Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

windows update + wlm probleem

Othuroyo
5 antwoorden
  • Sedert enkele dagen kan ik geen windows update's meer binnenhalen en geen gebruik meer maken van windows live messenger. Gewoon surfen lukt nog.
    Ik had een probleem met één of andere internet anti virus, dus even malware(en nog iets) laten lopen, en probleem was opgelost. Ik had geen last meer van irritante pop-ups. Daarna kwam dit nieuwe probleem.

    Hieronder een Hijack-logje. Hopelijk kunnen jullie mij uit de nood helpen :)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:28:53, on 31/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
    C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Grisoft\AVG7\avgw.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nieuwsblad.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=localhost:7171
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [lxdimon.exe] "C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe"
    O4 - HKLM\..\Run: [lxdiamon] "C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Poort voor Symantec Fax Starter Edition.lnk = C:\Program Files\Microsoft Office\Office\1043\OLFSNT40.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.be/ImageUploader5.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-BE/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    O16 - DPF: {A73BAEFA-EE65-494D-BEDB-DD3E5A34FA98} (Image Uploader) - http://www.extrafilm.be/ImageUploader4.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe
    O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe


    End of file - 9737 bytes
  • Download [b:c42ac6de36]MalwareBytes' Anti-Malware[/color:c42ac6de36][/b:c42ac6de36] en sla het op je bureaublad op.
    Dubbelklik op [b:c42ac6de36]mbam-setup.exe[/b:c42ac6de36] om het programma te installeren.

    Zorg dat er na de installatie een vinkje is geplaatst bij:[list:c42ac6de36]
    [*:c42ac6de36]Update MalwareBytes' Anti-Malware
    [*:c42ac6de36]Start MalwareBytes' Anti-Malware
    [/list:u:c42ac6de36]Klik daarna op "[b:c42ac6de36]Voltooien[/b:c42ac6de36]".
    Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.[list:c42ac6de36]
    [*:c42ac6de36]Zodra het programma gestart is, ga dan naar het tabblad "[b:c42ac6de36]Instellingen[/b:c42ac6de36]".
    [*:c42ac6de36]Vink hier aan: "[b:c42ac6de36]Sluit Internet Explorer tijdens verwijdering van malware[/b:c42ac6de36]".
    [*:c42ac6de36]Ga daarna naar het tabblad "[b:c42ac6de36]Scanner[/b:c42ac6de36]", kies hier voor "[b:c42ac6de36]Snelle Scan[/b:c42ac6de36]".
    [*:c42ac6de36]Druk vervolgens op "[b:c42ac6de36]Scannen[/b:c42ac6de36]" om de scan te starten.
    [*:c42ac6de36]Het scannen kan een tijdje duren, dus wees geduldig.

    [*:c42ac6de36]Wanneer de scan voltooid is, klik op [b:c42ac6de36]OK[/b:c42ac6de36], daarna "[b:c42ac6de36]Bekijk Resultaten[/b:c42ac6de36]" om de resultaten te zien.
    [*:c42ac6de36]Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "[b:c42ac6de36]Verwijder geselecteerde[/b:c42ac6de36]".
    [*:c42ac6de36]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [/list:u:c42ac6de36]Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "[b:c42ac6de36]Logs[/b:c42ac6de36]" tab te klikken in het programma.

    Plaats dit logje


    Download [b:c42ac6de36]Combofix[/color:c42ac6de36][/b:c42ac6de36] naar je Bureaublad en gebruik het volgens deze handleiding.
    [i:c42ac6de36]OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:c42ac6de36]download Combofix opnieuw[/b:c42ac6de36].
    Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen![/color:c42ac6de36][/i:c42ac6de36][list:c42ac6de36][*:c42ac6de36]Dubbelklik op [b:c42ac6de36]Combofix.exe[/b:c42ac6de36] om het te starten.
    [*:c42ac6de36][i:c42ac6de36]Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.[/i:c42ac6de36]
    [*:c42ac6de36]Klik op [b:c42ac6de36]OK[/b:c42ac6de36] in het "NirCmd" venstertje.
    [*:c42ac6de36]Klik na afloop terug op [b:c42ac6de36]Ja[/b:c42ac6de36] om het scannen op malware te starten.
    [*:c42ac6de36]Tijdens het runnen van de fix, [b:c42ac6de36]NIET[/b:c42ac6de36] in het venster klikken, want dit zal je pc doen vasthangen.
    [*:c42ac6de36]Wanneer de fix voltooid is en na herstart, zal de log [b:c42ac6de36]Combofix.txt[/b:c42ac6de36] openen.[/list:u:c42ac6de36]Post dit logje in je volgende antwoord
  • [b:0f3b79181b]Malwarebytes:[/b:0f3b79181b]

