ajvanderpoel

Helaas Kape, Ik heb getracht mcafee te installeren via online. Maar hij blijft een conflict melding geven met Sophos anti-virus version 3x en met sophos antivirus. zou niet weten hoe ik dit moet oplossen, jij?? Ik ga nu werken dus reageer vanavond pas weer laat op de mail. Gr Andor

Bij deze.... ook dit gaat een stuk sneller... vorige keer een paar uur. ComboFix 09-12-02.08 - Andor van der Poel 17-12-2009 22:59.4.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.511.253 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andor van der Poel\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andor van der Poel\Bureaublad\CFScript.txt * Nieuw herstelpunt werd aangemaakt . - VERMINDERDE FUNCTIONALITEIT MODUS - . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-17 to 2009-12-17 )))))))))))))))))))))))))))))) . 2009-12-15 22:49 . 2009-12-15 22:49 -------- d--h--r- c:\documents and settings\Andor van der Poel\Onlangs geopend 2009-12-11 21:55 . 2009-12-11 21:55 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2009-12-06 13:17 . 2009-12-06 13:17 -------- d-----w- c:\documents and settings\Andor van der Poel\DoctorWeb 2009-12-02 09:48 . 2009-12-02 09:48 -------- d-----w- c:\program files\Trend Micro 2009-11-30 18:05 . 2009-11-30 18:05 -------- d-----w- c:\documents and settings\Andor van der Poel\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-30 17:53 . 2009-11-30 17:53 -------- d-----w- c:\program files\CCleaner . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-11 22:48 . 1979-12-31 23:00 93152 ----a-w- c:\windows\system32\perfc013.dat 2009-12-11 22:48 . 1979-12-31 23:00 514550 ----a-w- c:\windows\system32\perfh013.dat 2009-12-06 12:10 . 2005-03-24 19:39 89176 ----a-w- c:\documents and settings\Andor van der Poel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-11-12 16:18 . 2009-11-12 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-11-12 15:46 . 2009-11-12 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-10-29 07:44 . 1979-12-31 23:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 06:03 . 1979-12-31 23:00 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 06:03 . 1979-12-31 23:00 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 14:58 . 2009-01-26 19:24 263552 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-13 10:53 . 1979-12-31 23:00 267264 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:54 . 1979-12-31 23:00 69632 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:54 . 1979-12-31 23:00 112640 ----a-w- c:\windows\system32\rastls.dll . ((((((((((((((((((((((((((((( SnapShot_2009-12-03_22.13.56 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-15 22:55 . 2009-12-15 22:55 16384 c:\windows\Temp\Perflib_Perfdata_418.dat - 1979-12-31 23:00 . 2009-11-12 20:43 73224 c:\windows\system32\perfc009.dat + 1979-12-31 23:00 . 2009-12-11 22:48 73224 c:\windows\system32\perfc009.dat - 2007-08-13 17:54 . 2009-08-29 08:00 55296 c:\windows\system32\msfeedsbs.dll + 2007-08-13 17:54 . 2009-10-29 07:44 55296 c:\windows\system32\msfeedsbs.dll + 1979-12-31 23:00 . 2009-10-29 07:44 25600 c:\windows\system32\jsproxy.dll - 1979-12-31 23:00 . 2009-08-29 08:00 25600 c:\windows\system32\jsproxy.dll - 2009-09-13 15:01 . 2009-08-29 09:00 12800 c:\windows\system32\dllcache\xpshims.dll + 2009-09-13 15:01 . 2009-10-29 07:44 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-01-26 19:24 . 2004-08-04 04:00 75776 c:\windows\system32\dllcache\strmfilt.dll + 2009-01-26 19:24 . 2009-10-21 06:03 75776 c:\windows\system32\dllcache\strmfilt.dll + 2009-01-26 19:22 . 2009-10-12 13:54 69632 c:\windows\system32\dllcache\raschap.dll - 2009-01-26 19:22 . 2004-08-04 04:00 69632 c:\windows\system32\dllcache\raschap.dll - 2008-07-28 18:05 . 2009-08-29 08:00 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2008-07-28 18:05 . 2009-10-29 07:44 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 1979-12-31 23:00 . 2009-10-29 07:44 25600 c:\windows\system32\dllcache\jsproxy.dll - 1979-12-31 23:00 . 2009-08-29 08:00 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-01-26 19:24 . 2009-10-21 06:03 25088 c:\windows\system32\dllcache\httpapi.dll - 2009-03-22 15:54 . 2009-12-02 20:56 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-03-22 15:54 . 2009-12-02 20:56 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-03-22 15:54 . 2009-12-02 20:56 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-12-11 22:45 . 2009-08-29 08:00 12800 c:\windows\ie8updates\KB976325-IE8\xpshims.dll + 2009-12-11 22:45 . 2009-08-29 08:00 55296 c:\windows\ie8updates\KB976325-IE8\msfeedsbs.dll + 2009-12-11 22:45 . 2009-08-29 08:00 25600 c:\windows\ie8updates\KB976325-IE8\jsproxy.dll + 1979-12-31 23:00 . 2009-08-25 09:49 352256 c:\windows\system32\winhttp.dll + 1979-12-31 23:00 . 2009-12-11 22:48 446210 c:\windows\system32\perfh009.dat - 1979-12-31 23:00 . 2009-11-12 20:43 446210 c:\windows\system32\perfh009.dat + 1979-12-31 23:00 . 2009-10-29 07:44 206848 c:\windows\system32\occache.dll - 1979-12-31 23:00 . 2009-08-29 08:00 206848 c:\windows\system32\occache.dll - 2007-08-13 17:54 . 2009-08-29 08:00 594432 c:\windows\system32\msfeeds.dll + 2007-08-13 17:54 . 2009-10-29 07:44 594432 c:\windows\system32\msfeeds.dll - 1979-12-31 23:00 . 2009-08-29 08:00 184320 c:\windows\system32\iepeers.dll + 1979-12-31 23:00 . 2009-10-29 07:44 184320 c:\windows\system32\iepeers.dll + 1979-12-31 23:00 . 2009-10-29 07:44 387584 c:\windows\system32\iedkcs32.dll - 1979-12-31 23:00 . 2009-08-29 08:00 387584 c:\windows\system32\iedkcs32.dll + 1979-12-31 23:00 . 2009-10-28 14:40 173056 c:\windows\system32\ie4uinit.exe - 1979-12-31 23:00 . 2009-08-28 10:37 173056 c:\windows\system32\ie4uinit.exe + 1980-01-01 01:00 . 2009-10-29 07:44 916480 c:\windows\system32\dllcache\wininet.dll - 1980-01-01 01:00 . 2009-08-29 08:00 916480 c:\windows\system32\dllcache\wininet.dll + 2009-01-26 19:24 . 2009-08-25 09:49 352256 c:\windows\system32\dllcache\winhttp.dll - 2009-01-26 19:22 . 2004-08-04 04:00 112640 c:\windows\system32\dllcache\rastls.dll + 2009-01-26 19:22 . 2009-10-12 13:54 112640 c:\windows\system32\dllcache\rastls.dll - 1979-12-31 23:00 . 2009-08-29 08:00 206848 c:\windows\system32\dllcache\occache.dll + 1979-12-31 23:00 . 2009-10-29 07:44 206848 c:\windows\system32\dllcache\occache.dll + 2009-01-26 19:22 . 2009-10-13 10:53 267264 c:\windows\system32\dllcache\oakley.dll - 2009-01-26 19:22 . 2004-08-04 04:00 267264 c:\windows\system32\dllcache\oakley.dll - 2008-07-28 18:05 . 2009-08-29 08:00 594432 c:\windows\system32\dllcache\msfeeds.dll + 2008-07-28 18:05 . 