ruud jansen
-
Items
30 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door ruud jansen
-
WLM9 is op beide pc's al dagen niet meer weggevallen! Probleem lag, zoals al gedacht, dus 100% aan WLM9 en niet aan mijn pc's. Enige wat ik vreemd vind, was dat ik d'r op internet niks over tegenkwam...
-
Misschien dat jullie hier iets aan hebben: Ik krijg of helemaal geen foutmelding of de volgende foutmelding: Kan beschrijving voor gebeurtenis-ID (1000) in bron (Windows Live Messenger) niet vinden. De lokale computer beschikt wellicht niet over de benodigde registergegevens of DLL-berichtbestanden om berichten van een externe computer te kunnen weergeven. U kunt mogelijk de schakeloptie /AUXSOURCE= gebruiken om deze beschrijving op te halen, zie Help en ondersteuning voor details. De volgende gegevens zijn deel van de gebeurtenis: msnmsgr.exe, 14.0.8089.726, 4a6ce533, kernel32.dll, 5.1.2600.5781, 49c4f537, 0, 00012afb.
-
Dat jullie er door de diversiteit van de moeilijkheden niet echt achter komen waar de specifieke oorzaak ligt, begrijp ik volkomen. Ik vind het al heel fijn dat jullie tijd en moeite steken in andermans problemen; daarvoor mijn dank.
-
Helaas is WLM9 zojuist toch weer 's weggevallen op deze pc; 1 keer na 2 dagen valt mee; ik ben erger gewend... Op m'n andere pc (waar geen hijackthis e.d. op gedraaid hebben) echter ook pas 2 keer 1 van de 4 msn's die ik steeds opstart. Een vriend van mij heeft ook het probleem dat WLM9 soms ineens wegvalt. WLM9 slaat echter niet meer vast wat tot voor kort ook regelmatig gebeurde. Het gevoel dat de fout niet bij mijn pc's ligt maar bij WLM9 (mogelijk in combinatie met de patches), bekruipt mij steeds meer. Al vind ik het wel weer vreemd dat ik d'r op internet niets over kan vinden. Hebben de deskundigen hier, misschien nog advies of enig idee wat nu de oorzaak is van het plotseling wegvallen van WLM9?
-
Baat het niet dan schaadt het niet he! Maar bidden, hopen en kaarsjes aansteken is iets voor in de kerk; ik zou liever weten hoe het mogelijk is dat WLM ineens weg kan vallen.
-
Vreemd, vreemd, vreemd! Sinds gistermiddag een uur of half 3 is WLM nog niet weggevallen of vastgeslagen op deze pc! Ook op mijn andere pc is er sinds gisteravond nog niets raars gebeurd met WLM, alles loopt ook nog steeds.
-
Het eerste wat ik gedaan heb nadat ik erachter kwam dat WML niet meer werkt zoals het moet, was teruggaan naar een eerdere datum met systeemherstel. Dit had echter geen effect!
-
Helaas is het probleem nog niet opgelost, 1 van de 4 WLM's is nu alweer weggevallen! Het probleem is er pas sinds de update van WLM8.5 naar 9.
-
Nou, in ieder geval al vast bedankt voor de moeite; ik zal jullie zeker op de hoogte houden. Gr. Ruud
-
Hier dan het nieuwe logje. Wat Agv Remover betreft, hiermee heb ik AGV verwijderd toen ik Avast had geïnstalleerd; deze heeft blijkbaar toch wat filetjes op de pc laten staan. En ik kraai nog geen victorie hoor! Ik zei alleen: geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me. Gr. Ruud ComboFix 09-12-02.05 - ruud 03-12-2009 11:49.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.104 [GMT 1:00] Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091203-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-03 to 2009-12-03 )))))))))))))))))))))))))))))) . 2009-12-03 10:42 . 2009-12-03 10:44 -------- d-----w- C:\32788R22FWJFW 2009-12-02 15:42 . 2009-12-02 18:07 -------- d-----w- c:\program files\Windows Live 2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3 2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe 2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe 2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit 2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe 2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe 2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner 2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe 2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft 2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities 2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer 2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe 2009-11-06 21:44 . 2009-12-03 10:55 -------- d-----w- c:\documents and settings\ruud\Tracing 2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft 2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-03 05:53 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter 2009-12-02 17:51 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg 2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan 2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera 2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free 2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus 2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat 2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker 2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java 2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat 2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat 2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu 2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder 2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft 2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound 2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg 2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg 2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "ctfmon.exe"=c:\windows\system32\ctfmon.exe "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Apoint"=c:\program files\Apoint2K\Apoint.exe "Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe "eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start "iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName "PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\WinMX\\WinMX.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896] S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408] S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088] . Inhoud van de 'Gedeelde Taken' map 2009-12-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21] 2009-12-03 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-03 12:03 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(756) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'explorer.exe'(2848) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-12-03 12:08 ComboFix-quarantined-files.txt 2009-12-03 11:08 ComboFix2.txt 2009-12-03 10:32 ComboFix3.txt 2009-12-02 17:14 ComboFix4.txt 2009-12-02 16:30 ComboFix5.txt 2009-12-03 10:44 Pre-Run: 63.542.480.896 bytes beschikbaar Post-Run: 63.531.368.448 bytes beschikbaar - - End Of File - - 5CCE944F6D5E38B9799A7630A6D044E4
-
De afgelopen 12 uur is WLM niet weggevallen of vastgelopen; geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me. Wat Java betreft, ik heb enkel de versie die jij aangeeft "Java SE Runtime Environment (JRE) 6 Update 17" op pc staan. Ik laat Combofix nogmaals draaien en post het logje weer.
