BWTimm
-
Items
6 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door BWTimm
-
-
Beste Kape,
Helaas blijft het probleem voortbestaan. Wel heb ik bij de geavanceerde instellingen van de Weergave, bij mijn AVG virusscanner, het vinkje weggehaald bij:
"Systeemvakmeldingen over statuswijziging van onderdelen weergeven."
Dit heeft tot gevolg dat nu op het AVH-icoontje geen uitroepteken meer verschijnt.
Doch dit geeft uiteraard geen snellere opstart.
Ik denk dat het goed is als ik me eerst eens verdiep in de totale opstartprocedure, want misschien wordt door WindowsFirewall mijn AVG-programma tegengewerkt bij het opstarten.
Mocht je nog meer tips kunnen geven, dan houd ik mij aanbevolen.
Met dank en hartelijke groet,
BWTimm
-
Kape Webstite Admin,
Heb de instructies uitgevoerd en de Snelle scan gedaan.
Er werd gemeld dat er geen kwaadaardige bestanden werden aangetroffen.
Hieronder staat de inhoud van de Log:
Malwarebytes' Anti-Malware 1.41
Database versie: 2816
Windows 5.1.2600 Service Pack 3
17-9-2009 18:37:54
mbam-log-2009-09-17 (18-37-54).txt
Scan type: Snelle Scan
Objecten gescand: 109452
Verstreken tijd: 6 minute(s), 37 second(s)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)
Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)
Ik heb de computer nog niet opgestart en weet dus nog niet of het verwijderen van bepaalde bestanden, het gewenste resultaat oplevert.
Mocht het probleem nog er nog steeds zijn, dan hoop ik terug te komen.
Ondertussen mijn hartelijke dank voor al de moeite die u zich getroost hebt.
BWTimm
-
Beste medewerker,
Ik heb de opgegeven link aangeklikt en de systeemscan geeft deze uitslag:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:49:28, on 16-9-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\2G\GBS Digitaal\apache\bin\apache.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\2G\GBS Digitaal\apache\bin\apache.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files\2G\GBS Digitaal\mysql\bin\mysqld-nt.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Sonic Shared\CineTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.kliksafe.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - *{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [iW_Drop_Icon] C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe /DropDisc
O4 - HKCU\..\Run: [instantTray] C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\RunOnce: [uniblueRegistryBooster] "launcher.exe" delay 20000
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\CineTray.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Slim selecteren - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1216371483586
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1216371658323
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} (DDRevision Class) - http://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
O16 - DPF: {CE8267C2-D41A-4A50-A69D-F32B5C289F14} (FileOpenInstaller) - http://plugin.fileopen.com/current/FileOpen.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E001C731-5E37-4538-A5CB-8168736A2360} (Confirmation) - http://91.199.104.31/cab/ActiveQscan.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: GBSApache - Apache Software Foundation - C:\Program Files\2G\GBS Digitaal\apache\bin\apache.exe
O23 - Service: GBSMySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
--
End of file - 10206 bytes
Ik hoop dat dit u wat zegt, voor mij is het meeste geheimtaal.
BVD
BWTimm
-
Stegisoft, hartelijk dank, maar ik heb in het configuratiescherm Windows Firewall reeds verschillende malen uitgeschakeld zonder resultaat.
Als proef heb ik mijn AVG uitgeschakeld via de taakbalk en Windows ingeschakeld via configuratiescherm. Op de taakbalk zie ik dan steeds enige seconden het icoon van AVG-firewall en direct daarna komt er een uitroepteken in het icoon te staan, ter waarschuwing. Pas na ca. 100 sec. verdwijnt het uitroepteken en staat er weer het schone AVG-icoontje. Wanneer ik dan via configuratiescherm de Windowsfirewall controleer, dan blijkt deze automatisch weer uitgeschakeld te zijn.
Wat ik ook probeer, het probleem blijft bestaan.