2009-10-29 07:44 594432 c:\windows\system32\dllcache\msfeeds.dll + 2009-09-13 15:01 . 2009-10-29 07:44 246272 c:\windows\system32\dllcache\ieproxy.dll - 2009-09-13 15:01 . 2009-08-29 09:00 246272 c:\windows\system32\dllcache\ieproxy.dll - 1979-12-31 23:00 . 2009-08-29 08:00 184320 c:\windows\system32\dllcache\iepeers.dll + 1979-12-31 23:00 . 2009-10-29 07:44 184320 c:\windows\system32\dllcache\iepeers.dll + 1979-12-31 23:00 . 2009-10-29 07:44 387584 c:\windows\system32\dllcache\iedkcs32.dll - 1979-12-31 23:00 . 2009-08-29 08:00 387584 c:\windows\system32\dllcache\iedkcs32.dll - 1979-12-31 23:00 . 2009-08-28 10:37 173056 c:\windows\system32\dllcache\ie4uinit.exe + 1979-12-31 23:00 . 2009-10-28 14:40 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2009-10-20 14:58 . 2009-10-20 14:58 263552 c:\windows\system32\dllcache\http.sys + 2009-03-22 15:54 . 2009-12-11 22:44 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-22 15:54 . 2009-12-02 20:56 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-22 15:54 . 2009-12-02 20:56 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe + 2009-03-22 15:54 . 2009-12-11 22:44 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-03-22 15:54 . 2009-12-02 20:56 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-03-22 15:54 . 2009-12-11 22:44 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2009-03-22 15:54 . 2009-12-02 20:56 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-03-22 15:54 . 2009-12-02 20:56 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-03-22 15:54 . 2009-12-02 20:56 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-03-22 15:54 . 2009-12-11 22:44 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2009-03-22 15:54 . 2009-12-02 20:56 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-12-02 20:52 . 2009-12-02 20:52 118176 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPOMINT.DLL + 2009-12-11 22:45 . 2009-08-29 08:00 916480 c:\windows\ie8updates\KB976325-IE8\wininet.dll + 2009-12-11 22:45 . 2009-05-26 11:41 401272 c:\windows\ie8updates\KB976325-IE8\spuninst\updspapi.dll + 2009-12-11 22:45 . 2009-05-26 11:41 234872 c:\windows\ie8updates\KB976325-IE8\spuninst\spuninst.exe + 2009-12-11 22:45 . 2009-08-29 08:00 206848 c:\windows\ie8updates\KB976325-IE8\occache.dll + 2009-12-11 22:45 . 2009-08-29 08:00 594432 c:\windows\ie8updates\KB976325-IE8\msfeeds.dll + 2009-12-11 22:45 . 2009-08-29 08:00 246272 c:\windows\ie8updates\KB976325-IE8\ieproxy.dll + 2009-12-11 22:45 . 2009-08-29 08:00 184320 c:\windows\ie8updates\KB976325-IE8\iepeers.dll + 2009-12-11 22:45 . 2009-08-29 08:00 387584 c:\windows\ie8updates\KB976325-IE8\iedkcs32.dll + 2009-12-11 22:45 . 2009-08-28 10:37 173056 c:\windows\ie8updates\KB976325-IE8\ie4uinit.exe + 2009-01-26 19:24 . 2009-10-20 14:58 263552 c:\windows\Driver Cache\i386\http.sys + 2009-12-11 22:44 . 2009-12-11 22:44 117144 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 1979-12-31 23:00 . 2009-10-29 07:44 1208832 c:\windows\system32\urlmon.dll - 1979-12-31 23:00 . 2009-08-29 08:00 1208832 c:\windows\system32\urlmon.dll + 1979-12-31 23:00 . 2009-10-29 07:44 5940736 c:\windows\system32\mshtml.dll + 2007-08-13 17:34 . 2009-10-29 07:44 1985536 c:\windows\system32\iertutil.dll - 2007-08-13 17:34 . 2009-08-29 08:00 1985536 c:\windows\system32\iertutil.dll - 1980-01-01 01:00 . 2009-08-29 08:00 1208832 c:\windows\system32\dllcache\urlmon.dll + 1980-01-01 01:00 . 2009-10-29 07:44 1208832 c:\windows\system32\dllcache\urlmon.dll + 1979-12-31 23:00 . 2009-10-29 07:44 5940736 c:\windows\system32\dllcache\mshtml.dll + 2008-07-28 18:05 . 2009-10-29 07:44 1985536 c:\windows\system32\dllcache\iertutil.dll - 2008-07-28 18:05 . 2009-08-29 08:00 1985536 c:\windows\system32\dllcache\iertutil.dll + 2009-11-20 22:36 . 2009-11-20 22:36 5002752 c:\windows\Installer\99442.msp + 2009-10-16 06:09 . 2009-10-16 06:09 2518016 c:\windows\Installer\9942b.msp - 2009-03-22 15:54 . 2009-12-02 20:56 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-22 15:54 . 2009-12-11 22:44 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-22 15:54 . 2009-12-11 22:44 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-03-22 15:54 . 2009-12-02 20:56 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2009-03-06 03:26 . 2009-03-06 03:26 5291376 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\IPEDITOR.DLL + 2009-12-11 22:45 . 2009-08-29 08:00 1208832 c:\windows\ie8updates\KB976325-IE8\urlmon.dll + 2009-12-11 22:45 . 2009-10-22 09:18 5939712 c:\windows\ie8updates\KB976325-IE8\mshtml.dll + 2009-12-11 22:45 . 2009-08-29 08:00 1985536 c:\windows\ie8updates\KB976325-IE8\iertutil.dll + 2005-05-11 15:21 . 2009-12-01 20:06 25966024 c:\windows\system32\MRT.exe + 2007-08-13 17:54 . 2009-10-29 07:44 11069952 c:\windows\system32\ieframe.dll + 2008-07-28 18:05 . 2009-10-29 07:44 11069952 c:\windows\system32\dllcache\ieframe.dll + 2009-12-11 22:45 . 2009-08-29 08:00 11069440 c:\windows\ie8updates\KB976325-IE8\ieframe.dll . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-08 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-11 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-13 4141056] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-07-13 880640] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-12-03 88358] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\NTVDM.EXE"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [18-9-2004 2:33 140288] S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [2-1-2003 22:53 2343] S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [1-6-2005 23:05 31872] . Inhoud van de 'Gedeelde Taken' map 2009-12-14 c:\windows\Tasks\WebReg Photosmart D7100 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 15:45] 2009-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - Sign In IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?26f8779d6d994923a13d02e228989712 IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?26f8779d6d994923a13d02e228989712 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-mnu - c:\program files\Wanadoo\NL\Mnu\igomnu.exe HKLM-Run-mnu - c:\program files\Wanadoo\NL\Mnu\igomnu.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-17 23:00 Windows 5.1.2600 Service Pack 2 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(3376) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-12-17 23:02 ComboFix-quarantined-files.txt 2009-12-17 22:02 ComboFix2.txt 2009-12-03 22:17 ComboFix3.txt 2009-12-02 18:46 Pre-Run: 9.641.541.632 bytes beschikbaar Post-Run: 10.003.202.048 bytes beschikbaar - - End Of File - - FD6A60A03A572E2685FB7EC855C24BF8