-
Hoi Kape, Fouten maken is menselijk he! Maar ik moet zo even weg, ik doe het straks of anders morgen op m'n gemak, anders wordt het haastwerk en dat is nooit goed he. Ik post het filetje wel weer. In ieder geval alvast hartstikke bedankt voor de moeite. Gr. Ruud
-
ComboFix 09-12-02.03 - ruud 02-12-2009 17:43.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.106 [GMT 1:00] Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091202-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: "c:\program files\AVG\AVG8\avgemc.exe" "c:\program files\AVG\AVG8\avgwdsvc.exe" "c:\windows\system32\drivers\avgldx86.sys" "c:\windows\system32\drivers\avgtdix.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\AVG c:\program files\AVG\AVG8\avg7api.dll c:\program files\AVG\AVG8\avgabout.dll c:\program files\AVG\AVG8\avgamnot.dll c:\program files\AVG\AVG8\avgapix.dll c:\program files\AVG\AVG8\avgatend.stp c:\program files\AVG\AVG8\avgatupd.stp c:\program files\AVG\AVG8\avgcclix.dll c:\program files\AVG\AVG8\avgcfgex.exe c:\program files\AVG\AVG8\avgcfgx.dll c:\program files\AVG\AVG8\avgchk.exe c:\program files\AVG\AVG8\avgclitx.dll c:\program files\AVG\AVG8\avgcmgr.exe c:\program files\AVG\AVG8\avgcorex.dll c:\program files\AVG\AVG8\avgcrlpx.dll c:\program files\AVG\AVG8\avgcsrvx.exe c:\program files\AVG\AVG8\avgdumpx.exe c:\program files\AVG\AVG8\avgemc.exe c:\program files\AVG\AVG8\avgfrw.exe c:\program files\AVG\AVG8\avginet.dll c:\program files\AVG\AVG8\avgiproxy.exe c:\program files\AVG\AVG8\avglngx.dll c:\program files\AVG\AVG8\avglogx.dll c:\program files\AVG\AVG8\avgmail.dll c:\program files\AVG\AVG8\avgmvflx.dll c:\program files\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\avgoff2k.dll c:\program files\AVG\AVG8\avgpp.dll c:\program files\AVG\AVG8\avgresf.dll c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgscanx.dll c:\program files\AVG\AVG8\avgscanx.exe c:\program files\AVG\AVG8\avgsched.dll c:\program files\AVG\AVG8\avgse.dll c:\program files\AVG\AVG8\avgsrmax.exe c:\program files\AVG\AVG8\avgsrmx.dll c:\program files\AVG\AVG8\avgssie.dll c:\program files\AVG\AVG8\avgtray.exe c:\program files\AVG\AVG8\avgui.exe c:\program files\AVG\AVG8\avguiadv.dll c:\program files\AVG\AVG8\avguires.dll c:\program files\AVG\AVG8\avgupd.dll c:\program files\AVG\AVG8\avgupd.exe c:\program files\AVG\AVG8\avgvvx.dll c:\program files\AVG\AVG8\avgwd.dll c:\program files\AVG\AVG8\avgwdsvc.exe c:\program files\AVG\AVG8\avgwdwsc.dll c:\program files\AVG\AVG8\avgxch32.dll c:\program files\AVG\AVG8\avgxpl.dll c:\program files\AVG\AVG8\commonpub.log c:\program files\AVG\AVG8\commonpub.log.lock c:\program files\AVG\AVG8\dbghelp.dll c:\program files\AVG\AVG8\fixcfg.exe c:\program files\AVG\AVG8\fixfp.exe c:\program files\AVG\AVG8\libsasl.dll c:\program files\AVG\AVG8\Notification\arrow.gif c:\program files\AVG\AVG8\Notification\arrow.png c:\program files\AVG\AVG8\Notification\bg.png c:\program files\AVG\AVG8\Notification\bullet.gif c:\program files\AVG\AVG8\Notification\button_left.png c:\program files\AVG\AVG8\Notification\button_left_hover.png c:\program files\AVG\AVG8\Notification\button_right.png c:\program files\AVG\AVG8\Notification\button_right_hover.png c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_fr.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_it.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_nl.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_pt.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_sp.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_us.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_fr.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_it.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_nl.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_pt.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_sp.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_us.html c:\program files\AVG\AVG8\Notification\free8085_message_01_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_01_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_01_it.html c:\program files\AVG\AVG8\Notification\free8085_message_01_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_01_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_01_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_01_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_01_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_01_us.html c:\program files\AVG\AVG8\Notification\free8085_message_02_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_02_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_02_it.html c:\program files\AVG\AVG8\Notification\free8085_message_02_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_02_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_02_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_02_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_02_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_02_us.html c:\program files\AVG\AVG8\Notification\free8085_message_03_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_03_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_03_it.html c:\program files\AVG\AVG8\Notification\free8085_message_03_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_03_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_03_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_03_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_03_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_03_us.html c:\program files\AVG\AVG8\Notification\free8085_message_us.html c:\program files\AVG\AVG8\Notification\head_blue_bg.png c:\program files\AVG\AVG8\Notification\head_red_bg.png c:\program files\AVG\AVG8\Notification\head_yellow_bg.png c:\program files\AVG\AVG8\Notification\icon_bulb.gif c:\program files\AVG\AVG8\Notification\image_app_-de.png c:\program files\AVG\AVG8\Notification\image_app_-en.png c:\program files\AVG\AVG8\Notification\image_app_-fr.png c:\program files\AVG\AVG8\Notification\image_app_-it.png c:\program files\AVG\AVG8\Notification\image_app_-jp.png c:\program files\AVG\AVG8\Notification\image_app_-la-es.png c:\program files\AVG\AVG8\Notification\image_app_-nl.png c:\program files\AVG\AVG8\Notification\image_app_-pl.png c:\program files\AVG\AVG8\Notification\image_app_-pt-br.png c:\program files\AVG\AVG8\Notification\image_shield.png c:\program files\AVG\AVG8\Notification\logo_avg8.gif c:\program files\AVG\AVG8\Notification\shield.gif c:\program files\AVG\AVG8\Notification\style.css c:\program files\AVG\AVG8\saslcrammd5.dll c:\program files\AVG\AVG8\sasldigestmd5.dll c:\program files\AVG\AVG8\sasllogin.dll c:\program files\AVG\AVG8\saslplain.dll c:\program files\AVG\AVG8\setup.exe c:\windows\system32\drivers\avgldx86.sys c:\windows\system32\drivers\avgtdix.