31-1-2012 15:02 7391072] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 5:33 269520] R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [23-10-2011 19:19 12184] R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [12-4-2012 5:27 175624] R2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [12-4-2012 5:27 69640] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [14-5-2012 22:40 632792] R2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [12-6-2012 16:32 935480] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12-7-2010 4:33 30432] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 21:28 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 7:53 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 7:53 27216] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17-10-2010 22:28 1691480] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [11-5-2011 15:45 167264] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12-7-2010 4:33 30432] S3 BCM42XX;Broadcom iLine10-networkadapterstuurprogramma;c:\windows\system32\drivers\bcm42xx5.sys [17-10-2010 16:44 54271] S3 BCM44X2;Stuurprogramma voor BCM 10/100 ethernet-netwerkadapter;c:\windows\system32\drivers\BCM4E5.SYS [17-10-2010 16:41 26568] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7-1-2011 5:43 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25-4-2012 22:24 113120] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-07-01 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-05-22 20:04] . 2011-02-20 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2011-02-19 14:31] . 2011-02-20 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2011-02-19 14:31] . . ------- Bijkomende Scan ------- . uStart Page = about:blank uInternet Settings,ProxyServer = http=;ftp=;https=; IE: Download with &Media Finder - c:\program files\Media Finder\hook.html TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\documents and settings\baco\Application Data\Mozilla\Firefox\Profiles\abzlbh6e.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbb473e&v=7.008.031.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.ftp - 72.64.146.136 FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - 72.64.146.136 FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - 72.64.146.136 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 1 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-05 19:01 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(4060) c:\program files\Logitech\MouseWare\System\LgWndHk.dll c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll c:\program files\Logitech\iTouch\iTchHk.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-07-05 19:04:11 ComboFix-quarantined-files.txt 2012-07-05 17:04 ComboFix2.txt 2012-07-05 12:50 . Pre-Run: 63.925.288.960 bytes beschikbaar Post-Run: 63.918.133.248 bytes beschikbaar . - - End Of File - - 850C1967BAAEF35E4BCD2755DCD1B815