Kan helaas de opgegeven adressen niet vinden in hijack. Wat moet ik doen? Gr Andor ---------- Post toegevoegd om 22:28 ---------- Vorige post was om 22:26 ---------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:27:29, on 17-12-2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Home R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [mnu] C:\Program Files\Wanadoo\NL\Mnu\igomnu.exe /S:T O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [mnu] C:\Program Files\Wanadoo\NL\Mnu\igomnu.exe /S:T O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?26f8779d6d994923a13d02e228989712 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?26f8779d6d994923a13d02e228989712 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.versatel.nl/ O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 8174 bytes

Kape, Volgens mij wel ja. Alleen de antivirus dan hé van wanadoo. Niet de livebox. Anders ben ik mijn verbinding kwijt. Gr Andor

Kape, Het gaat niet lukken... onder wanadoo staat niets vreemds voor de zekerheid heb ik een onderdeel verwijdert dat sinds 2006 niet is gebruikt. Maar kan je helpen... Gr andor

Hey kape, Hij is zeker weer een stuk sneller.... echt top!! Alleen het probleem met het anti-virus programma lukt het niet. Het het met de zoek methode gedaan alleen zonder resultaat. Tips? het is idd waarschijnlijk de versie van wanadoo. Groetjes Andor

Hi Kape, Alle handelingen zijn uitgevoerd. En volgens mij gaat het al een stuk sneller. Zeker weten....Yes!! Echter heb ik een probleem met antivirus. Ik had via orange een veiligheidspakket, aangezien orange, online is geworden. Heb ik mijn veiligheidspakket opnieuw moeten installeren. Echter mijn nieuwe pakket krijg ik niet geinstalleert omdat er een ander antivirusprogramma, sophos, actief is. Echter kan ik dit programma niet vinden in mijn softwarelijst. Kan jij mij helpen... Andor ---------- Post toegevoegd om 00:06 ---------- Vorige post was om 00:05 ---------- Ben blij met de hulp.... Ik merk nu zeker verbetering. Het gaat allemaal al een stuk sneller.... Andor

Beste Kape, Hieronder het enige tekstblokje wat staat opgeslagen, ik heb me aan de instructies gehouden, alleen is de tekst niet sumier? C:\System Volume Information\_restore{F8EE0AB4-1BD9-4213-9E30-87B5C680D80B}\RP419Trojan.Click.originNiet repareerbaar.Verplaatst. De tekst staat in een zin achter elkaar. Heb je hier iets aan? Trojan klinkt als niet goed.. Anderzijds heb ik het programma sophos als antivirus programma. Ik wil deze verwijderen maar staat niet in mijn softwarelijst. Hoe pakken we dit op? Gr Andor

Oke ik laat hem lopen... maar dat duurd zeker tot na middennacht....dus vanavond ga niks meer van mij horen... Gr ANDOR

Op mijn bureaublad komt na het downloaden via jouw link, launch.exe te staan. Als ik deze open krijg ik het groene start scherm te zien met update en start. Maar geen instellingen. Klopt dit?