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AVG8EMC -------\Legacy_AVG8WD -------\Legacy_AVGLDX86 -------\Legacy_AVGTDIX -------\Service_avg8emc -------\Service_avg8wd -------\Service_AvgLdx86 -------\Service_AvgTdiX (((((((((((((((((((( Bestanden Gemaakt van 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))) . 2009-12-02 15:42 . 2009-12-02 15:43 -------- d-----w- c:\program files\Windows Live 2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3 2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe 2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe 2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit 2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe 2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe 2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner 2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe 2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft 2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities 2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer 2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe 2009-11-06 21:44 . 2009-12-02 15:59 -------- d-----w- c:\documents and settings\ruud\Tracing 2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft 2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-02 17:01 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter 2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-02 12:38 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg 2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan 2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera 2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free 2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus 2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat 2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker 2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java 2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat 2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat 2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu 2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder 2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft 2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound 2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg 2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg 2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-02_14.22.17 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-02 15:50 . 2009-12-02 15:50 16384 c:\windows\Temp\Perflib_Perfdata_75c.dat + 2009-12-02 16:58 . 2009-12-02 16:58 16384 c:\windows\Temp\Perflib_Perfdata_734.dat + 2009-12-02 16:59 . 2009-12-02 16:59 16384 c:\windows\Temp\Perflib_Perfdata_5c4.dat + 2009-12-02 15:43 . 2009-12-02 15:43 27136 c:\windows\Installer\7a19b9.msi + 2009-12-02 15:42 . 2009-12-02 15:42 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe - 2009-12-02 06:46 . 2009-12-02 06:46 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe - 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe + 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe + 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-12-02 15:44 . 2009-12-02 15:44 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe - 2009-12-02 06:47 . 2009-12-02 06:47 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe + 2009-12-02 15:44 . 2009-12-02 15:44 430080 c:\windows\Installer\7a19bf.msi + 2009-12-02 15:42 . 2009-12-02 15:42 152576 c:\windows\Installer\7a19b4.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-12-02 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-01-31 07:23 10520 ------w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "ctfmon.exe"=c:\windows\system32\ctfmon.exe "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Apoint"=c:\program files\Apoint2K\Apoint.exe "Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe "eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start "iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName "PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\WinMX\\WinMX.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896] S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408] S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088] . Inhoud van de 'Gedeelde Taken' map 2009-12-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21] 2009-12-02 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-02 18:00 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(760) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'explorer.exe'(2764) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\rundll32.exe c:\program files\SPAMfighter\SFAgent.exe c:\program files\Outlook Express\msimn.exe . ************************************************************************** . Voltooingstijd: 2009-12-02 18:14 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-02 17:13 ComboFix2.txt 2009-12-02 16:30 ComboFix3.txt 2009-12-02 14:26 Pre-Run: 64.267.436.032 bytes beschikbaar Post-Run: 64.108.605.440 bytes beschikbaar - - End Of File - - B5DF745A9BD13C23C58DF78518B0BE22
-
Combofix is nu opnieuwaan het scannen; ik post het nieuwe log wel hier.
-
Volgens Combofix is AVG inderdaad nog op de een of andere manier actief; dit is dan al zeker een jaar het geval, al van ver voor de problemen met WLM; deze zijn er pas sinds sinds de update van 8.5 naar 9. Combofix is nu opnieuw aan't scannen; ik post het nieuwe log hier wel. Of de problemen nu zijn opgelost, kan ik pas na verloop van tijd zeggen; soms slaat WLM binnen een half uur vast, soms gaat het ook 12 uur goed...
-
Wat ik trouwens zo vreselijk vreemd vind, is dat ik op beide pc's (die overigens niet gekoppeld zijn, dus los van elkaar functioneren) het probleem heb dat WLM ineens wegvalt of vastslaat terwijl ik d'r op internet niets over tegenkom.
