ruud jansen
-
Items
30 -
Registratiedatum
-
Laatst bezocht
ruud jansen's prestaties
-
WLM9 is op beide pc's al dagen niet meer weggevallen! Probleem lag, zoals al gedacht, dus 100% aan WLM9 en niet aan mijn pc's. Enige wat ik vreemd vind, was dat ik d'r op internet niks over tegenkwam...
-
Misschien dat jullie hier iets aan hebben: Ik krijg of helemaal geen foutmelding of de volgende foutmelding: Kan beschrijving voor gebeurtenis-ID (1000) in bron (Windows Live Messenger) niet vinden. De lokale computer beschikt wellicht niet over de benodigde registergegevens of DLL-berichtbestanden om berichten van een externe computer te kunnen weergeven. U kunt mogelijk de schakeloptie /AUXSOURCE= gebruiken om deze beschrijving op te halen, zie Help en ondersteuning voor details. De volgende gegevens zijn deel van de gebeurtenis: msnmsgr.exe, 14.0.8089.726, 4a6ce533, kernel32.dll, 5.1.2600.5781, 49c4f537, 0, 00012afb.
-
Dat jullie er door de diversiteit van de moeilijkheden niet echt achter komen waar de specifieke oorzaak ligt, begrijp ik volkomen. Ik vind het al heel fijn dat jullie tijd en moeite steken in andermans problemen; daarvoor mijn dank.
-
Helaas is WLM9 zojuist toch weer 's weggevallen op deze pc; 1 keer na 2 dagen valt mee; ik ben erger gewend... Op m'n andere pc (waar geen hijackthis e.d. op gedraaid hebben) echter ook pas 2 keer 1 van de 4 msn's die ik steeds opstart. Een vriend van mij heeft ook het probleem dat WLM9 soms ineens wegvalt. WLM9 slaat echter niet meer vast wat tot voor kort ook regelmatig gebeurde. Het gevoel dat de fout niet bij mijn pc's ligt maar bij WLM9 (mogelijk in combinatie met de patches), bekruipt mij steeds meer. Al vind ik het wel weer vreemd dat ik d'r op internet niets over kan vinden. Hebben de deskundigen hier, misschien nog advies of enig idee wat nu de oorzaak is van het plotseling wegvallen van WLM9?
-
Baat het niet dan schaadt het niet he! Maar bidden, hopen en kaarsjes aansteken is iets voor in de kerk; ik zou liever weten hoe het mogelijk is dat WLM ineens weg kan vallen.
-
Vreemd, vreemd, vreemd! Sinds gistermiddag een uur of half 3 is WLM nog niet weggevallen of vastgeslagen op deze pc! Ook op mijn andere pc is er sinds gisteravond nog niets raars gebeurd met WLM, alles loopt ook nog steeds.
-
Het eerste wat ik gedaan heb nadat ik erachter kwam dat WML niet meer werkt zoals het moet, was teruggaan naar een eerdere datum met systeemherstel. Dit had echter geen effect!
-
Helaas is het probleem nog niet opgelost, 1 van de 4 WLM's is nu alweer weggevallen! Het probleem is er pas sinds de update van WLM8.5 naar 9.