ComboFix 12-07-05.02 - baco 05/07/2012 14:44:08.3.1 - x86 NETWORK Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1014.829 [GMT 2:00] Gestart vanuit: c:\documents and settings\baco\Bureaublad\ComboFix.exe AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66} . ADS - WINDOWS: deleted 192 bytes in 1 streams. . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP . . (((((((((((((((((((( Bestanden Gemaakt van 2012-06-05 to 2012-07-05 )))))))))))))))))))))))))))))) . . 2012-06-13 02:19 . 2012-06-13 02:19 -------- d-----w- c:\documents and settings\baco\Local Settings\Application Data\AVG Secure Search 2012-06-07 07:36 . 2012-06-07 07:36 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-06-07 07:36 . 2012-06-07 07:36 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-02 06:25 . 2012-04-02 01:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-02 06:25 . 2011-09-05 20:27 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-11 14:35 . 2011-01-07 03:43 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-04-23 12:17 . 2012-05-10 14:53 203088 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-04-12 03:27 . 2012-04-12 03:27 69640 ----a-w- c:\windows\system32\NLSSRV32.EXE 2012-04-12 03:26 . 2012-04-25 22:01 18440 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-06-16 21:51 . 2011-05-25 07:08 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-12 14:32 2068536 ----a-w- c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-12 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-10-14 3217368] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2012-01-17 2339168] "zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2003-12-01 892928] "Logitech Utility"="Logi_MwX.Exe" [2003-11-07 19968] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-06-12 1104440] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072] "RTHDCPL"="RTHDCPL.EXE" [2010-10-05 19580520] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-01-03 21:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2011-05-10 00:41 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2012-02-27 12:43 801792 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgam.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22-2-2011 8:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16-3-2011 16:03 32592] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [5-4-2011 0:59 297168] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12-7-2010 4:33 30432] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-1-2011 6:41 248656] S2 avgfws;AVG Firewall;c:\program files\AVG\AVG10\avgfws.exe [9-3-2011 19:24 2708024] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [31-1-2012 15:02 7391072] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8-2-2011 5:33 269520] S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [23-10-2011 19:19 12184] S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe [12-4-2012 5:27 175624] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\NLSSRV32.EXE [12-4-2012 5:27 69640] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [14-5-2012 22:40 632792] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [12-6-2012 16:32 935480] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [17-10-2010 22:28 1691480] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [11-5-2011 15:45 167264] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12-7-2010 4:33 30432] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14-4-2011 21:28 134480] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10-2-2011 7:53 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10-2-2011 7:53 27216] S3 BCM42XX;Broadcom iLine10-networkadapterstuurprogramma;c:\windows\system32\drivers\bcm42xx5.sys [17-10-2010 16:44 54271] S3 BCM44X2;Stuurprogramma voor BCM 10/100 ethernet-netwerkadapter;c:\windows\system32\drivers\BCM4E5.SYS [17-10-2010 16:41 26568] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7-1-2011 5:43 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25-4-2012 22:24 113120] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - LBEEPKE . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2012-07-01 c:\windows\Tasks\AVG PC Tuneup 2011 Integrator Scan and Repair.job - c:\program files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe [2011-05-22 20:04] . 2011-02-20 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2011-02-19 14:31] . 2011-02-20 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2011-02-19 14:31] . . ------- Bijkomende Scan ------- . uStart Page = about:blank uInternet Settings,ProxyServer = http=;ftp=;https=; IE: Download with &Media Finder - c:\program files\Media Finder\hook.html TCP: DhcpNameServer = 195.130.131.2 195.130.130.130 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\documents and settings\baco\Application Data\Mozilla\Firefox\Profiles\abzlbh6e.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - Google FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cbb473e&v=7.008.031.001&i=26&tp=ab&iy=&ychte=us&lng=en-US&q= FF - prefs.js: network.proxy.ftp - 72.64.146.136 FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - 72.64.146.136 FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - 72.64.146.136 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.type - 1 FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109980 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.id - 80c62355000000000000003005c8187a FF - user.js: extensions.BabylonToolbar_i.hardId - 80c62355000000000000003005c8187a FF - user.js: extensions.BabylonToolbar_i.instlDay - 15451 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1715:40 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-07-05 14:49 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . Voltooingstijd: 2012-07-05 14:50:29 ComboFix-quarantined-files.txt 2012-07-05 12:50 . Pre-Run: 63.956.410.368 bytes beschikbaar Post-Run: 63.937.642.496 bytes beschikbaar . - - End Of File - - 8A5653BB0FB14EA4885313BF3D22FFD6

Euh er staat toch duidelijk te lezen dat een log niet lukte omdat combofix vastliep? ---------- Post toegevoegd om 19:22 ---------- Vorige post was om 19:11 ---------- Ik heb zopas TDSSKiller uitgevoerd maar die vindt niks.

kape o kape where are you?

Ik wacht even de gouden raad af van de specialist die me hier helpt voor ik verdere stappen onderneem, toch bedankt.

Ik heb alle stappen uitgevoerd, Combofix detecteerde volgend virus (zie afbeelding). Combofix loopt vast bij één van de laatste stappen "verwijderen map windows32 cache" Ik heb dus helaas geen combofix-log.

Hallo, Recent had ik een hardnekkig virus op pc en moest ik spijtiggenoeg mijn windows XP terug installeren. De virusnaam ben ik even kwijt... Na alles opnieuw geinstalleerd te hebben vind ik mijn XP nogal onstabiel en ook het opstarten gaat trager dan vroeger. Hieronder vind je de log : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:37:57, on 3/07/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG10\avgfws.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe C:\WINDOWS\system32\NLSSRV32.EXE C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\avgam.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Registry Mechanic\RegMech.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\baco\Mijn documenten\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=;ftp=;https=; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - (no file) O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: StartupFaster O4 - Global Startup: StartupFaster O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional 7\NitroPDFDriverService2.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: vToolbarUpdater11.1.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- End of file - 8231 bytes