-
Als ComboFix klaar is post ik het, is aant draaien. ---------- Post toegevoegd om 15:30 ---------- Vorige post was om 15:22 ---------- Hier is dan het log van Combofix: ComboFix 09-12-02.01 - ruud 02-12-2009 15:07.1.1 - x86 Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 091202-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\ruud\Local Settings\Temporary Internet Files\bmp1320.tmp c:\recycler\S-1-5-21-4364546919-5534997583-500861197-7402 c:\recycler\S-1-5-21-7338170345-1075603872-482753547-2650 c:\windows\system32\rpcss(2)(2).dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))) . 2009-12-02 13:00 . 2009-12-02 13:20 -------- d-----w- c:\program files\Messenger Plus! Live 2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe 2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe 2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-12-02 06:45 . 2009-12-02 06:50 -------- d-----w- c:\program files\Windows Live 2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit 2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe 2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe 2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner 2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe 2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft 2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities 2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer 2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe 2009-11-06 21:44 . 2009-12-02 13:31 -------- d-----w- c:\documents and settings\ruud\Tracing 2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft 2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-02 13:31 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter 2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-02 12:38 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg 2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan 2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera 2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free 2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus 2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat 2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker 2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java 2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat 2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat 2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu 2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder 2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft 2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound 2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg 2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg 2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-12-02 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-01-31 07:23 10520 ------w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "ctfmon.exe"=c:\windows\system32\ctfmon.exe "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Apoint"=c:\program files\Apoint2K\Apoint.exe "Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe "eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start "iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName "PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 "AVG8_TRAY"=c:\progra~1\AVG\AVG8\avgtray.exe "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\WinMX\\WinMX.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768] R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12-12-2008 5:19 PM 107272] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12-12-2008 5:19 PM 325128] S2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [14-12-2008 8:19 AM 903960] S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [14-12-2008 8:19 AM 298264] S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408] S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088] . Inhoud van de 'Gedeelde Taken' map 2009-12-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21] 2009-12-02 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS VERWIJDERD - - - - AddRemove-Broadcom 802.11b Network Adapter - c:\windows\system32\BCMWLU00.exe verbose AddRemove-NVIDIA nForce Drivers - c:\windows\system32\nvuninst.exe Uninstall AddRemove-SPAMfighter - c:\program files\SPAMfighter\uninstall.exe Remove AddRemove-{98E8A2EF-4EAE-43B8-A172-74842B764777} - c:\program files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe REMOVEALL ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-02 15:22 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(764) c:\program files\SUPERAntiSpyware\SASWINLO.dll . Voltooingstijd: 2009-12-02 15:26 ComboFix-quarantined-files.txt 2009-12-02 14:26 Pre-Run: 62.105.796.608 bytes beschikbaar Post-Run: 64.400.699.392 bytes beschikbaar - - End Of File - - 0F4B8E00CB728510CD0C8E497AB0BE10
-
Hoi Kape, Alvast bedankt voor de snelle reactie! AVG is al een hele tijd geleden verwijderd; wat d'r nog instaat zijn niet meer werkende restanten. De door jou aangegeven files zal ik eens verwijderen. Ik ben benieuwd of WLM dan wel goed werkt. Gr. Ruud
-