-
Nou, in ieder geval al vast bedankt voor de moeite; ik zal jullie zeker op de hoogte houden. Gr. Ruud
-
Hier dan het nieuwe logje. Wat Agv Remover betreft, hiermee heb ik AGV verwijderd toen ik Avast had geïnstalleerd; deze heeft blijkbaar toch wat filetjes op de pc laten staan. En ik kraai nog geen victorie hoor! Ik zei alleen: geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me. Gr. Ruud ComboFix 09-12-02.05 - ruud 03-12-2009 11:49.5.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.104 [GMT 1:00] Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091203-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-03 to 2009-12-03 )))))))))))))))))))))))))))))) . 2009-12-03 10:42 . 2009-12-03 10:44 -------- d-----w- C:\32788R22FWJFW 2009-12-02 15:42 . 2009-12-02 18:07 -------- d-----w- c:\program files\Windows Live 2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3 2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe 2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe 2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit 2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe 2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe 2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner 2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe 2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft 2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities 2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer 2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe 2009-11-06 21:44 . 2009-12-03 10:55 -------- d-----w- c:\documents and settings\ruud\Tracing 2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft 2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-03 05:53 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter 2009-12-02 17:51 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg 2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan 2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera 2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free 2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus 2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat 2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker 2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java 2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat 2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat 2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu 2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder 2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft 2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound 2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg 2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg 2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "ctfmon.exe"=c:\windows\system32\ctfmon.exe "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Apoint"=c:\program files\Apoint2K\Apoint.exe "Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe "eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start "iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName "PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\WinMX\\WinMX.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896] S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408] S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088] . Inhoud van de 'Gedeelde Taken' map 2009-12-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21] 2009-12-03 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-03 12:03 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(756) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'explorer.exe'(2848) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-12-03 12:08 ComboFix-quarantined-files.txt 2009-12-03 11:08 ComboFix2.txt 2009-12-03 10:32 ComboFix3.txt 2009-12-02 17:14 ComboFix4.txt 2009-12-02 16:30 ComboFix5.txt 2009-12-03 10:44 Pre-Run: 63.542.480.896 bytes beschikbaar Post-Run: 63.531.368.448 bytes beschikbaar - - End Of File - - 5CCE944F6D5E38B9799A7630A6D044E4
-
De afgelopen 12 uur is WLM niet weggevallen of vastgelopen; geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me. Wat Java betreft, ik heb enkel de versie die jij aangeeft "Java SE Runtime Environment (JRE) 6 Update 17" op pc staan. Ik laat Combofix nogmaals draaien en post het logje weer.
-
Hoi Kape, Fouten maken is menselijk he! Maar ik moet zo even weg, ik doe het straks of anders morgen op m'n gemak, anders wordt het haastwerk en dat is nooit goed he. Ik post het filetje wel weer. In ieder geval alvast hartstikke bedankt voor de moeite. Gr. Ruud
-
ComboFix 09-12-02.03 - ruud 02-12-2009 17:43.3.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.106 [GMT 1:00] Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt AV: avast! antivirus 4.8.1356 [VPS 091202-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !! FILE :: "c:\program files\AVG\AVG8\avgemc.exe" "c:\program files\AVG\AVG8\avgwdsvc.exe" "c:\windows\system32\drivers\avgldx86.sys" "c:\windows\system32\drivers\avgtdix.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\AVG c:\program files\AVG\AVG8\avg7api.dll c:\program files\AVG\AVG8\avgabout.dll c:\program files\AVG\AVG8\avgamnot.dll c:\program files\AVG\AVG8\avgapix.dll c:\program files\AVG\AVG8\avgatend.stp c:\program files\AVG\AVG8\avgatupd.stp c:\program files\AVG\AVG8\avgcclix.dll c:\program files\AVG\AVG8\avgcfgex.exe c:\program files\AVG\AVG8\avgcfgx.dll c:\program files\AVG\AVG8\avgchk.exe c:\program files\AVG\AVG8\avgclitx.dll c:\program files\AVG\AVG8\avgcmgr.exe c:\program files\AVG\AVG8\avgcorex.dll c:\program files\AVG\AVG8\avgcrlpx.dll c:\program files\AVG\AVG8\avgcsrvx.exe c:\program files\AVG\AVG8\avgdumpx.exe c:\program files\AVG\AVG8\avgemc.exe c:\program files\AVG\AVG8\avgfrw.exe c:\program files\AVG\AVG8\avginet.dll c:\program files\AVG\AVG8\avgiproxy.exe c:\program files\AVG\AVG8\avglngx.dll c:\program files\AVG\AVG8\avglogx.dll c:\program files\AVG\AVG8\avgmail.dll c:\program files\AVG\AVG8\avgmvflx.dll