Hi Kape... Sorry voor de radiostilte. Ik heb de mexicaanse griep gehad en onwijs beroerd geweest. Maar ik ben weer wat herstellende. Kan je me vertellen waar de scan wordt opgeslagen van Dr.webcure it. Ik heb deze gedraait alleen duurde dit echt lang... Maar anderzijds kan ik de opgegeven instellingen niet veranderen omdat het programma automatisch opstart bij openen. Groet Andor

Beste Kape, Het gaat idd al een stuk sneller. xD Maar... nog steeds niet zo snel als eerst. Het duurd nu ongeveer 1,5 min. om IE te openen. Verder merk ik dat alles een stuk sneller draait. Maar "vroeger" opende IE vrijwel direct na opstarten. Dit is nog niet het geval. Sorry voor de late reactie. Maar het zijn drukke dagen met sinterklaas en werk. Maar tot dusver erg tevreden over de resultaten. Gr Andor

Hi Kape bedankt voor je hulp. Heb vandaag een lange werkdag gehad en heb niet eerder kunnen reageren. Maar bedankt voor je ondersteuning. Gr ANdor ---------- Post toegevoegd om 23:37 ---------- Vorige post was om 23:33 ---------- Bij deze het combifix log: ComboFix 09-12-02.08 - Andor van der Poel 03-12-2009 21:43.3.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.511.176 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andor van der Poel\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Andor van der Poel\Bureaublad\CFScript.txt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_mailKmd (((((((((((((((((((( Bestanden Gemaakt van 2009-11-03 to 2009-12-03 )))))))))))))))))))))))))))))) . 2009-12-02 09:48 . 2009-12-02 09:48 -------- d-----w- c:\program files\Trend Micro 2009-12-02 08:41 . 2009-12-02 08:41 -------- d--h--r- c:\documents and settings\Andor van der Poel\Onlangs geopend 2009-11-30 18:05 . 2009-11-30 18:05 -------- d-----w- c:\documents and settings\Andor van der Poel\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-30 17:53 . 2009-11-30 17:53 -------- d-----w- c:\program files\CCleaner 2009-11-12 16:18 . 2009-11-12 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-11-12 15:46 . 2009-11-12 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-11-05 16:15 . 2009-11-05 16:16 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-11-04 22:38 . 2009-11-04 22:38 -------- d--h--w- c:\windows\ie8 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-12 20:43 . 1979-12-31 23:00 93152 ----a-w- c:\windows\system32\perfc013.dat 2009-11-12 20:43 . 1979-12-31 23:00 514550 ----a-w- c:\windows\system32\perfh013.dat 2009-09-17 22:05 . 2009-09-17 22:05 81920 ----a-w- c:\documents and settings\Andor van der Poel\Application Data\Real\Update\temp\~Upg0\install.dll 2009-09-11 15:37 . 2009-01-26 19:22 133632 ----a-w- c:\windows\system32\msv1_0.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-02_18.19.39 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-03 22:12 . 2009-12-03 22:12 16384 c:\windows\Temp\Perflib_Perfdata_144.dat + 2007-01-29 08:58 . 2009-10-28 15:07 46080 c:\windows\system32\tzchange.exe - 2007-01-29 08:58 . 2009-07-14 12:03 46080 c:\windows\system32\tzchange.exe + 2009-03-12 21:55 . 2008-11-10 10:41 67472 c:\windows\system32\spool\drivers\w32x86\msonpui.dll + 2009-03-12 21:55 . 2008-11-10 10:41 67472 c:\windows\system32\spool\drivers\w32x86\3\msonpui.dll + 2009-03-12 21:56 . 2008-11-10 10:41 32656 c:\windows\system32\msonpmon.dll + 2009-06-24 18:56 . 2009-06-24 18:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe - 2007-04-13 19:58 . 2007-04-13 19:58 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2008-05-27 23:49 . 2008-05-27 23:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2008-05-27 23:49 . 2008-05-27 23:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2007-04-13 19:57 . 2007-04-13 19:57 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2007-04-13 19:57 . 2007-04-13 19:57 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2008-05-27 23:49 . 2008-05-27 23:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2008-05-28 00:30 . 2008-05-28 00:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2007-04-13 20:30 . 2007-04-13 20:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2009-12-02 20:25 . 2009-12-02 20:25 32768 c:\windows\Installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}\icon.exe - 2009-03-22 15:54 . 2009-11-12 20:08 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-03-22 15:54 . 2009-11-12 20:08 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe - 2009-03-22 15:54 . 2009-11-12 20:08 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2009-12-02 21:05 . 2009-12-02 21:05 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe - 2009-11-12 19:51 . 2009-11-12 19:51 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2006-07-24 09:50 . 2006-07-24 09:50 47920 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\VBAME.DLL + 2006-07-24 09:50 . 2006-07-24 09:50 92976 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSADDNDR.DLL + 2009-03-12 21:52 . 2009-03-12 21:52 12096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WORDPOL.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 12080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBIDEPOL.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 64288 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\VBIDEPIA.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 15672 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SMARTTAGINSTALL.EXE + 2006-10-26 18:49 . 2006-10-26 18:49 34104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SETLANG.EXE + 2006-10-26 19:12 . 2006-10-26 19:12 40424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\REFIEBAR.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 12112 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPTPOL.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 46936 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OSETUPPS.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 18760 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OPHPROXY.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 16728 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OMUOPTINPS.DLL + 2006-10-26 19:00 . 2006-10-26 19:00 23392 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OISCTRL.DLL + 2006-10-27 14:11 . 2006-10-27 14:11 54680 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFRHD.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 11544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFICEPL.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 12104 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTAGPOL.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 20280 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTAGPIA.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 43832 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSSH.DLL + 2006-10-27 14:26 . 2006-10-27 14:26 35152 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOSTYLE.DLL + 2006-10-26 18:56 . 2006-10-26 18:56 67408 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPUI.DLL + 2006-10-26 18:56 . 2006-10-26 18:56 32592 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPMON.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 66368 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOMSE.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 67896 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHTMED.EXE + 2006-10-27 14:01 . 2006-10-27 14:01 76088 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSOHEV.DLL + 2006-10-26 18:59 . 2006-10-26 18:59 19768 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSMH.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 48424 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSE7.EXE + 2006-10-26 19:12 . 2006-10-26 19:12 89400 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\METCONV.DLL + 2006-10-26 20:41 . 2006-10-26 20:41 66368 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\INLAUNCH.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 12096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPHPOL.DLL + 2009-03-12 21:49 . 2009-03-12 21:49 12096 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXCELPOL.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 53576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\AUTHZAX.DLL + 2006-10-26 20:18 . 2006-10-26 20:18 94016 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ACCOLK.DLL + 2009-12-02 20:29 . 2009-12-02 20:29 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fa9f0424\System.Drawing.Design.dll + 2009-12-02 20:29 . 2009-12-02 20:29 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c32a0df2\CustomMarshalers.dll + 2009-12-02 20:50 . 2009-12-02 20:50 10576 c:\windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll + 2009-12-02 20:50 . 2009-12-02 20:50 11112 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll + 2009-12-02 20:52 . 2009-12-02 20:52 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll + 2009-12-02 20:50 . 2009-12-02 20:50 11136 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll + 2009-12-02 20:55 . 2009-12-02 20:55 11152 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll + 2009-12-02 20:50 . 2009-12-02 20:50 11128 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll + 2009-12-02 20:52 . 2009-12-02 20:52 11144 c:\windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll + 2009-12-02 20:50 . 2009-12-02 20:50 63336 c:\windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll + 2009-12-02 20:50 . 2009-12-02 20:50 19320 c:\windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll + 2009-03-12 21:55 . 2008-11-10 10:41 864144 c:\windows\system32\spool\drivers\w32x86\msonpdrv.dll + 2009-03-12 21:55 . 2008-11-10 10:41 864144 c:\windows\system32\spool\drivers\w32x86\3\msonpdrv.dll - 2004-09-14 17:52 . 2009-11-14 20:53 341832 c:\windows\system32\FNTCACHE.DAT + 2004-09-14 17:52 . 2009-12-03 19:59 341832 c:\windows\system32\FNTCACHE.DAT - 2007-04-13 19:58 . 2007-04-13 19:58 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2008-05-27 23:49 . 2008-05-27 23:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll + 2008-05-27 23:48 . 2008-05-27 23:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll - 2007-04-13 19:56 . 2007-04-13 19:56 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2008-05-28 00:30 . 2008-05-28 00:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - 2007-04-13 20:30 . 2007-04-13 20:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2009-12-02 21:05 . 2009-12-02 21:05 969728 c:\windows\Installer\1325de7.msi + 2009-12-02 20:25 . 2009-12-02 20:25 429568 c:\windows\Installer\1325bf2.msi + 2009-12-02 20:34 . 2009-12-02 20:34 217864 c:\windows\Installer\{90120000-006E-0413-0000-0000000FF1CE}\misc.exe - 2009-03-25 08:23 . 2009-03-25 08:23 217864 c:\windows\Installer\{90120000-006E-0413-0000-0000000FF1CE}\misc.exe - 2009-03-22 15:54 . 2009-11-12 20:08 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-03-22 15:54 . 2009-11-12 20:08 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2009-03-22 15:54 . 2009-11-12 20:08 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2009-03-22 15:54 . 2009-12-02 20:56 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2009-03-22 15:54 . 2009-11-12 20:08 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2009-03-22 15:54 . 2009-11-12 20:08 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2009-03-22 15:54 . 2009-12-02 20:56 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2009-03-22 15:54 . 2009-11-12 20:08 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2009-03-22 15:54 . 2009-12-02 20:56 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2009-03-22 15:54 . 2009-11-12 20:08 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2007-06-07 18:51 . 2007-06-07 18:51 125320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\SSGEN.DLL + 2007-06-07 18:51 . 2007-06-07 18:51 465800 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\OUTLFLTR.DLL + 2000-05-23 21:45 . 2000-05-23 21:45 118784 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.6425\MSSTDFMT.DLL + 2006-10-26 19:49 . 2006-10-26 19:49 509200 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\WRD12CVR.DLL + 2006-10-26 20:07 . 2006-10-26 20:07 368968 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\PPSLAX.DLL + 2006-10-20 07:37 . 2006-10-20 07:37 637744 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OGALEGIT.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 416544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OFFICE.DLL + 2006-10-26 18:55 . 2006-10-26 18:55 145688 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSTORE.EXE + 2006-10-26 13:47 . 2006-10-26 13:47 727840 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSPROOF6.DLL + 2006-10-26 18:56 . 2006-10-26 18:56 864080 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSONPDRV.DLL + 2006-10-26 12:58 . 2006-10-26 12:58 290576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MSCDM.DLL + 2006-10-26 18:52 . 2006-10-26 18:52 460616 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MODHELP.DLL + 2006-10-26 19:00 . 2006-10-26 19:00 178488 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\IETAG.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 150320 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\GRAPHPIA.DLL + 2006-10-26 19:12 . 2006-10-26 19:12 106824 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DSSM.EXE + 2009-04-03 16:57 . 2009-04-03 16:57 509256 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\WRD12CVR.DLL + 2009-12-02 20:31 . 2009-12-02 20:31 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_94cecf17\System.Drawing.dll + 2009-12-02 20:32 . 2009-12-02 20:32 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b646a1f5\System.Drawing.Design.dll + 2009-12-02 20:32 . 2009-12-02 20:32 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c630e6dd\CustomMarshalers.dll + 2009-12-02 20:52 . 2009-12-02 20:52 609160 c:\windows\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll + 2009-12-02 20:52 . 2009-12-02 20:52 118176 c:\windows\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll + 2009-12-02 20:50 . 2009-12-02 20:50 423784 c:\windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL + 2009-12-02 20:52 . 2009-12-02 20:52 870256 c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll + 2009-12-02 20:49 . 2009-12-02 20:50 149352 c:\windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll + 2009-07-20 23:03 . 2009-07-20 23:03 1348432 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9876.0_x-ww_a621d1d5\msxml4.dll + 2009-08-19 16:07 . 2009-08-19 16:07 1415000 c:\windows\system32\msxml6.dll + 2009-07-20 23:05 . 2009-07-20 23:05 1348432 c:\windows\system32\msxml4.dll + 1979-12-31 23:00 . 2009-07-31 05:00 1172480 c:\windows\system32\msxml3.dll + 1979-12-31 23:00 . 2009-07-31 05:00 1172480 c:\windows\system32\dllcache\msxml3.dll - 2007-04-13 20:35 . 2007-04-13 20:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll + 2008-05-28 00:35 . 2008-05-28 00:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2007-04-13 20:35 . 2007-04-13 20:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2008-05-28 00:35 . 2008-05-28 00:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2008-05-27 23:48 . 2008-05-27 23:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2007-04-13 19:57 . 2007-04-13 19:57 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2007-04-13 19:57 . 2007-04-13 19:57 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2008-05-27 23:48 . 2008-05-27 23:48 2523136 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2007-04-13 19:50 . 2007-04-13 19:50 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2008-05-27 23:43 . 2008-05-27 23:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2009-04-04 08:06 . 2009-04-04 08:06 4443136 c:\windows\Installer\1325dc7.msp + 2009-04-04 16:10 . 2009-04-04 16:10 1282560 c:\windows\Installer\1325dbf.msp + 2009-04-04 16:10 . 2009-04-04 16:10 9926144 c:\windows\Installer\1325db7.msp - 2009-03-22 15:54 . 2009-11-12 20:08 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-22 15:54 . 2009-12-02 20:56 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-22 15:54 . 