Ok Angel, alvast bedankt, Gr. Ruud Logfile of random's system information tool 1.06 (written by random/random) Run by ruud at 2009-12-01 23:42:41 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 55 GB (58%) free of 95 GB Total RAM: 511 MB (2% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:44:49, on 1-12-2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16915) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\windows\System32\svchost.exe C:\windows\system32\svchost.exe C:\windows\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\windows\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\windows\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\SPAMfighter\sfus.exe C:\windows\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\windows\AGRSMMSG.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\windows\system32\rundll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\SPAMfighter\SFAgent.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\windows\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe C:\windows\system32\mmc.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Opera\Opera.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\taskmgr.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\windows\system32\mmc.exe C:\Documents and Settings\ruud\Mijn documenten\downloads\RSIT.exe C:\Documents and Settings\ruud\Mijn documenten\downloads\RSIT.exe C:\Program Files\Trend Micro\HijackThis\ruud.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=NL_NL&c=Q105&bd=presario&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O1 - Hosts: 65.75.216.6 www.winmx.com err.winmx.com O1 - Hosts: 205.238.40.54 www.winmx.com err.winmx.com O1 - Hosts: 65.75.216.6 cache0.winmx.com test3201.winmx.com test3206.winmx.com O1 - Hosts: 65.75.216.7 cache1.winmx.com test3202.winmx.com test3207.winmx.com O1 - Hosts: 82.43.229.238 cache2.winmx.com test3203.winmx.com test3208.winmx.com O1 - Hosts: 205.238.40.1 cache3.winmx.com test3204.winmx.com O1 - Hosts: 205.238.40.2 cache4.winmx.com test3205.winmx.com O1 - Hosts: 65.75.216.6 c3310.z1301.winmx.com c3310.z1302.winmx.com c3310.z1303.winmx.com c3310.z1304.winmx.com c3310.z1305.winmx.com c3310.z1306.winmx.com O1 - Hosts: 65.75.216.6 c3311.z1301.winmx.com c3311.z1302.winmx.com c3311.z1303.winmx.com c3311.z1304.winmx.com c3311.z1305.winmx.com c3311.z1306.winmx.com O1 - Hosts: 65.75.216.6 c3312.z1301.winmx.com c3312.z1302.winmx.com c3312.z1303.winmx.com c3312.z1304.winmx.com c3312.z1305.winmx.com c3312.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3313.z1301.winmx.com c3313.z1302.winmx.com c3313.z1303.winmx.com c3313.z1304.winmx.com c3313.z1305.winmx.com c3313.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3314.z1301.winmx.com c3314.z1302.winmx.com c3314.z1303.winmx.com c3314.z1304.winmx.com c3314.z1305.winmx.com c3314.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3315.z1301.winmx.com c3315.z1302.winmx.com c3315.z1303.winmx.com c3315.z1304.winmx.com c3315.z1305.winmx.com c3315.z1306.winmx.com O1 - Hosts: 82.43.229.238 c3316.z1301.winmx.com c3316.z1302.winmx.com c3316.z1303.winmx.com c3316.z1304.winmx.com c3316.z1305.winmx.com c3316.z1306.winmx.com O1 - Hosts: 82.43.229.238 c3317.z1301.winmx.com c3317.z1302.winmx.com c3317.z1303.winmx.com c3317.z1304.winmx.com c3317.z1305.winmx.com c3317.z1306.winmx.com O1 - Hosts: 205.238.40.1 c3318.z1301.winmx.com c3318.z1302.winmx.com c3318.z1303.winmx.com c3318.z1304.winmx.com c3318.z1305.winmx.com c3318.z1306.winmx.com O1 - Hosts: 205.238.40.2 c3319.z1301.winmx.com c3319.z1302.winmx.com c3319.z1303.winmx.com c3319.z1304.winmx.com c3319.z1305.winmx.com c3319.z1306.winmx.com O1 - Hosts: 65.75.216.6 c3520.z1301.winmx.com c3520.z1302.winmx.com c3520.z1303.winmx.com c3520.z1304.winmx.com c3520.z1305.winmx.com c3520.z1306.winmx.com O1 - Hosts: 65.75.216.6 c3521.z1301.winmx.com c3521.z1302.winmx.com c3521.z1303.winmx.com c3521.z1304.winmx.com c3521.z1305.winmx.com c3521.z1306.winmx.com O1 - Hosts: 65.75.216.6 c3522.z1301.winmx.com c3522.z1302.winmx.com c3522.z1303.winmx.com c3522.z1304.winmx.com c3522.z1305.winmx.com c3522.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3523.z1301.winmx.com c3523.z1302.winmx.com c3523.z1303.winmx.com c3523.z1304.winmx.com c3523.z1305.winmx.com c3523.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3524.z1301.winmx.com c3524.z1302.winmx.com c3524.z1303.winmx.com c3524.z1304.winmx.com c3524.z1305.winmx.com c3524.z1306.winmx.com O1 - Hosts: 65.75.216.7 c3525.z1301.winmx.com c3525.z1302.winmx.com c3525.z1303.winmx.com c3525.z1304.winmx.com c3525.z1305.winmx.com c3525.z1306.winmx.com O1 - Hosts: 82.43.229.238 c3526.z1301.winmx.com c3526.z1302.winmx.com c3526.z1303.winmx.com c3526.z1304.winmx.com c3526.z1305.winmx.com c3526.z1306.winmx.com O1 - Hosts: 82.43.229.238 c3527.z1301.winmx.com c3527.z1302.winmx.com c3527.z1303.winmx.com c3527.z1304.winmx.com c3527.z1305.winmx.com c3527.z1306.winmx.com O1 - Hosts: 205.238.40.1 c3528.z1301.winmx.com c3528.z1302.winmx.com c3528.z1303.winmx.com c3528.z1304.winmx.com c3528.z1305.winmx.com c3528.z1306.winmx.com O1 - Hosts: 205.238.40.2 c3529.z1301.winmx.com c3529.z1302.winmx.com c3529.z1303.winmx.com c3529.z1304.winmx.com c3529.z1305.winmx.com c3529.z1306.winmx.com O1 - Hosts: 65.75.216.6 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com O1 - Hosts: 205.238.40.54 winmx-com.winmxgroup.com winmx-com-v30.winmxgroup.com O1 - Hosts: 65.75.216.6 test0.winmxgroup.net test5.winmxgroup.net O1 - Hosts: 65.75.216.7 test1.winmxgroup.net test6.winmxgroup.net O1 - Hosts: 82.43.229.238 test2.winmxgroup.net O1 - Hosts: 205.238.40.1 test3.winmxgroup.net O1 - Hosts: 205.238.40.2 test4.winmxgroup.net O1 - Hosts: 65.75.216.6 cache0.winmxgroup.com cache5.winmxgroup.com cache0.winmxgroup.net cache5.winmxgroup.net cache10.winmxgroup.net cache15.winmxgroup.net O1 - Hosts: 65.75.216.7 cache1.winmxgroup.com