internet start traag en sommige websites blijven hangen en blokkeren

hallo

de tittel zegt het al,

ik heb ALLE tips voor snelle pc geprobeerd maar helaas zonder resultaat

dit probleem heb ik al maanden lang

kan iemand helpen?

alvast hartelijk bedankt

hier alvast mijn hijackthis log

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:00:31, on 17/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate1c9a42c2425e7b0) (gupdate1c9a42c2425e7b0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--

End of file - 3463 bytes

hier heb ik ook nog een ComboFix 09 logje

ComboFix 09-03-15.01 - Hoofdgebruiker 2009-03-17 1:35:30.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1256.212.1043.18.2047.1510 [GMT 1:00]

Running from: c:\documents and settings\Hoofdgebruiker\Mijn documenten\Downloads\ComboFix.exe

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

((((((((((((((((((((((((( Files Created from 2009-02-17 to 2009-03-17 )))))))))))))))))))))))))))))))

.

2009-03-17 01:22 . 2009-03-17 01:22 <DIR> d-------- c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

2009-03-17 01:22 . 2009-03-17 01:22 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard

2009-03-17 01:17 . 2009-03-17 01:17 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}

2009-03-16 21:56 . 2009-03-16 21:56 <DIR> d-------- c:\program files\Java

2009-03-16 21:56 . 2009-03-16 21:56 73,728 --a------ c:\windows\system32\javacpl.cpl

2009-03-16 20:57 . 2009-03-16 20:57 <DIR> d-------- c:\program files\Common Files\xing shared

2009-03-16 08:53 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\ieencode.dll

2009-03-16 08:53 . 2007-08-13 18:45 78,336 --a--c--- c:\windows\system32\dllcache\ieencode.dll

2009-03-15 02:21 . 2009-02-06 18:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys

2009-03-15 02:17 . 2009-03-15 02:17 <DIR> d-------- c:\program files\Windows Live SkyDrive

2009-03-15 02:07 . 2009-03-15 02:20 <DIR> d-------- c:\program files\Windows Live Toolbar

2009-03-15 02:07 . 2009-03-15 02:07 <DIR> d-------- c:\program files\Windows Live Favorites

2009-03-15 01:57 . 2009-03-15 01:57 <DIR> d-------- c:\program files\Windows Installer Clean Up

2009-03-15 01:52 . 2009-03-15 01:52 <DIR> d-------- c:\program files\CCleaner

2009-03-15 01:22 . 2008-10-16 02:02 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll

2009-03-14 23:09 . 2009-03-14 23:09 <DIR> d-------- c:\program files\Common Files\Windows Live

2009-03-14 22:07 . 2009-03-14 22:09 <DIR> d--h----- C:\$AVG8.VAULT$

2009-03-14 14:00 . 2009-03-14 17:08 3,803,168 --ahs---- c:\windows\system32\drivers\fidbox.dat

2009-03-14 14:00 . 2009-03-14 17:08 46,688 --ahs---- c:\windows\system32\drivers\fidbox.idx

2009-03-13 23:31 . 2009-03-16 16:32 <DIR> d-------- c:\windows\system32\drivers\Avg

2009-03-13 23:31 . 2009-03-13 23:33 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\AVGTOOLBAR

2009-03-13 23:31 . 2009-03-13 23:31 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys

2009-03-13 23:31 . 2009-03-13 23:31 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys

2009-03-13 23:31 . 2009-03-13 23:31 10,520 --a------ c:\windows\system32\avgrsstx.dll

2009-03-13 12:52 . 2009-03-13 12:53 <DIR> d--h----- c:\windows\msdownld.tmp

2009-03-13 11:44 . 2009-03-13 11:44 <DIR> d-------- c:\documents and settings\LocalService\Bureaublad

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\program files\Lavasoft

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2009-03-13 10:17 . 2009-03-13 20:53 <DIR> d-------- c:\windows\BDOSCAN8

2009-03-13 09:59 . 2009-03-17 01:06 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-03-13 09:59 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-03-13 09:59 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-03-12 00:05 . 2009-03-12 00:05 23,392 --a------ c:\windows\system32\nscompat.tlb

2009-03-12 00:05 . 2009-03-12 00:05 16,832 --a------ c:\windows\system32\amcompat.tlb

2009-03-11 23:55 . 2006-03-02 13:00 1,802 --a------ c:\windows\system32exit

2009-03-11 21:12 . 2009-02-23 13:46 0 -ra------ c:\windows\autoexec.bat

2009-03-11 20:48 . 2009-03-16 17:33 1,374 --a------ c:\windows\imsins.BAK

2009-03-11 15:40 . 2009-03-11 15:40 <DIR> d-------- c:\program files\DoubleD

2009-03-11 14:21 . 2009-03-16 23:30 <DIR> dr-h----- c:\documents and settings\Hoofdgebruiker\Onlangs geopend

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brownie

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brother

2009-03-11 14:05 . 2009-03-11 14:05 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\aAvgApi

2009-03-11 14:03 . 2009-03-11 14:03 34 --------- c:\windows\system32\BD2030.DAT

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brownie(2)

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brother(2)

2009-03-10 17:17 . 2009-03-11 14:20 <DIR> d-------- c:\program files\AVS4YOU

2009-03-10 09:39 . 2009-03-13 21:54 <DIR> d-------- c:\program files\Spybot - Search & Destroy

