Ga naar inhoud

windows live messenger 2009 slaat spontaan vast of valt ineens weg

ruud jansen

Door ruud jansen
in Archief Windows Algemeen

 Delen

Aanbevolen berichten

  • Reacties 51
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

ruud jansen Leerling

ruud jansen

Geplaatst:
  • Auteur
Geplaatst:

ComboFix 09-12-02.03 - ruud 02-12-2009 17:43.3.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.106 [GMT 1:00]

Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt

AV: avast! antivirus 4.8.1356 [VPS 091202-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

FILE ::

"c:\program files\AVG\AVG8\avgemc.exe"

"c:\program files\AVG\AVG8\avgwdsvc.exe"

"c:\windows\system32\drivers\avgldx86.sys"

"c:\windows\system32\drivers\avgtdix.sys"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\AVG

c:\program files\AVG\AVG8\avg7api.dll

c:\program files\AVG\AVG8\avgabout.dll

c:\program files\AVG\AVG8\avgamnot.dll

c:\program files\AVG\AVG8\avgapix.dll

c:\program files\AVG\AVG8\avgatend.stp

c:\program files\AVG\AVG8\avgatupd.stp

c:\program files\AVG\AVG8\avgcclix.dll

c:\program files\AVG\AVG8\avgcfgex.exe

c:\program files\AVG\AVG8\avgcfgx.dll

c:\program files\AVG\AVG8\avgchk.exe

c:\program files\AVG\AVG8\avgclitx.dll

c:\program files\AVG\AVG8\avgcmgr.exe

c:\program files\AVG\AVG8\avgcorex.dll

c:\program files\AVG\AVG8\avgcrlpx.dll

c:\program files\AVG\AVG8\avgcsrvx.exe

c:\program files\AVG\AVG8\avgdumpx.exe

c:\program files\AVG\AVG8\avgemc.exe

c:\program files\AVG\AVG8\avgfrw.exe

c:\program files\AVG\AVG8\avginet.dll

c:\program files\AVG\AVG8\avgiproxy.exe

c:\program files\AVG\AVG8\avglngx.dll

c:\program files\AVG\AVG8\avglogx.dll

c:\program files\AVG\AVG8\avgmail.dll

c:\program files\AVG\AVG8\avgmvflx.dll

c:\program files\AVG\AVG8\avgnsx.exe

c:\program files\AVG\AVG8\avgoff2k.dll

c:\program files\AVG\AVG8\avgpp.dll

c:\program files\AVG\AVG8\avgresf.dll

c:\program files\AVG\AVG8\avgrsx.exe

c:\program files\AVG\AVG8\avgscanx.dll

c:\program files\AVG\AVG8\avgscanx.exe

c:\program files\AVG\AVG8\avgsched.dll

c:\program files\AVG\AVG8\avgse.dll

c:\program files\AVG\AVG8\avgsrmax.exe

c:\program files\AVG\AVG8\avgsrmx.dll

c:\program files\AVG\AVG8\avgssie.dll

c:\program files\AVG\AVG8\avgtray.exe

c:\program files\AVG\AVG8\avgui.exe

c:\program files\AVG\AVG8\avguiadv.dll

c:\program files\AVG\AVG8\avguires.dll

c:\program files\AVG\AVG8\avgupd.dll

c:\program files\AVG\AVG8\avgupd.exe

c:\program files\AVG\AVG8\avgvvx.dll

c:\program files\AVG\AVG8\avgwd.dll

c:\program files\AVG\AVG8\avgwdsvc.exe

c:\program files\AVG\AVG8\avgwdwsc.dll

c:\program files\AVG\AVG8\avgxch32.dll

c:\program files\AVG\AVG8\avgxpl.dll

c:\program files\AVG\AVG8\commonpub.log

c:\program files\AVG\AVG8\commonpub.log.lock

c:\program files\AVG\AVG8\dbghelp.dll

c:\program files\AVG\AVG8\fixcfg.exe

c:\program files\AVG\AVG8\fixfp.exe

c:\program files\AVG\AVG8\libsasl.dll

c:\program files\AVG\AVG8\Notification\arrow.gif

c:\program files\AVG\AVG8\Notification\arrow.png

c:\program files\AVG\AVG8\Notification\bg.png

c:\program files\AVG\AVG8\Notification\bullet.gif

c:\program files\AVG\AVG8\Notification\button_left.png

c:\program files\AVG\AVG8\Notification\button_left_hover.png

c:\program files\AVG\AVG8\Notification\button_right.png

c:\program files\AVG\AVG8\Notification\button_right_hover.png

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_fr.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_it.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_nl.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_pt.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_sp.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Free_8_us.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_fr.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_it.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_nl.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_pt.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_sp.html

c:\program files\AVG\AVG8\Notification\cmp2008_App_Paid_8_us.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_fr.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_ge.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_it.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_jp.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_nl.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_pb.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_pl.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_sp.html

c:\program files\AVG\AVG8\Notification\free8085_message_01_us.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_fr.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_ge.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_it.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_jp.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_nl.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_pb.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_pl.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_sp.html