cache6.winmxgroup.com cache1.winmxgroup.net cache6.winmxgroup.net cache11.winmxgroup.net cache16.winmxgroup.net O1 - Hosts: 82.43.229.238 cache2.winmxgroup.com cache7.winmxgroup.com cache2.winmxgroup.net cache7.winmxgroup.net cache12.winmxgroup.net cache17.winmxgroup.net O1 - Hosts: 205.238.40.1 cache3.winmxgroup.com cache8.winmxgroup.com cache3.winmxgroup.net cache8.winmxgroup.net cache13.winmxgroup.net cache18.winmxgroup.net O1 - Hosts: 205.238.40.2 cache4.winmxgroup.com cache9.winmxgroup.com cache4.winmxgroup.net cache9.winmxgroup.net cache14.winmxgroup.net cache19.winmxgroup.net O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [Gadwin PrintScreen 3.1] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: E-mail.lnk = ? O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BTTray.lnk.disabled O4 - Global Startup: HP Digital Imaging Monitor.lnk.disabled O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Microsoft Office.lnk.disabled O4 - Global Startup: Nokia Nseries PC Suite.lnk.disabled O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1229098692046 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: avgrsstarter - C:\windows\SYSTEM32\avgrsstx.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe O23 - Service: iPod-service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe O23 - Service: TipCtrl - Utipu inc. - C:\Program Files\uTIPu\TipCtrl.exe -- End of file - 14174 bytes ======Scheduled tasks folder====== C:\windows\tasks\GlaryInitialize.job C:\windows\tasks\MP Scheduled Scan.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AGRSMMSG"=C:\windows\AGRSMMSG.exe [2004-09-04 88363] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584] "NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles [] "BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent [] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-09-15 81000] "SPAMfighter Agent"=C:\Program Files\SPAMfighter\SFAgent.exe [2009-03-12 326792] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2005-09-27 1073152] "ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-12-01 3883856] C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten Adobe Reader Snelle start.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe BTTray.lnk.disabled - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe HP Digital Imaging Monitor.lnk.disabled - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Microsoft Office.lnk.disabled - C:\Program Files\Microsoft Office\Office\OSA9.EXE Nokia Nseries PC Suite.lnk.disabled - C:\Program Files\Nokia\NNPCS\RunLauncher.exe C:\Documents and Settings\ruud\Menu Start\Programma's\Opstarten E-mail.lnk - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter] C:\windows\system32\avgrsstx.dll [2009-01-31 10520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\WinMX\WinMX.exe"="C:\Program Files\WinMX\WinMX.exe:*:Enabled:WinMX Application" "C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 1 voor winmx354beta4.zip\WinMX.exe"="C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 1 voor winmx354beta4.zip\WinMX.exe:*:Enabled:WinMX Application" "C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 4 voor winmx354beta4.zip\WinMX.exe"="C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 4 voor winmx354beta4.zip\WinMX.exe:*:Enabled:WinMX Application" "C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 2 voor winmx354beta4.zip\WinMX.exe"="C:\Documents and Settings\ruud\Local Settings\Temp\Tijdelijke map 2 voor winmx354beta4.zip\WinMX.exe:*:Enabled:WinMX Application" "C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process " "C:\Program Files\Nokia\Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater" "C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser" "C:\Program Files\LimeWire Plus\LimeWire.exe"="C:\Program Files\LimeWire Plus\LimeWire.exe:*:Enabled:LimeWire" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2009-12-01 23:42:41 ----D---- C:\rsit 2009-11-25 15:16:01 ----HDC---- C:\windows\$NtUninstallKB976098-v2$ 2009-11-25 15:15:04 ----HDC---- C:\windows\$NtUninstallKB973687$ 2009-11-25 14:25:23 ----D---- C:\Program Files\CCleaner 2009-11-16 12:12:21 ----D---- C:\Documents and Settings\ruud\Application Data\GlarySoft 2009-11-16 11:56:20 ----D---- C:\Program Files\Glary Utilities 2009-11-15 12:06:02 ----HDC---- C:\windows\$NtUninstallKB969947$ 2009-11-12 20:26:20 ----HDC---- C:\windows\$NtUninstallKB961503$ 2009-11-07 11:26:45 ----D---- C:\Program Files\Windows Journal Viewer 2009-11-06 22:40:11 ----D---- C:\Program Files\Microsoft Silverlight 2009-11-06 22:32:04 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition 2009-11-06 22:22:53 ----D---- C:\Program Files\Microsoft 2009-11-06 22:20:44 ----D---- C:\Program Files\Windows Live SkyDrive 2009-11-06 22:05:40 ----D---- C:\Program Files\Common Files\Windows Live 2009-11-04 01:44:02 ----A---- C:\windows\system32\javaws.exe 2009-11-04 01:44:01 ----A---- C:\windows\system32\javaw.exe 2009-11-04 01:43:58 ----A---- C:\windows\system32\java.exe ======List of files/folders modified in the last 1 months====== 2009-12-01 23:43:48 ----D---- C:\windows\Prefetch 2009-12-01 23:43:27 ----D---- C:\windows\Temp 2009-12-01 20:18:10 ----D---- C:\windows\system32\CatRoot2 2009-12-01 20:18:08 ----SD---- C:\windows\Tasks 2009-12-01 20:17:03 ----D---- C:\Program Files\SPAMfighter 2009-12-01 20:13:54 ----A---- C:\windows\SchedLgU.Txt 2009-12-01 15:26:04 ----D---- C:\Documents and Settings\ruud\Application Data\Zipeg 2009-12-01 