c:\program files\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\avgoff2k.dll c:\program files\AVG\AVG8\avgpp.dll c:\program files\AVG\AVG8\avgresf.dll c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgscanx.dll c:\program files\AVG\AVG8\avgscanx.exe c:\program files\AVG\AVG8\avgsched.dll c:\program files\AVG\AVG8\avgse.dll c:\program files\AVG\AVG8\avgsrmax.exe c:\program files\AVG\AVG8\avgsrmx.dll c:\program files\AVG\AVG8\avgssie.dll c:\program files\AVG\AVG8\avgtray.exe c:\program files\AVG\AVG8\avgui.exe c:\program files\AVG\AVG8\avguiadv.dll c:\program files\AVG\AVG8\avguires.dll c:\program files\AVG\AVG8\avgupd.dll c:\program files\AVG\AVG8\avgupd.exe c:\program files\AVG\AVG8\avgvvx.dll c:\program files\AVG\AVG8\avgwd.dll c:\program files\AVG\AVG8\avgwdsvc.exe c:\program files\AVG\AVG8\avgwdwsc.dll c:\program files\AVG\AVG8\avgxch32.dll c:\program files\AVG\AVG8\avgxpl.dll c:\program files\AVG\AVG8\commonpub.log c:\program files\AVG\AVG8\commonpub.log.lock c:\program files\AVG\AVG8\dbghelp.dll c:\program files\AVG\AVG8\fixcfg.exe c:\program files\AVG\AVG8\fixfp.exe c:\program files\AVG\AVG8\libsasl.dll c:\program files\AVG\AVG8\Notification\arrow.gif c:\program files\AVG\AVG8\Notification\arrow.png c:\program files\AVG\AVG8\Notification\bg.png c:\program files\AVG\AVG8\Notification\bullet.gif c:\program files\AVG\AVG8\Notification\button_left.png c:\program files\AVG\AVG8\Notification\button_left_hover.png c:\program files\AVG\AVG8\Notification\button_right.png c:\program files\AVG\AVG8\Notification\button_right_hover.png c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_fr.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_it.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_nl.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_pt.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_sp.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_us.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_fr.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_it.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_nl.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_pt.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_sp.html c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_us.html c:\program files\AVG\AVG8\Notification\free8085_message_01_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_01_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_01_it.html c:\program files\AVG\AVG8\Notification\free8085_message_01_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_01_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_01_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_01_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_01_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_01_us.html c:\program files\AVG\AVG8\Notification\free8085_message_02_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_02_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_02_it.html c:\program files\AVG\AVG8\Notification\free8085_message_02_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_02_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_02_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_02_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_02_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_02_us.html c:\program files\AVG\AVG8\Notification\free8085_message_03_fr.html c:\program files\AVG\AVG8\Notification\free8085_message_03_ge.html c:\program files\AVG\AVG8\Notification\free8085_message_03_it.html c:\program files\AVG\AVG8\Notification\free8085_message_03_jp.html c:\program files\AVG\AVG8\Notification\free8085_message_03_nl.html c:\program files\AVG\AVG8\Notification\free8085_message_03_pb.html c:\program files\AVG\AVG8\Notification\free8085_message_03_pl.html c:\program files\AVG\AVG8\Notification\free8085_message_03_sp.html c:\program files\AVG\AVG8\Notification\free8085_message_03_us.html c:\program files\AVG\AVG8\Notification\free8085_message_us.html c:\program files\AVG\AVG8\Notification\head_blue_bg.png c:\program files\AVG\AVG8\Notification\head_red_bg.png c:\program files\AVG\AVG8\Notification\head_yellow_bg.png c:\program files\AVG\AVG8\Notification\icon_bulb.gif c:\program files\AVG\AVG8\Notification\image_app_-de.png c:\program files\AVG\AVG8\Notification\image_app_-en.png c:\program files\AVG\AVG8\Notification\image_app_-fr.png c:\program files\AVG\AVG8\Notification\image_app_-it.png c:\program files\AVG\AVG8\Notification\image_app_-jp.png c:\program files\AVG\AVG8\Notification\image_app_-la-es.png c:\program files\AVG\AVG8\Notification\image_app_-nl.png c:\program files\AVG\AVG8\Notification\image_app_-pl.png c:\program files\AVG\AVG8\Notification\image_app_-pt-br.png c:\program files\AVG\AVG8\Notification\image_shield.png c:\program files\AVG\AVG8\Notification\logo_avg8.gif c:\program files\AVG\AVG8\Notification\shield.gif c:\program files\AVG\AVG8\Notification\style.css c:\program files\AVG\AVG8\saslcrammd5.dll c:\program files\AVG\AVG8\sasldigestmd5.dll c:\program files\AVG\AVG8\sasllogin.dll c:\program files\AVG\AVG8\saslplain.dll c:\program files\AVG\AVG8\setup.exe c:\windows\system32\drivers\avgldx86.sys c:\windows\system32\drivers\avgtdix.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AVG8EMC -------\Legacy_AVG8WD -------\Legacy_AVGLDX86 -------\Legacy_AVGTDIX -------\Service_avg8emc -------\Service_avg8wd -------\Service_AvgLdx86 -------\Service_AvgTdiX (((((((((((((((((((( Bestanden Gemaakt van 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))) . 2009-12-02 15:42 . 