c:\program files\AVG\AVG8\Notification\free8085_message_02_us.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_fr.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_ge.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_it.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_jp.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_nl.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_pb.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_pl.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_sp.html

c:\program files\AVG\AVG8\Notification\free8085_message_03_us.html

c:\program files\AVG\AVG8\Notification\free8085_message_us.html

c:\program files\AVG\AVG8\Notification\head_blue_bg.png

c:\program files\AVG\AVG8\Notification\head_red_bg.png

c:\program files\AVG\AVG8\Notification\head_yellow_bg.png

c:\program files\AVG\AVG8\Notification\icon_bulb.gif

c:\program files\AVG\AVG8\Notification\image_app_-de.png

c:\program files\AVG\AVG8\Notification\image_app_-en.png

c:\program files\AVG\AVG8\Notification\image_app_-fr.png

c:\program files\AVG\AVG8\Notification\image_app_-it.png

c:\program files\AVG\AVG8\Notification\image_app_-jp.png

c:\program files\AVG\AVG8\Notification\image_app_-la-es.png

c:\program files\AVG\AVG8\Notification\image_app_-nl.png

c:\program files\AVG\AVG8\Notification\image_app_-pl.png

c:\program files\AVG\AVG8\Notification\image_app_-pt-br.png

c:\program files\AVG\AVG8\Notification\image_shield.png

c:\program files\AVG\AVG8\Notification\logo_avg8.gif

c:\program files\AVG\AVG8\Notification\shield.gif

c:\program files\AVG\AVG8\Notification\style.css

c:\program files\AVG\AVG8\saslcrammd5.dll

c:\program files\AVG\AVG8\sasldigestmd5.dll

c:\program files\AVG\AVG8\sasllogin.dll

c:\program files\AVG\AVG8\saslplain.dll

c:\program files\AVG\AVG8\setup.exe

c:\windows\system32\drivers\avgldx86.sys

c:\windows\system32\drivers\avgtdix.sys

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_AVG8EMC

-------\Legacy_AVG8WD

-------\Legacy_AVGLDX86

-------\Legacy_AVGTDIX

-------\Service_avg8emc

-------\Service_avg8wd

-------\Service_AvgLdx86

-------\Service_AvgTdiX

(((((((((((((((((((( Bestanden Gemaakt van 2009-11-02 to 2009-12-02 ))))))))))))))))))))))))))))))

.

2009-12-02 15:42 . 2009-12-02 15:43 -------- d-----w- c:\program files\Windows Live

2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3

2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live

2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe

2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe

2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit

2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe

2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe

2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner

2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe

2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft

2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities

2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository

2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer

2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe

2009-11-06 21:44 . 2009-12-02 15:59 -------- d-----w- c:\documents and settings\ruud\Tracing

2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight

2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft

2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive

2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live

2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-02 17:01 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter

2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-12-02 12:38 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg

2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan

2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera

2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free

2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus

2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat

2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker

2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java

2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat

2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat

2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu

2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder

2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5

2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft

2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound

2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg

2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg

2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe

2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll

2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll

2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll

.