2009-12-02 20:56 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe - 2009-03-22 15:54 . 2009-11-12 20:08 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2006-10-26 13:47 . 2006-10-26 13:47 1512304 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\NLSD0000.DLL + 2009-03-12 21:51 . 2009-03-12 21:51 1276720 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EXCELPIA.DLL + 2009-04-03 17:21 . 2009-04-03 17:21 8543096 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\OARTCONV.DLL + 2009-12-02 20:29 . 2009-12-02 20:29 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_59bff38b\System.dll + 2009-12-02 20:32 . 2009-12-02 20:32 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_441a8c34\System.dll + 2009-12-02 20:30 . 2009-12-02 20:30 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_9fb2d143\System.Xml.dll + 2009-12-02 20:33 . 2009-12-02 20:33 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3421d79c\System.Xml.dll + 2009-12-02 20:30 . 2009-12-02 20:30 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_2d54ce7c\System.Windows.Forms.dll + 2009-12-02 20:32 . 2009-12-02 20:32 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_2ab25be5\System.Windows.Forms.dll + 2009-12-02 20:33 . 2009-12-02 20:33 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_85cf5c86\System.Drawing.dll + 2009-12-02 20:33 . 2009-12-02 20:33 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_f7834a2b\System.Design.dll + 2009-12-02 20:31 . 2009-12-02 20:31 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9fa77010\System.Design.dll + 2009-12-02 20:33 . 2009-12-02 20:33 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_70fa8d78\mscorlib.dll + 2009-12-02 20:31 . 2009-12-02 20:31 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_5d333963\mscorlib.dll + 2009-12-02 20:28 . 2009-12-02 20:28 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - 2007-12-05 22:06 . 2007-12-05 22:06 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - 2009-11-04 23:18 . 2009-11-04 23:18 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2009-12-02 20:28 . 2009-12-02 20:28 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2009-12-02 20:52 . 2009-12-02 20:52 1279848 c:\windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll + 2009-08-10 20:08 . 2009-08-10 20:08 11315712 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp + 2009-04-04 06:35 . 2009-04-04 06:35 38325760 c:\windows\Installer\1325ddf.msp + 2009-04-04 16:09 . 2009-04-04 16:09 10874880 c:\windows\Installer\1325dac.msp + 2009-04-04 08:05 . 2009-04-04 08:05 19899904 c:\windows\Installer\1325c2c.msp + 2009-04-04 08:04 . 2009-04-04 08:04 13961728 c:\windows\Installer\1325c1d.msp + 2009-08-10 13:09 . 2009-08-10 13:09 17254912 c:\windows\Installer\1325c09.msp + 2009-04-03 17:46 . 2009-04-03 17:46 17314688 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6425\MSO.DLL + 2009-04-04 16:08 . 2009-04-04 16:08 343058432 c:\windows\Installer\1325da1.msp . -- Snapshot teruggezet naar huidige datum -- . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mnu"="c:\program files\Wanadoo\NL\Mnu\igomnu.exe" [2005-02-15 430328] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-08 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960] "mnu"="c:\program files\Wanadoo\NL\Mnu\igomnu.exe" [2005-02-15 430328] "Preventon RealTime Antivirus"="c:\program files\Wanadoo\AntiVirus\AVRealTime.exe" [2005-10-13 923648] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-11 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-13 4141056] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-07-13 880640] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-12-03 88358] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\NTVDM.EXE"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [18-9-2004 2:33 140288] S3 InterCheck Control;InterCheck Control;c:\program files\Wanadoo\AntiVirus\ICNTDRV5.SYS [5-8-2005 13:53 68592] S3 InterCheck Filter;InterCheck Filter;c:\program files\Wanadoo\AntiVirus\ICNTFLT5.SYS [5-8-2005 13:53 16080] S3 InterCheck Support 01;InterCheck Support 01;c:\program files\Wanadoo\AntiVirus\ICNTST01.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 02;InterCheck Support 02;c:\program files\Wanadoo\AntiVirus\ICNTST02.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 03;InterCheck Support 03;c:\program files\Wanadoo\AntiVirus\ICNTST03.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 04;InterCheck Support 04;c:\program files\Wanadoo\AntiVirus\ICNTST04.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 05;InterCheck Support 05;c:\program files\Wanadoo\AntiVirus\ICNTST05.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 06;InterCheck Support 06;c:\program files\Wanadoo\AntiVirus\ICNTST06.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 07;InterCheck Support 07;c:\program files\Wanadoo\AntiVirus\ICNTST07.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 08;InterCheck Support 08;c:\program files\Wanadoo\AntiVirus\ICNTST08.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 09;InterCheck Support 09;c:\program files\Wanadoo\AntiVirus\ICNTST09.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 10;InterCheck Support 10;c:\program files\Wanadoo\AntiVirus\ICNTST10.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 11;InterCheck Support 11;c:\program files\Wanadoo\AntiVirus\ICNTST11.SYS [5-8-2005 13:53 5232] S3 InterCheck Support 12;InterCheck Support 12;c:\program files\Wanadoo\AntiVirus\ICNTST12.SYS [5-8-2005 13:53 5232] S3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [2-1-2003 22:53 2343] S3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\drivers\OVCE.sys [1-6-2005 23:05 31872] . Inhoud van de 'Gedeelde Taken' map 2009-11-30 c:\windows\Tasks\WebReg Photosmart D7100 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 15:45] 2009-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - Sign In IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?26f8779d6d994923a13d02e228989712 IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?26f8779d6d994923a13d02e228989712 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-03 23:13 Windows 5.1.2600 Service Pack 2 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2176) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\wscntfy.exe c:\program files\Wanadoo\AntiVirus\sweepsrv.sys . ************************************************************************** . Voltooingstijd: 2009-12-03 23:17 - machine werd herstart ComboFix-quarantined-files.txt 2009-12-03 22:17 ComboFix2.txt 2009-12-02 18:46 Pre-Run: 8.683.765.760 bytes beschikbaar Post-Run: 8.679.211.008 bytes beschikbaar - - End Of File - - A9F8EDC0CB033EF2D9C9B98A4B4A3050 en het hijackthislog: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:35:22, on 3-12-2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Wanadoo\AntiVirus\AVRealTime.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Wanadoo\NL\Mnu\igomnu.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Wanadoo\AntiVirus\sweepsrv.sys C:\WINDOWS\system32\notepad.exe C:\Program Files\Outlook Express\msimn.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Home R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [mnu] C:\Program Files\Wanadoo\NL\Mnu\igomnu.exe /S:T O4 - HKLM\..\Run: [Preventon RealTime Antivirus] C:\Program Files\Wanadoo\AntiVirus\AVRealTime.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [mnu] C:\Program Files\Wanadoo\NL\Mnu\igomnu.exe /S:T O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - Sign In O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?26f8779d6d994923a13d02e228989712 O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?26f8779d6d994923a13d02e228989712 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.versatel.nl/ O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: sweepsrv.sys - Sophos Plc - C:\Program Files\Wanadoo\AntiVirus\sweepsrv.sys -- End of file - 8751 bytes Bij deze.... ik hoor je wel weer. Het antwoord kan wel wat langer duren ivm werk en morgenmiddag en avond sinterklaasfeest. Dus bij voorbaat excuses voor de late reactie!!