2009-12-02 15:43 -------- d-----w- c:\program files\Windows Live 2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3 2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live 2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe 2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe 2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit 2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe 2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe 2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner 2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe 2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft 2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities 2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository 2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer 2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe 2009-11-06 21:44 . 2009-12-02 15:59 -------- d-----w- c:\documents and settings\ruud\Tracing 2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight 2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft 2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live 2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-02 17:01 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter 2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-02 12:38 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg 2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan 2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera 2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free 2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus 2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat 2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker 2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java 2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat 2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat 2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu 2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder 2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft 2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound 2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg 2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg 2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll 2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-02_14.22.17 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-02 15:50 . 2009-12-02 15:50 16384 c:\windows\Temp\Perflib_Perfdata_75c.dat + 2009-12-02 16:58 . 2009-12-02 16:58 16384 c:\windows\Temp\Perflib_Perfdata_734.dat + 2009-12-02 16:59 . 2009-12-02 16:59 16384 c:\windows\Temp\Perflib_Perfdata_5c4.dat + 2009-12-02 15:43 . 2009-12-02 15:43 27136 c:\windows\Installer\7a19b9.msi + 2009-12-02 15:42 . 2009-12-02 15:42 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe - 2009-12-02 06:46 . 2009-12-02 06:46 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe - 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe + 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe + 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-12-02 15:44 . 2009-12-02 15:44 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe - 2009-12-02 06:47 . 2009-12-02 06:47 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe - 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe + 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe - 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe + 2009-12-02 15:44 . 2009-12-02 15:44 430080 c:\windows\Installer\7a19bf.msi + 2009-12-02 15:42 . 2009-12-02 15:42 152576 c:\windows\Installer\7a19b4.msi . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-12-02 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-01-31 07:23 10520 ------w- c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "ctfmon.exe"=c:\windows\system32\ctfmon.exe "SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Apoint"=c:\program files\Apoint2K\Apoint.exe "Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe "eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start "iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe "NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup "nwiz"=nwiz.exe /install "PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName "PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 "Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\WinMX\\WinMX.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\LimeWire Plus\\LimeWire.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944] R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024] R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560] R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968] R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896] S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168] S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408] S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088] . Inhoud van de 'Gedeelde Taken' map 2009-12-02 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21] 2009-12-02 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/ FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-02 18:00 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(760) c:\program files\SUPERAntiSpyware\SASWINLO.dll - - - - - - - > 'explorer.exe'(2764) c:\program files\MessengerPlus! 3\MsgPlusLoader.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\btncopy.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\rundll32.exe c:\program files\SPAMfighter\SFAgent.exe c:\program files\Outlook Express\msimn.exe . ************************************************************************** . Voltooingstijd: 2009-12-02 18:14 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-02 17:13 ComboFix2.txt 2009-12-02 16:30 ComboFix3.txt 2009-12-02 14:26 Pre-Run: 64.267.436.032 bytes beschikbaar Post-Run: 64.108.605.440 bytes beschikbaar - - End Of File - - B5DF745A9BD13C23C58DF78518B0BE22
-
Combofix is nu opnieuwaan het scannen; ik post het nieuwe log wel hier.
-
Volgens Combofix is AVG inderdaad nog op de een of andere manier actief; dit is dan al zeker een jaar het geval, al van ver voor de problemen met WLM; deze zijn er pas sinds sinds de update van 8.5 naar 9. Combofix is nu opnieuw aan't scannen; ik post het nieuwe log hier wel. Of de problemen nu zijn opgelost, kan ik pas na verloop van tijd zeggen; soms slaat WLM binnen een half uur vast, soms gaat het ook 12 uur goed...