((((((((((((((((((((((((((((( SnapShot@2009-12-02_14.22.17 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-12-02 15:50 . 2009-12-02 15:50 16384 c:\windows\Temp\Perflib_Perfdata_75c.dat

+ 2009-12-02 16:58 . 2009-12-02 16:58 16384 c:\windows\Temp\Perflib_Perfdata_734.dat

+ 2009-12-02 16:59 . 2009-12-02 16:59 16384 c:\windows\Temp\Perflib_Perfdata_5c4.dat

+ 2009-12-02 15:43 . 2009-12-02 15:43 27136 c:\windows\Installer\7a19b9.msi

+ 2009-12-02 15:42 . 2009-12-02 15:42 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe

- 2009-12-02 06:46 . 2009-12-02 06:46 62304 c:\windows\Installer\{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}\IconWlc.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut2_2D73ED7BCF5749BA9891E131D7FE5FBF.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 14366 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut14_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-12-02 15:44 . 2009-12-02 15:44 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe

- 2009-12-02 06:47 . 2009-12-02 06:47 80395 c:\windows\Installer\{10F5387D-1728-423A-A578-B00982CF2646}\MsblIco.Exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut52_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut51_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut5_86F3D0BB3537401DBB67D4F0DA976EAC_1.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut3_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut25_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut24_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut23_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut22_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut16_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut15_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut13_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut12_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 4710 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut11_86F3D0BB3537401DBB67D4F0DA976EAC.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut10_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

+ 2009-05-14 17:21 . 2009-12-02 15:52 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

- 2009-05-14 17:21 . 2009-05-14 17:21 2238 c:\windows\Installer\{16C9924C-C42A-4790-BD18-27BDCA4B23C1}\NewShortcut1_0B56CCC4F2C24C96B7886DDC8DF681A2.exe

+ 2009-12-02 15:44 . 2009-12-02 15:44 430080 c:\windows\Installer\7a19bf.msi

+ 2009-12-02 15:42 . 2009-12-02 15:42 152576 c:\windows\Installer\7a19b4.msi

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-12-02 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024]

"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363]

"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-01-31 07:23 10520 ------w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background

"ctfmon.exe"=c:\windows\system32\ctfmon.exe

"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Apoint"=c:\program files\Apoint2K\Apoint.exe

"Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe

"eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start

"iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe

"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

"nwiz"=nwiz.exe /install

"PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

"PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

"Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\WinMX\\WinMX.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024]

R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560]

R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592]

R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896]

S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408]

S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088]

.

Inhoud van de 'Gedeelde Taken' map

2009-12-02 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21]

2009-12-02 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-12-02 18:00

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(760)

c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(2764)

c:\program files\MessengerPlus! 3\MsgPlusLoader.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Alwil Software\Avast4\aswUpdSv.exe

c:\program files\Alwil Software\Avast4\ashServ.exe

c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\windows\system32\HPZipm12.exe

c:\program files\Analog Devices\SoundMAX\SMAgent.exe

c:\program files\Alwil Software\Avast4\ashMaiSv.exe

c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe

c:\program files\Alwil Software\Avast4\ashWebSv.exe

c:\windows\system32\rundll32.exe

c:\program files\SPAMfighter\SFAgent.exe

c:\program files\Outlook Express\msimn.exe

.

**************************************************************************

.