Hallo... Duurde even. Sorry! Maar moest naar voetbaltraining met mijn zoon. Daarna eten en nu de PC. Hieronder vindt je het logje: ComboFix 09-12-02.03 - Andor van der Poel 02-12-2009 17:53.2.1 - FAT32x86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.31.1043.18.511.192 [GMT 1:00] Gestart vanuit: c:\documents and settings\Andor van der Poel\Bureaublad\ComboFix.exe . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . c:\windows\system32\_004277_.tmp.dll c:\windows\system32\_004278_.tmp.dll c:\windows\system32\_004279_.tmp.dll c:\windows\system32\_004280_.tmp.dll c:\windows\system32\_004287_.tmp.dll c:\windows\system32\_004288_.tmp.dll c:\windows\system32\_004289_.tmp.dll c:\windows\system32\_004290_.tmp.dll c:\windows\system32\_004292_.tmp.dll c:\windows\system32\_004293_.tmp.dll c:\windows\system32\_004296_.tmp.dll c:\windows\system32\_004297_.tmp.dll c:\windows\system32\_004298_.tmp.dll c:\windows\system32\_004299_.tmp.dll c:\windows\system32\_004300_.tmp.dll c:\windows\system32\_004301_.tmp.dll c:\windows\system32\_004302_.tmp.dll c:\windows\system32\_004303_.tmp.dll c:\windows\system32\_004304_.tmp.dll c:\windows\system32\_004305_.tmp.dll c:\windows\system32\_004306_.tmp.dll c:\windows\system32\_004307_.tmp.dll c:\windows\system32\_004311_.tmp.dll c:\windows\system32\_004312_.tmp.dll c:\windows\system32\_004314_.tmp.dll c:\windows\system32\_004317_.tmp.dll c:\windows\system32\_004318_.tmp.dll c:\windows\system32\_004319_.tmp.dll c:\windows\system32\_004320_.tmp.dll c:\windows\system32\_004321_.tmp.dll c:\windows\system32\_004322_.tmp.dll c:\windows\system32\_004323_.tmp.dll c:\windows\system32\_004324_.tmp.dll c:\windows\system32\_004325_.tmp.dll c:\windows\system32\_004326_.tmp.dll c:\windows\system32\_004327_.tmp.dll c:\windows\system32\_004328_.tmp.dll c:\windows\system32\_004329_.tmp.dll c:\windows\system32\_004330_.tmp.dll c:\windows\system32\_004332_.tmp.dll c:\windows\system32\_004333_.tmp.dll c:\windows\system32\_004335_.tmp.dll c:\windows\system32\_004337_.tmp.dll c:\windows\system32\_004338_.tmp.dll c:\windows\system32\_004339_.tmp.dll c:\windows\system32\_004341_.tmp.dll c:\windows\system32\_004342_.tmp.dll c:\windows\system32\_004343_.tmp.dll c:\windows\system32\_004345_.tmp.dll c:\windows\system32\_004348_.tmp.dll c:\windows\system32\_004349_.tmp.dll c:\windows\system32\_004353_.tmp.dll c:\windows\system32\_004354_.tmp.dll c:\windows\system32\_004356_.tmp.dll c:\windows\system32\_004359_.tmp.dll c:\windows\system32\_004361_.tmp.dll c:\windows\system32\_004362_.tmp.dll c:\windows\system32\_004363_.tmp.dll c:\windows\system32\_004364_.tmp.dll c:\windows\system32\_004367_.tmp.dll c:\windows\system32\_004368_.tmp.dll c:\windows\system32\_004369_.tmp.dll c:\windows\system32\_004370_.tmp.dll c:\windows\system32\_004371_.tmp.dll c:\windows\system32\_004376_.tmp.dll c:\windows\system32\_004378_.tmp.dll . (((((((((((((((((((( Bestanden Gemaakt van 2009-11-02 to 2009-12-02 )))))))))))))))))))))))))))))) . 2009-12-02 09:48 . 2009-12-02 09:48 -------- d-----w- c:\program files\Trend Micro 2009-12-02 08:41 . 2009-12-02 08:41 -------- d--h--r- c:\documents and settings\Andor van der Poel\Onlangs geopend 2009-11-30 18:05 . 2009-11-30 18:05 -------- d-----w- c:\documents and settings\Andor van der Poel\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-11-30 18:04 . 2009-09-10 13:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-30 18:04 . 2009-11-30 18:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-11-30 17:53 . 2009-11-30 17:53 -------- d-----w- c:\program files\CCleaner 2009-11-12 16:18 . 2009-11-12 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings 2009-11-12 15:47 . 2009-11-12 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2009-11-12 15:46 . 2009-11-12 15:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2009-11-05 16:15 . 2009-11-05 16:16 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-11-04 22:38 . 2009-11-04 22:38 -------- d--h--w- c:\windows\ie8 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-12 20:43 . 1979-12-31 23:00 93152 ----a-w- c:\windows\system32\perfc013.dat 2009-11-12 20:43 . 1979-12-31 23:00 514550 ----a-w- c:\windows\system32\perfh013.dat 2009-09-17 22:05 . 2009-09-17 22:05 81920 ----a-w- c:\documents and settings\Andor van der Poel\Application Data\Real\Update\temp\~Upg0\install.dll 2009-09-11 15:37 . 2009-01-26 19:22 133632 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:47 . 1979-12-31 23:00 58880 ----a-w- c:\windows\system32\msasn1.