    Malwarebytes' Anti-Malware 1.35
    Database versie: 1928
    Windows 6.0.6001 Service Pack 1

    1/04/2009 16:41:49
    mbam-log-2009-04-01 (16-41-49).txt

    Scan type: Snelle Scan
    Objecten gescand: 64236
    Verstreken tijd: 4 minute(s), 27 second(s)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata bestanden geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Registerdata bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Mappen geïnfecteerd:
    (Geen kwaadaardige items gevonden)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige items gevonden)


    [b:0f3b79181b]Combofix[/b:0f3b79181b]

    ComboFix 09-03-31.03 - steven 2009-04-01 16:58:37.1 - NTFSx86
    Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1043.18.1013.348 [GMT 2:00]
    Gestart vanuit: c:\users\steven\Desktop\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\users\steven\AppData\Roaming\inst.exe
    c:\users\steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos.url
    c:\windows\9g234sdfdfgjf23
    c:\windows\system32\mdm.exe
    c:\windows\system32
    fr.assembly
    c:\windows\system32\x64

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2009-03-01 to 2009-04-01 ))))))))))))))))))))))))))))))
    .

    2009-04-01 16:49 . 2009-04-01 16:49 <DIR> d——– c:\programdata\Avg7
    2009-04-01 16:36 . 2009-03-26 16:49 15,504 –a—— c:\windows\System32\drivers\mbam.sys
    2009-04-01 16:35 . 2009-04-01 16:36 <DIR> d——– c:\program files\Malwarebytes' Anti-Malware
    2009-04-01 16:35 . 2009-03-26 16:49 38,496 –a—— c:\windows\System32\drivers\mbamswissarmy.sys
    2009-03-31 18:35 . 2009-03-31 18:35 <DIR> d——– c:\program files\Defraggler
    2009-03-31 17:46 . 2009-03-31 17:46 0 –ah—– c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
    2009-03-26 16:45 . 2009-04-01 16:33 <DIR> d——– c:\users\steven\Tracing
    2009-03-26 16:43 . 2009-03-26 16:43 <DIR> d——– c:\program files\Windows Live SkyDrive
    2009-03-26 16:43 . 2009-03-26 16:43 <DIR> d——– c:\program files\Microsoft
    2009-03-26 16:42 . 2009-03-26 16:43 <DIR> d——– c:\program files\Windows Live
    2009-03-26 16:41 . 2009-03-26 16:41 <DIR> d——– c:\windows\PCHEALTH
    2009-03-26 16:38 . 2009-03-26 16:38 <DIR> d——– c:\program files\Common Files\Windows Live
    2009-03-23 20:01 . 2009-03-23 20:01 <DIR> d——– c:\program files\CCleaner
    2009-03-23 19:54 . 2009-03-23 19:54 <DIR> d——– c:\program files\Trend Micro
    2009-03-23 19:34 . 2009-03-23 19:34 <DIR> d——– c:\users\steven\AppData\Roaming\Malwarebytes
    2009-03-23 19:34 . 2009-03-23 19:34 <DIR> d——– c:\programdata\Malwarebytes
    2009-03-23 19:15 . 2009-03-23 19:15 <DIR> d——– c:\users\steven\AppData\Roaming\TeamViewer
    2009-03-23 19:15 . 2009-03-23 19:15 <DIR> d——– c:\program files\TeamViewer
    2009-03-23 19:13 . 2009-03-23 19:13 <DIR> d——– c:\users\steven\temp
    2009-03-11 15:58 . 2008-12-16 05:29 8,147,456 –a—— c:\windows\System32\wmploc.DLL
    2009-03-11 15:58 . 2008-11-27 06:43 268,288 –a—— c:\windows\System32\schannel.dll
    2009-03-11 15:58 . 2008-12-16 07:31 7,680 –a—— c:\windows\System32\spwmp.dll
    2009-03-11 15:58 . 2008-12-16 07:31 4,096 –a—— c:\windows\System32\msdxm.ocx
    2009-03-11 15:58 . 2008-12-16 07:31 4,096 –a—— c:\windows\System32\dxmasf.dll
    2009-03-11 15:57 . 2009-02-09 05:10 2,033,152 –a—— c:\windows\System32\win32k.sys