Voltooingstijd: 2009-12-02 18:14 - machine werd herstart

ComboFix-quarantined-files.txt 2009-12-02 17:13

ComboFix2.txt 2009-12-02 16:30

ComboFix3.txt 2009-12-02 14:26

Pre-Run: 64.267.436.032 bytes beschikbaar

Post-Run: 64.108.605.440 bytes beschikbaar

- - End Of File - - B5DF745A9BD13C23C58DF78518B0BE22

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

AVG is nog niet helemaal verdwenen, maar mijn fout:bawling:

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"AVG8_TRAY"=-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:


  • Download
Java Runtime Environment (JRE) 6 Update 17.
  • Scroll omlaag naar : "Java SE Runtime Environment (JRE) 6 Update 17".
  • Klik op de "Download" knop aan de rechterkant.
  • In het uitklapmenu rechts naast Platform, selecteer Windows
  • Vink aan: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement", en klik op Continue.
  • De pagina zal herladen.
  • Klik op de jre-6u17-windows-i586.exe link ONDER Windows Offline Installation en bewaar het naar je Bureaublad.
  • Sluit alle programma's die eventueel open zijn - Zeker je web browser!
  • Ga dan naar Start > Configuratiescherm > Software of Start > Configuratiescherm > Programma's en onderdelen (bij Vista) en verwijder alle oudere versies van Java uit de Softwarelijst.
  • Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
  • Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  • Herhaal dit tot alle oudere versies verdwenen zijn.
  • Na het verwijderen van alle oudere versies, herstart je pc.
  • Dubbelklik vervolgens op jre-6u17-windows-i586.exe op je Bureaublad om de nieuwste versie van Java te installeren.

En laat dan eens weten hoe het er nu mee staat ?

Link naar reactie
Delen op andere sites
ruud jansen Leerling

ruud jansen

Geplaatst:
  • Auteur
Geplaatst:

De afgelopen 12 uur is WLM niet weggevallen of vastgelopen; geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me.

Wat Java betreft, ik heb enkel de versie die jij aangeeft "Java SE Runtime Environment (JRE) 6 Update 17" op pc staan.

Ik laat Combofix nogmaals draaien en post het logje weer.

Link naar reactie
Delen op andere sites
ruud jansen Leerling

ruud jansen

Geplaatst:
  • Auteur
Geplaatst:

Hier dan het nieuwe logje.

Wat Agv Remover betreft, hiermee heb ik AGV verwijderd toen ik Avast had geïnstalleerd; deze heeft blijkbaar toch wat filetjes op de pc laten staan.

En ik kraai nog geen victorie hoor! Ik zei alleen: geen garantie dat het niet meer zal gebeuren maar in ieder geval wel een goed teken lijkt me.

Gr. Ruud

ComboFix 09-12-02.05 - ruud 03-12-2009 11:49.5.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1043.18.511.104 [GMT 1:00]

Gestart vanuit: c:\documents and settings\ruud\Mijn documenten\downloads\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\ruud\Bureaublad\CFScript.txt

AV: avast! antivirus 4.8.1356 [VPS 091203-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

WAARSCHUWING - DE RECOVERY CONSOLE IS NIET OP DIT SYSTEEM GEINSTALLEERD !!

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-11-03 to 2009-12-03 ))))))))))))))))))))))))))))))

.

2009-12-03 10:42 . 2009-12-03 10:44 -------- d-----w- C:\32788R22FWJFW

2009-12-02 15:42 . 2009-12-02 18:07 -------- d-----w- c:\program files\Windows Live

2009-12-02 15:37 . 2009-12-02 15:37 -------- d-----w- c:\program files\MessengerPlus! 3

2009-12-02 13:00 . 2009-12-02 14:59 -------- d-----w- c:\program files\Messenger Plus! Live

2009-12-02 12:38 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100406\100407\A-Patch143b3_WLM9.exe

2009-12-02 07:17 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100404\100405\A-Patch143b3_WLM9.exe

2009-12-02 06:49 . 2009-12-02 06:49 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2009-12-01 22:42 . 2009-12-01 22:45 -------- d-----w- C:\rsit

2009-12-01 12:41 . 2009-08-19 21:03 188416 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100399\100401\A-Patch143b3_WLM9.exe

2009-11-25 14:43 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100202\100203\A-Patch143b3_WLM9.exe

2009-11-25 13:25 . 2009-11-25 13:25 -------- d-----w- c:\program files\CCleaner

2009-11-18 10:48 . 2006-06-24 03:22 304722 ------w- c:\documents and settings\ruud\Application Data\Zipeg\100196\100197\messpatch-g4-80792.exe