BWTimm.
-
Het opstarten van Windows XP duurt erg lang.
Ik denk dat dit veroorzaakt wordt doordat Windows Firewall conflicteert met mijn AVG Firewall.
Het duurt wel 100 sec. voordat de AVG-firewall actief is.
Wie kan mij hierin wat licht verschaffen?
BVD BWTimm
Firewall Windows en AVG
in Archief Windows Algemeen
Geplaatst:
Aan Kape
ComboFix 09-09-20.01 - B.W. Timmerarends 21-09-2009 12:41.1.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1016.528 [GMT 2:00]
Gestart vanuit: E:\ComboFix.exe
AV: AVG Internet Security *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\5b787.msi
c:\windows\system32\Data
c:\windows\system32\NTSVc.ocx
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-08-21 to 2009-09-21 ))))))))))))))))))))))))))))))
.
2009-09-17 16:00 . 2009-09-17 16:00 -------- d-----w- c:\documents and settings\B.W. Timmerarends\Application Data\Malwarebytes
2009-09-17 16:00 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-17 16:00 . 2009-09-17 16:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-17 16:00 . 2009-09-17 16:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-17 16:00 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-16 16:48 . 2009-09-16 16:48 -------- d-----w- c:\program files\Trend Micro
2009-09-15 20:39 . 2009-09-21 09:16 -------- d--h--r- c:\documents and settings\B.W. Timmerarends\Onlangs geopend
2009-09-15 18:25 . 2009-09-15 18:25 -------- d-----w- c:\documents and settings\B.W. Timmerarends\Application Data\Uniblue
2009-09-08 13:19 . 2009-09-14 07:50 -------- d-----w- c:\documents and settings\B.W. Timmerarends\Application Data\HpUpdate
2009-09-08 13:19 . 2009-09-08 13:19 -------- d-----w- c:\windows\Hewlett-Packard
2009-09-08 12:49 . 2009-09-08 12:49 262144 ----a-w- c:\windows\system32\default_user_class.dat
2009-09-08 08:30 . 2009-09-17 12:00 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-07 19:53 . 2009-09-07 19:53 -------- d-----w- c:\program files\UPHClean
2009-09-07 10:31 . 2009-09-07 10:31 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2009-09-07 07:16 . 2009-09-07 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Fighters
2009-09-04 20:46 . 2009-09-04 20:46 -------- d-----w- c:\program files\ESET
2009-09-04 12:06 . 2009-09-08 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-09-04 12:06 . 2009-09-04 14:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-09-02 19:21 . 2009-09-02 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\SurfRight
2009-08-27 14:20 . 2009-08-27 14:20 -------- d-----w- c:\documents and settings\B.W. Timmerarends\Local Settings\Application Data\SupportSoft
2009-08-27 14:20 . 2009-08-27 14:20 -------- d-----w- c:\program files\Common Files\SupportSoft
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-19 15:29 . 2008-08-09 19:40 2423 -c--a-w- c:\windows\NewRecorder.reg
2009-09-19 15:29 . 2008-08-09 19:40 1866853 -c--a-w- c:\windows\Recorder.reg
2009-09-07 12:32 . 2008-10-11 17:40 -------- d-----w- c:\program files\Acro Software
2009-09-07 12:27 . 2008-07-21 17:40 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-27 15:14 . 2009-07-16 16:33 -------- d-----w- c:\program files\KPN Mobile Connect
2009-08-05 09:01 . 2001-09-07 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 06:51 . 2009-01-20 20:46 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-07-31 06:51 . 2009-01-20 20:46 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-07-31 06:51 . 2009-01-20 20:46 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-07-30 12:07 . 2009-07-30 12:07 -------- d-----w- c:\program files\TomTom International B.V
2009-07-30 12:06 . 2008-10-22 11:22 -------- d-----w- c:\program files\TomTom HOME 2
2009-07-17 19:04 . 2001-09-07 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 07:08 . 2009-07-17 07:03 123378 ----a-w- c:\windows\hpqins00.dat
2009-07-16 16:49 . 2001-09-07 12:00 69614 ----a-w- c:\windows\system32\perfc013.dat
2009-07-16 16:49 . 2001-09-07 12:00 442318 ----a-w- c:\windows\system32\perfh013.dat