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-03-31 16:30 ——— d—–w c:\programdata\Google Updater
    2009-03-31 15:26 ——— d—–w c:\programdata\Lx_cats
    2009-03-26 14:15 ——— d—–w c:\programdata\Apple Computer
    2009-03-12 14:05 ——— d—–w c:\program files\Windows Mail
    2009-03-01 15:34 ——— d—–w c:\program files\Microsoft Silverlight
    2009-02-06 17:52 49,504 —-a-w c:\windows\System32\sirenacm.dll
    2009-01-15 06:11 827,392 —-a-w c:\windows\System32\wininet.dll
    2008-10-09 08:53 174 –sha-w c:\program files\desktop.ini
    2007-11-24 17:13 47,360 —-a-w c:\users\steven\AppData\Roaming\pcouffin.sys
    1999-05-23 23:17 99,840 —-a-w c:\program files\Common Files\IRAABOUT.DLL
    1998-12-09 02:53 70,144 —-a-w c:\program files\Common Files\IRAMDMTR.DLL
    1998-12-09 02:53 48,640 —-a-w c:\program files\Common Files\IRALPTTR.DLL
    1998-12-09 02:53 31,744 —-a-w c:\program files\Common Files\IRAWEBTR.DLL
    1998-12-09 02:53 186,368 —-a-w c:\program files\Common Files\IRAREG.DLL
    1998-12-09 02:53 17,920 —-a-w c:\program files\Common Files\IRASRIAL.DLL
    2008-09-25 07:59 16,384 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    2008-09-25 07:59 32,768 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    2008-09-25 07:59 16,384 –sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
    "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-29 68856]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "lxdimon.exe"="c:\program files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-05-07 435120]
    "lxdiamon"="c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-03-05 20480]
    "FaxCenterServer"="c:\program files\\Lexmark Fax Solutions\fm3032.exe" [2007-05-07 312240]
    "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
    "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
    "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-10-09 102400]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]
    Poort voor Symantec Fax Starter Edition.lnk - c:\program files\Microsoft Office\Office\1043\OLFSNT40.EXE [1999-05-24 46077]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{127B0875-F83D-491A-929A-2003D497F022}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor
    "{973C0494-E8B1-4956-9CB3-4BB944011FE3}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdimon.exe:Device Monitor
    "{7605BC54-5667-407D-8C08-257769ED314E}"= UDP:c:\users\steven\AppData\Local\Temp\lxdi\wireless\DUTCH\lxdiwpss.exe:
    "{DE1DD622-860C-4BD3-AF36-61E2873D8E91}"= TCP:c:\users\steven\AppData\Local\Temp\lxdi\wireless\DUTCH\lxdiwpss.exe:
    "{26F2113E-00CD-4C4A-B023-CD5E418332E8}"= UDP:c:\windows\System32\lxdicfg.exe:Printer Communication System
    "{5A847321-9C7F-4E3B-9AF8-5DD0EA991DF5}"= TCP:c:\windows\System32\lxdicfg.exe:Printer Communication System
    "{13061A16-C34F-42DB-847A-993C6E58017A}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{166ACE53-B0FD-4478-A750-CBE5D5F6F45B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxditime.exe:Lexmark Connect Time Executable
    "{0AFDDA59-47A3-4CA0-B487-3A93C36FC446}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{5C779E01-44AD-4277-8F90-CA1A644742E2}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
    "{1A61933B-815B-48C2-BD2A-236DB6FB032E}"= UDP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "{09F153D2-3983-47AB-9946-DF0E80581465}"= TCP:c:\windows\System32\lxdicoms.exe:Lexmark Communications System
    "TCP Query User{0CD93A7C-4273-4268-AD49-3A39B29635E3}c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"= UDP:c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe:Printer Status Window
    "UDP Query User{D66977BB-EE0C-4F9B-90CA-DAE53C9D1135}c:\\windows\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"= TCP:c:\windows\system32\spool\drivers\w32x86\3\lxdipswx.exe:Printer Status Window
    "{37589D27-9706-432E-A22A-DBC541B14B78}"= UDP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{35F5CBA2-5F43-49EF-98F3-2CBAE9EF330A}"= TCP:c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe:Lexmark Device Monitor
    "{6E30BF0A-30F0-4F3C-8ADA-3069A8F1ACC4}"= UDP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{29212E0B-ED9B-4993-8A1C-4C082B1CBAF6}"= TCP:c:\program files\Lexmark 3500-4500 Series\App4R.exe:Lexmark Imaging Studio
    "{04FB0463-D6FE-4E72-812E-15F809B526E4}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
    "{D139D814-5245-4436-9863-166B3446A205}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
    "{B919A917-9246-4ED1-AB57-B2DD94332E55}"= UDP:c:\program files\Lexmark Fax Solutions\FaxCtr.exe:Fax software
    "{EF9DAA45-8943-42D5-B1CA-69A2E2E1794F}"= TCP:c:\program files\Lexmark Fax Solutions\FaxCtr.exe:Fax software
    "TCP Query User{0D541BF0-1DA6-401E-A0A8-3CBDA930FD22}c:\\program files\\lexmark 3500-4500 series\\lxdimon.exe"= UDP:c:\program files\lexmark 3500-4500 series\lxdimon.exe:Device Monitor
    "UDP Query User{348BACF2-2F9C-487E-A465-1D9FFDAE4A88}c:\\program files\\lexmark 3500-4500 series\\lxdimon.exe"= TCP:c:\program files\lexmark 3500-4500 series\lxdimon.exe:Device Monitor
    "TCP Query User{33FE4F31-0E02-4454-8138-98791950F2EA}c:\\program files\\lexmark 3500-4500 series\\lxdiamon.exe"= UDP:c:\program files\lexmark 3500-4500 series\lxdiamon.exe:Device Monitor Application
    "UDP Query User{919730DE-EBE8-4EE6-81D9-740D530410B1}c:\\program files\\lexmark 3500-4500 series\\lxdiamon.exe"= TCP:c:\program files\lexmark 3500-4500 series\lxdiamon.exe:Device Monitor Application