15:12:14 ----D---- C:\windows\Help 2009-11-30 15:40:47 ----D---- C:\Program Files\SpeedFan 2009-11-30 07:26:12 ----SHD---- C:\windows\Installer 2009-11-30 07:25:44 ----SHD---- C:\Config.Msi 2009-11-30 07:25:44 ----D---- C:\Program Files\Opera 2009-11-29 15:19:22 ----D---- C:\Program Files\a-squared Free 2009-11-27 14:20:20 ----D---- C:\windows\Microsoft.NET 2009-11-27 13:07:39 ----D---- C:\windows\system32 2009-11-27 12:29:59 ----D---- C:\Documents and Settings\ruud\Application Data\LimeWirePlus 2009-11-27 12:24:11 ----D---- C:\WINDOWS 2009-11-27 12:12:09 ----RSD---- C:\windows\assembly 2009-11-27 09:57:07 ----D---- C:\Program Files\Windows Live 2009-11-27 09:52:47 ----D---- C:\windows\system32\DirectX 2009-11-27 09:51:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-11-27 09:47:13 ----D---- C:\Program Files\Common Files\Microsoft Shared 2009-11-25 16:28:19 ----HD---- C:\windows\inf 2009-11-25 15:36:58 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-25 15:36:08 ----D---- C:\windows\Minidump 2009-11-25 15:15:51 ----A---- C:\windows\imsins.BAK 2009-11-25 15:15:19 ----RSHDC---- C:\windows\system32\dllcache 2009-11-25 15:12:21 ----HD---- C:\windows\$hf_mig$ 2009-11-25 15:11:50 ----D---- C:\windows\WinSxS 2009-11-25 14:25:23 ----RD---- C:\Program Files 2009-11-20 19:27:18 ----A---- C:\windows\win.ini 2009-11-16 09:24:11 ----D---- C:\Program Files\Unlocker 2009-11-15 16:33:11 ----D---- C:\Program Files\Common Files 2009-11-15 12:10:16 ----D---- C:\windows\ie7updates 2009-11-15 12:03:56 ----D---- C:\windows\system32\CatRoot 2009-11-15 11:40:27 ----D---- C:\windows\system32\config 2009-11-15 11:39:54 ----D---- C:\windows\system32\wbem 2009-11-15 11:39:54 ----D---- C:\windows\Registration 2009-11-05 18:36:21 ----A---- C:\windows\system32\MRT.exe 2009-11-04 01:39:51 ----D---- C:\Program Files\Java 2009-11-02 20:42:06 ----N---- C:\windows\system32\MpSigStub.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2009-09-15 27408] R1 AmdK8;Stuurprogramma voor AMD Athlon64-processor; C:\windows\system32\DRIVERS\AmdK8.sys [2004-05-08 38912] R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-09-15 114768] R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-09-15 52368] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\windows\System32\Drivers\avgmfx86.sys [2009-01-31 27656] R1 AvgTdiX;AVG8 Network Redirector; C:\windows\System32\Drivers\avgtdix.sys [2009-01-31 107272] R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.sys [] R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832] R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560] R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2009-09-15 94160] R3 aeaudio;aeaudio; C:\windows\system32\drivers\aeaudio.sys [2004-02-02 100384] R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2004-09-04 1268204] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2003-10-08 94601] R3 Arp1394;1394 ARP-clientprotocol; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-09-15 23152] R3 BCM43XX;Stuurprogramma voor BCM 802.11b netwerkadapter; C:\windows\system32\DRIVERS\bcmwl5.sys [2004-08-05 341760] R3 btaudio;Bluetooth Audio Device; C:\windows\system32\drivers\btaudio.sys [2004-06-02 16896] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\windows\system32\DRIVERS\btport.sys [2004-06-02 30235] R3 BTWDNDIS;Bluetooth LAN Access Server; C:\windows\system32\DRIVERS\btwdndis.sys [2004-06-02 147864] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\windows\System32\Drivers\btwusb.sys [2004-06-02 53816] R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\windows\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 dfmirage;dfmirage; C:\windows\system32\DRIVERS\dfmirage.sys [2008-10-30 31896] R3 GEARAspiWDM;GEAR CDRom Filter; C:\windows\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2004-04-05 13872] R3 hidusb;Microsoft HID Class-stuurprogramma; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Stuurprogramma voor muis-HID; C:\windows\system32\DRIVERS\mouhid.sys [2004-08-04 12288] R3 NIC1394;1394-stuurprogramma; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2004-04-08 1382634] R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\windows\system32\DRIVERS\R8139n51.SYS [2003-10-24 46976] R3 smwdm;smwdm; C:\windows\system32\drivers\smwdm.sys [2004-01-13 612032] R3 tiumfwl;tiumfwl; C:\windows\system32\drivers\tiumfwl.sys [2003-02-19 42092] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\windows\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbohci.sys [2008-04-13 17152] S1 AvgLdx86;AVG AVI Loader Driver x86; C:\windows\System32\Drivers\avgldx86.sys [2009-01-31 325128] S3 BthEnum;Stuurprogramma voor Bluetooth-aanvraagblok; C:\windows\system32\DRIVERS\BthEnum.sys [2008-04-13 17024] S3 BTHMODEM;Communicatiestuurprogramma voor Bluetooth-modem; C:\windows\system32\DRIVERS\bthmodem.sys [2008-04-13 37888] S3 BthPan;Bluetooth-apparaat (PAN - Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-04-13 101120] S3 BTHPORT;Poortstuurprogramma voor Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2008-06-14 272640] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio's; C:\windows\System32\Drivers\BTHUSB.sys [2008-04-13 18944] S3 CCDECODE;Closed Caption-decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys [] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video-verbinding; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2008-09-15 17664] S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2008-09-15 