2009-11-16 11:12 . 2009-11-16 11:12 -------- d-----w- c:\documents and settings\ruud\Application Data\GlarySoft

2009-11-16 10:56 . 2009-11-16 10:56 -------- d-----w- c:\program files\Glary Utilities

2009-11-15 10:39 . 2009-11-15 10:39 -------- d-----w- c:\windows\system32\wbem\Repository

2009-11-07 10:26 . 2009-11-07 10:26 -------- d-----w- c:\program files\Windows Journal Viewer

2009-11-06 22:05 . 2009-08-19 21:03 188416 ----a-w- c:\documents and settings\ruud\Application Data\Zipeg\100059\100062\A-Patch143b3_WLM9.exe

2009-11-06 21:44 . 2009-12-03 10:55 -------- d-----w- c:\documents and settings\ruud\Tracing

2009-11-06 21:40 . 2009-11-15 11:14 -------- d-----w- c:\program files\Microsoft Silverlight

2009-11-06 21:22 . 2009-11-06 21:38 -------- d-----w- c:\program files\Microsoft

2009-11-06 21:20 . 2009-11-06 21:20 -------- d-----w- c:\program files\Windows Live SkyDrive

2009-11-06 21:05 . 2009-11-06 21:05 -------- d-----w- c:\program files\Common Files\Windows Live

2009-11-04 00:22 . 2009-11-04 00:22 152576 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\lzma.dll

2009-11-04 00:22 . 2009-11-04 00:22 79488 ----a-w- c:\documents and settings\ruud\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-03 05:53 . 2009-05-14 17:20 -------- d-----w- c:\program files\SPAMfighter

2009-12-02 17:51 . 2009-10-08 17:10 -------- d-----w- c:\documents and settings\ruud\Application Data\Zipeg

2009-12-02 12:43 . 2008-12-12 16:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-11-30 14:40 . 2008-12-15 20:08 -------- d-----w- c:\program files\SpeedFan

2009-11-30 06:25 . 2008-12-19 18:16 -------- d-----w- c:\program files\Opera

2009-11-29 14:19 . 2008-12-23 00:07 -------- d-----w- c:\program files\a-squared Free

2009-11-28 10:00 . 2009-04-24 00:27 117760 ----a-w- c:\documents and settings\ruud\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

2009-11-27 11:29 . 2008-12-17 13:42 -------- d-----w- c:\documents and settings\ruud\Application Data\LimeWirePlus

2009-11-18 02:01 . 2009-11-18 03:04 217596 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Personal_32_1043.dat

2009-11-16 08:24 . 2009-04-22 18:45 -------- d-----w- c:\program files\Unlocker

2009-11-04 00:39 . 2008-12-12 16:34 -------- d-----w- c:\program files\Java

2009-11-02 19:42 . 2009-10-03 00:18 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-10-26 12:35 . 2004-08-04 12:00 91018 ----a-w- c:\windows\system32\perfc013.dat

2009-10-26 12:35 . 2004-08-04 12:00 509462 ----a-w- c:\windows\system32\perfh013.dat

2009-10-23 12:14 . 2009-06-22 13:56 -------- d-----w- c:\program files\uTIPu

2009-10-21 13:45 . 2009-10-19 09:48 -------- d-----w- c:\program files\Screen Recorder

2009-10-20 10:38 . 2009-10-20 10:38 -------- d-----w- c:\program files\AviSynth 2.5

2009-10-20 10:34 . 2009-10-20 10:34 -------- d-----w- c:\program files\eRightSoft

2009-10-19 15:44 . 2009-10-19 15:44 -------- d-----w- c:\program files\NCH Swift Sound

2009-10-11 03:17 . 2008-12-12 16:47 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-08 17:10 . 2008-12-12 23:01 -------- d-----w- c:\program files\Zipeg

2009-10-08 17:08 . 2008-12-12 23:02 -------- d-----w- c:\documents and settings\ruud\Application Data\com.zipeg