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mnu"="c:\program files\Wanadoo\NL\Mnu\igomnu.exe" [2005-02-15 430328] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-08 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960] "mnu"="c:\program files\Wanadoo\NL\Mnu\igomnu.exe" [2005-02-15 430328] "Preventon RealTime Antivirus"="c:\program files\Wanadoo\AntiVirus\AVRealTime.exe" [2005-10-13 923648] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-11 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-13 4141056] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-07-13 880640] "AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2004-12-03 88358] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\System32\\NTVDM.EXE"= "c:\\Program Files\\Messenger\\MSMSGS.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\groove.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 mailKmd;mailKmd; [x] R3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.sys [2000-12-19 2343] R3 QCEmerald;Logitech QuickCam Web;c:\windows\system32\DRIVERS\OVCE.sys [2001-08-17 31872] S3 InterCheck Control;InterCheck Control;c:\program files\Wanadoo\AntiVirus\icntdrv5.sys [2007-02-05 68592] S3 InterCheck Filter;InterCheck Filter;c:\program files\Wanadoo\AntiVirus\icntflt5.sys [2007-02-05 16080] S3 InterCheck Support 01;InterCheck Support 01;c:\program files\Wanadoo\AntiVirus\icntst01.sys [2007-02-05 5232] S3 InterCheck Support 02;InterCheck Support 02;c:\program files\Wanadoo\AntiVirus\icntst02.sys [2007-02-05 5232] S3 InterCheck Support 03;InterCheck Support 03;c:\program files\Wanadoo\AntiVirus\icntst03.sys [2007-02-05 5232] S3 InterCheck Support 04;InterCheck Support 04;c:\program files\Wanadoo\AntiVirus\icntst04.sys [2007-02-05 5232] S3 InterCheck Support 05;InterCheck Support 05;c:\program files\Wanadoo\AntiVirus\icntst05.sys [2007-02-05 5232] S3 InterCheck Support 06;InterCheck Support 06;c:\program files\Wanadoo\AntiVirus\icntst06.sys [2007-02-05 5232] S3 InterCheck Support 07;InterCheck Support 07;c:\program files\Wanadoo\AntiVirus\icntst07.sys [2007-02-05 5232] S3 InterCheck Support 08;InterCheck Support 08;c:\program files\Wanadoo\AntiVirus\icntst08.sys [2007-02-05 5232] S3 InterCheck Support 09;InterCheck Support 09;c:\program files\Wanadoo\AntiVirus\icntst09.sys [2007-02-05 5232] S3 InterCheck Support 10;InterCheck Support 10;c:\program files\Wanadoo\AntiVirus\icntst10.sys [2007-02-05 5232] S3 InterCheck Support 11;InterCheck Support 11;c:\program files\Wanadoo\AntiVirus\icntst11.sys [2007-02-05 5232] S3 InterCheck Support 12;InterCheck Support 12;c:\program files\Wanadoo\AntiVirus\icntst12.sys [2007-02-05 5232] S3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\DRIVERS\i2220ntx.sys [2004-03-29 140288] . Inhoud van de 'Gedeelde Taken' map 2009-11-30 c:\windows\Tasks\WebReg Photosmart D7100 series.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2006-02-19 15:45] 2009-11-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:57] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.nu.nl/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Windows &Live Favorites - Sign In IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?26f8779d6d994923a13d02e228989712 IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?26f8779d6d994923a13d02e228989712 DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab . - - - - ORPHANS VERWIJDERD - - - - WebBrowser-{AB8DC1E0-22BE-4181-B77E-02C495E031F8} - c:\program files\HyvesToolbar\Hyves Toolbar\tbcore3.dll Notify-WgaLogon - (no file) AddRemove-DialMessenger_is1 - c:\program files\Weflirt/uninstall.exe AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe AddRemove-NVIDIA Drivers - c:\windows\system32\nvudisp.exe UninstallGUI AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-12-02 19:17 Windows 5.1.2600 Service Pack 2 FAT NTAPI scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(2648) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2009-12-02 19:46 ComboFix-quarantined-files.txt 2009-12-02 18:44 Pre-Run: 9.827.434.496 bytes beschikbaar Post-Run: 9.795.731.456 bytes beschikbaar - - End Of File - - 20B2511673E6257D784584A7D8323380 Hoop dat het gaat lukken!! In IE gaat het al een stuk sneller. Maar het opstarten van IE nog moeizaam. Ik hoor het wel.

hi, opstarten zelf gaat al beter. Echter IE blijft lang duren. Gaat wel iets beter maar niet veel sneller. Ook werkt mijn rechtermuisknop niet zoals zou moeten. Wat ook gebeurt is dat wanneer IE opstart hij opent naar een pagina www.awesomepage.com ipv nu.nl Ik krijg dit niet veranderd. IE start wel iets sneller, maar absoluut niet zoals vroeger.