22016] S3 ovt519;TRUST 320 SPACEC@M; C:\windows\System32\Drivers\ov519vid.sys [2003-05-06 163072] S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2008-04-13 59136] S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [] S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032] S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Microsoft USB PRINTER Class; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112] S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064] S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\windows\System32\Drivers\wdf01000.sys [2008-03-27 503008] S3 WSTCODEC;World Standard Teletext-codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2006-09-15 82688] S4 IntelIde;IntelIde; C:\windows\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-11-15 1858144] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-09-15 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-09-15 138680] R2 BthServ;Bluetooth Support Service; C:\windows\system32\svchost.exe [2008-04-14 14336] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2004-06-03 163840] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376] R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvsvc32.exe [2004-04-08 73728] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe [2009-03-12 184968] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-09-15 254040] S2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-01-31 903960] S2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-01-31 298264] S3 aspnet_state;ASP.NET-statusservice; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-09-15 352920] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 CobianBackupAmanita;Cobian Backup 9 service; C:\Program Files\Cobian Backup 9\cbService.exe [2009-01-22 583168] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-07-27 98304] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPodService;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2004-06-09 401408] S3 ServiceLayer;ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544] S3 TipCtrl;TipCtrl; C:\Program Files\uTIPu\TipCtrl.exe [2009-10-19 318088] S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
-
Ok Angel, Dat zal ik eens doen; is het misschien een idee om hier zo'n hijackthis-log te plaatsen? Gr. Ruud ---------- Post toegevoegd om 00:10 ---------- Vorige post was om 23:55 ---------- Hoi Angel, Hieronder het resultaat, onderstaande programma's staan d'r al heel lang op en hebben nooit problemen opgeleverd. Gr. Ruud Detection Statistics: 17 Applications Detected in Total 9 Insecure Versions Detected 8 Patched Versions Detected Running For: 12 Minutes, 9 Seconds Errors with the scan: 0 Errors Detected, scan result should be correct Scan Options: Enable thorough system inspection Display only insecure programs Status / Currently Processing: Detection completed successfully Programs / Result Version Detected Status Adobe Reader 6.x 6.0.1.1091 Adobe Reader 7.x 7.0.0.1333 Adobe Reader 8.x 8.1.0.137 Apple iTunes 4.x 4.6.0.15 Apple Quicktime 6.x 6.5.1.17 Mozilla Firefox 3.0.x 3.0.4 Winamp 5.x 5.1.3.387 Adobe Flash Player 10.x 10.0.12.36 (ActiveX) Macromedia Flash Player 6.x 6.0.79.0
-
Hoi Angel, Kan het me bijna niet voorstellen; deze wordt veel gebruikt, dan zou ik toch op internet meer mensen moeten vinden die d'r problemen mee hebben; denk je niet? Zojuist kreeg ik de volgende foutmelding (2 v/d 4 messengers bleven werken, 1 viel weg en de 4e sloeg vast): Vastgelopen toepassing: msnmsgr.exe, versie: 14.0.8089.726, vastgelopen module: kernel32.dll, versie: 5.1.2600.5781, vastgelopen op: 0x00012afb. Gr. Ruud
-
Hoi Angel, Onder Services zie ik geen SSDP Discovery-service staan! Voor de rest maar weer afwachten... Groetjes, Ruud
-
Hoi Angel SSDP Discovery-service had ik dus inderdaad uitgeschakeld, na heropstarten was deze nog steeds uitgeschakeld. Ik zal je advies nog 's opvolgen. En het moet inderdaad drwtsn32.exe zijn, foutje van mijn kant. Alvast bedankt, Ruud ---------- Post toegevoegd om 16:14 ---------- Vorige post was om 16:05 ---------- Waar vind ik het hulpprogramma voor systeemconfiguratie ?
-
Hoi Angel, Ja, dat bedoel ik; misschien dat het d'r niks mee te maken heeft maar sinds ik die optie heb aangevinkt is WLM nog niet weggevallen of vastgelopen. Gr. Ruud
-
Hoi Angel, Op laptop heb ik msnmsgr.exe in de compabiliteitsmodus windows 2000 aangevinkt; tot nu toe (2 dagen) is WLM nog niet weggevallen of vastgeslagen. Aanvankelijk had ik dit ook op "gewone" pc gedaan; hier viel WLM echter nog steeds weg. Daarom jouw advies van gisteravond (Kopieer & plak (of typ) in het tekstvak Uitvoeren: services.msc, enz.) opgevolgd; 2 v/d 4 MSN's waarop ik had ingelogd zijn weer weggevallen... NU heb ik in taakbeheer heel vaak de volgende processen staan: drtwsn32.exe (ca 400x), DW20.EXE (ca 200x) en dwwin.exe (44x). Voorts deze foutmelding in het logboek bij Systeembeheer: Kan beschrijving voor gebeurtenis-ID (1000) in bron (Windows Live Messenger) niet vinden. De lokale computer beschikt wellicht niet over de benodigde registergegevens of DLL-berichtbestanden om berichten van een externe computer te kunnen weergeven. U kunt mogelijk de schakeloptie /AUXSOURCE= gebruiken om deze beschrijving op te halen, zie Help en ondersteuning voor details. De volgende gegevens zijn deel van de gebeurtenis: msnmsgr.exe, 14.0.8089.726, 4a6ce533, kernel32.dll, 5.1.2600.5781, 49c4f537, 0, 00012afb. Ik hoop dat je hier wat mee kunt; bedankt alvast! Gr. Ruud