2009-07-13 21:43 . 2004-08-04 08:03 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:00 . 2001-09-07 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 08:27 . 2001-09-07 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:27 . 2001-09-07 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:27 . 2001-09-07 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:27 . 2001-09-07 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:27 . 2001-09-07 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:27 . 2001-09-07 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-24 11:18 . 2001-09-07 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2007-09-17 12:16 . 2008-07-23 10:56 2686232 -c--a-w- c:\program files\vcredist_x86.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-09-02 09:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-19 247144]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-23 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IW_Drop_Icon"="c:\program files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe" [2004-07-30 1123840]
"InstantTray"="c:\program files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe" [2004-05-06 772096]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2002-07-26 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2002-07-26 114688]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-09-18 2022680]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2005-05-03 64512]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-1-21 65588]
Sonic CinePlayer Quick Launch.lnk - c:\program files\Common Files\Sonic Shared\CineTray.exe [2006-7-25 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 06:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\AVG\\AVG8\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [20-1-2009 22:46 12552]
R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1-8-2003 15:47 29239]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [20-1-2009 22:46 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [20-1-2009 22:46 108552]
R1 vobiw;vobiw;c:\windows\system32\drivers\vobIW.sys [6-7-2004 18:06 188416]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [20-1-2009 22:46 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [25-4-2009 14:09 1370488]
R2 GBSApache;GBSApache;c:\program files\2G\GBS Digitaal\apache\bin\apache.exe [9-11-2006 10:39 16896]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [19-8-2009 17:37 92008]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [20-1-2009 22:45 29208]
R3 cdrdrv;Cdrdrv;c:\windows\system32\drivers\Cdrdrv.sys [3-8-2004 12:10 62976]
S1 ctredr15.sys;ctredr15.sys;\??\c:\windows\system32\drivers\ctredr15.sys --> c:\windows\system32\drivers\ctredr15.sys [?]
S2 GBSMySQL;GBSMySQL;"c:\program files\2G\GBS Digitaal\mysql\bin\mysqld-nt" "--defaults-file=c:\program files\2G\GBS Digitaal\mysql\bin\myGBS.cnf" GBSMySQL --> c:\program files\2G\GBS Digitaal\mysql\bin\mysqld-nt [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [20-1-2009 22:45 29208]
S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]
--- Andere Services/Drivers In Geheugen ---
*Deregistered* - uphcleanhlp
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Inhoud van de 'Gedeelde Taken' map
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.nl/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = proxy.kliksafe.nl:8080
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: 127.0.0.1
Trusted Zone: localhost
DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} - hxxp://www.kerkomroep.nl/ocx/sIKNPlayer.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {E001C731-5E37-4538-A5CB-8168736A2360} - hxxp://91.199.104.31/cab/ActiveQscan.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-09-21 12:49
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GBSMySQL]
"ImagePath"="\"c:\program files\2G\GBS Digitaal\mysql\bin\mysqld-nt\" \"--defaults-file=c:\program files\2G\GBS Digitaal\mysql\bin\myGBS.cnf\" GBSMySQL"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
[HKEY_USERS\S-1-5-21-448539723-220523388-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Voltooingstijd: 2009-09-21 12:51
ComboFix-quarantined-files.txt 2009-09-21 10:51
Pre-Run: 32.015.347.712 bytes beschikbaar
Post-Run: 32.068.464.640 bytes beschikbaar
176 --- E O F --- 2009-09-09 07:12
Kape, ik hoop dat dit logje meer inzicht geeft.
BWTimm