    R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service –> c:\windows\system32\lxdicoms.exe -service [?]
    R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdiserv.exe [2007-04-26 99248]
    R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [2009-02-27 185640]

    — Andere Services/Drivers In Geheugen —

    *Deregistered* - AvgClean
    *Deregistered* - AvgWFP

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    .
    Inhoud van de 'Gedeelde Taken' map

    2009-04-01 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 17:13]
    .
    - - - - ORPHANS VERWIJDERD - - - -

    WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
    HKU-Default-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe


    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.nieuwsblad.be/
    uInternet Settings,ProxyServer = http=localhost:7171
    uInternet Settings,ProxyOverride = *.local;<local>
    LSP: c:\windows\system32\wpclsp.dll
    Trusted Zone: mirarsearch.com\click
    Trusted Zone: mirarsearch.com\redirect
    .

    **************************************************************************

    catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-04-01 17:02:14
    Windows 6.0.6001 Service Pack 1 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2009-04-01 17:04:36
    ComboFix-quarantined-files.txt 2009-04-01 15:04:34

    Pre-Run: 16.038.752.256 bytes beschikbaar
    Post-Run: 15,933,059,072 bytes beschikbaar

    161 — E O F — 2009-03-20 05:41:21
  • Zijn er nog problemen?
  • [quote:d345970bc6="Othuroyo"]Zijn er nog problemen?[/quote:d345970bc6]

    Ik kan nog altijd niet op msn of windows update

    Nuja, toch bedankt voor de hulp….

    De windows cd zit er al in. Laptop ging wat traagjes…

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.