2009-09-17 18:59 . 2009-01-25 10:03 4045527 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe

2009-09-15 10:59 . 2009-04-20 12:13 1279968 ----a-w- c:\windows\system32\aswBoot.exe

2009-09-15 10:56 . 2009-04-20 12:14 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys

2009-09-15 10:56 . 2009-04-20 12:14 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2009-09-15 10:55 . 2009-04-20 12:14 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys

2009-09-15 10:55 . 2009-04-20 12:14 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2009-09-15 10:54 . 2009-04-20 12:15 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2009-09-15 10:54 . 2009-04-20 12:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2009-09-15 10:53 . 2009-04-20 12:15 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2009-09-15 10:53 . 2009-04-20 12:14 97480 ----a-w- c:\windows\system32\AvastSS.scr

2009-09-11 14:20 . 2004-08-04 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll

2009-09-10 12:54 . 2008-12-21 14:58 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-09-10 12:53 . 2008-12-21 14:58 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-09-04 21:05 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll

2006-05-03 09:06 . 2009-10-20 10:35 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 10:47 . 2009-10-20 10:35 31232 --sh--r- c:\windows\system32\msfDX.dll

2008-03-16 12:30 . 2009-10-20 10:35 216064 --sh--r- c:\windows\system32\nbDX.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen 3.1"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2005-09-27 1073152]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]

"SPAMfighter Agent"="c:\program files\SPAMfighter\SFAgent.exe update delay 60" [X]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]

"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-12-02 190024]

"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-09-04 88363]

"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Adobe Reader Snelle start.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2008-12-03 13:56 352256 ------w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background

"ctfmon.exe"=c:\windows\system32\ctfmon.exe

"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Apoint"=c:\program files\Apoint2K\Apoint.exe

"Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe

"eabconfg.cpl"=c:\program files\HPQ\Quick Launch Buttons\EabServr.exe /Start

"iTunesHelper"=c:\program files\iTunes\iTunesHelper.exe

"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

"nwiz"=nwiz.exe /install

"PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

"PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

"Cobian Backup 9 interface"="c:\program files\Cobian Backup 9\cbInterface.exe" -service

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\WinMX\\WinMX.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=

"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=

"c:\\Program Files\\Opera\\opera.exe"=

"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [20-4-2009 1:14 PM 114768]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4-12-2008 1:50 PM 8944]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [4-12-2008 1:50 PM 55024]

R2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [23-12-2008 1:07 AM 1858144]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20-4-2009 1:14 PM 20560]

R2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files\SPAMfighter\sfus.exe [12-3-2009 9:44 AM 184968]

R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3-11-2006 7:19 PM 13592]

R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [30-10-2008 12:05 AM 31896]

S3 CobianBackupAmanita;Cobian Backup 9 service;c:\program files\Cobian Backup 9\cbService.exe [10-7-2009 6:07 PM 583168]

S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4-12-2008 1:50 PM 7408]

S3 TipCtrl;TipCtrl;c:\program files\uTIPu\TipCtrl.exe [19-10-2009 7:45 PM 318088]

.

Inhoud van de 'Gedeelde Taken' map

2009-12-02 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2009-11-16 09:21]

2009-12-03 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

IE: Verzenden naar &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

FF - ProfilePath - c:\documents and settings\ruud\Application Data\Mozilla\Firefox\Profiles\h5q3apzr.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl/

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-12-03 12:03

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'winlogon.exe'(756)

c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'explorer.exe'(2848)

c:\program files\MessengerPlus! 3\MsgPlusLoader.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2009-12-03 12:08

ComboFix-quarantined-files.txt 2009-12-03 11:08

ComboFix2.txt 2009-12-03 10:32

ComboFix3.txt 2009-12-02 17:14

ComboFix4.txt 2009-12-02 16:30

ComboFix5.txt 2009-12-03 10:44

Pre-Run: 63.542.480.896 bytes beschikbaar

Post-Run: 63.531.368.448 bytes beschikbaar

- - End Of File - - 5CCE944F6D5E38B9799A7630A6D044E4

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.