2009-03-10 09:39 . 2009-03-13 21:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-03-10 00:01 . 2009-03-10 00:01 <DIR> d-------- c:\program files\Trend Micro

2009-03-07 18:18 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nokia

2009-03-07 18:17 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Nokia

2009-03-06 23:58 . 2009-03-06 23:58 <DIR> d-------- c:\program files\AVG

2009-03-06 20:41 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2009-03-06 20:34 . 2009-03-06 20:34 <DIR> d-------- c:\program files\Common Files\PCSuite

2009-03-06 20:34 . 2009-03-07 18:17 <DIR> d-------- c:\program files\Common Files\Nokia

2009-03-06 20:34 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys

2009-03-06 20:33 . 2009-03-06 20:33 <DIR> d-------- c:\program files\PC Connectivity Solution

2009-03-06 20:32 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll

2009-03-06 20:32 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll

2009-03-06 20:32 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys

2009-03-06 20:32 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys

2009-03-06 20:05 . 2009-03-06 20:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Suite

2009-03-06 20:04 . 2009-03-06 20:23 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Phone Browser

2009-03-06 20:04 . 2009-03-06 21:24 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Nokia

2009-03-06 20:03 . 2009-03-06 20:03 <DIR> d-------- c:\program files\DIFX

2009-03-06 20:03 . 2009-03-07 18:16 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\PC Suite

2009-03-06 20:00 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Installations

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2009-03-05 16:01 . 2009-03-05 16:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-03-05 11:34 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat

2009-03-05 08:35 . 2009-03-05 08:35 106 --a------ C:\index.ini

2009-03-04 21:43 . 2009-03-04 21:43 <DIR> d-------- c:\program files\Microsoft Works

2009-03-04 21:42 . 2009-03-04 21:42 <DIR> d-------- c:\program files\Microsoft.NET

2009-03-04 19:58 . 2009-03-09 21:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\FileZilla

2009-03-04 19:03 . 2009-03-04 19:03 <DIR> d-------- C:\ftpxsetup

2009-03-04 17:57 . 2009-03-04 17:57 <DIR> d-------- c:\program files\Ipswitch

2009-03-04 17:57 . 2004-09-17 11:09 1,060,864 --a------ c:\windows\system32\MFC71.dll

2009-03-04 17:57 . 2005-02-28 12:37 606,293 --a------ c:\windows\system32\wbocx.ocx

2009-03-04 17:57 . 2005-02-28 12:37 50,688 --a------ c:\windows\system32\wbhelp2.dll

2009-03-04 15:08 . 2009-03-04 15:08 <DIR> dr-h----- C:\MSOCache

2009-03-04 12:01 . 2009-03-13 17:39 <DIR> d-------- c:\program files\IObit

2009-03-04 12:01 . 2009-03-04 12:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\IObit

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Malwarebytes

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-03-04 11:45 . 2009-03-13 23:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8

2009-03-04 11:37 . 2009-03-04 11:37 67 --a------ c:\windows\wininit.ini

2009-03-04 11:06 . 2009-03-04 11:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro 3

2009-03-04 11:06 . 2009-03-04 11:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro

2009-03-03 18:55 . 2009-03-03 18:55 80 --a------ C:\bootdelete.lst

2009-03-03 03:12 . 2009-03-15 01:57 <DIR> d-------- c:\program files\MSECACHE

2009-03-03 02:26 . 2009-03-03 02:26 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\OpenOffice.org

2009-03-03 02:25 . 2009-03-04 11:00 <DIR> d-------- c:\program files\OpenOffice.org 3

2009-03-02 17:12 . 2009-03-02 17:12 20,480 --a------ c:\documents and settings\update.exe

2009-02-28 23:46 . 2009-03-03 01:24 379 --a------ c:\windows\ODBC.INI

2009-02-28 18:33 . 2009-02-28 18:33 <DIR> d-------- c:\program files\YouTube Downloader

2009-02-28 17:17 . 2009-03-05 08:56 <DIR> d-------- c:\program files\filehippo.com

2009-02-28 17:16 . 2009-02-28 17:16 <DIR> d-------- c:\windows\CD95F661A5C444F5A6AAECDD91C240B7.TMP

2009-02-28 17:15 . 2009-03-16 09:29 <DIR> d-------- c:\windows\ie8updates

2009-02-28 17:15 . 2009-03-11 18:02 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP

2009-02-27 22:53 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Microsoft Sync Framework

2009-02-27 12:43 . 2009-02-27 12:43 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\SmartFTP

2009-02-27 12:42 . 2009-03-04 19:23 <DIR> d-------- c:\program files\SmartFTP Client

2009-02-23 13:57 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Java(2)

2009-02-23 13:55 . 2009-03-16 17:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Google Updater

2009-02-23 13:39 . 2009-02-23 13:41 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\ErrorFix

2009-02-22 21:59 . 2009-02-22 21:59 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Uniblue

2009-02-22 21:57 . 2009-02-22 22:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip

2009-02-22 21:52 . 2009-03-11 17:26 <DIR> d-------- c:\program files\NCH Swift Sound

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\PrivacIE

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\IETldCache

2009-02-21 22:40 . 2009-01-11 06:00 79,360 -----c--- c:\windows\system32\dllcache\iecompat.dll

2009-02-21 16:24 . 2009-02-21 16:24 <DIR> d-------- c:\windows\Sun

2009-02-21 16:23 . 2009-02-21 16:23 <DIR> d-------- c:\program files\AskBarDis

2009-02-20 14:43 . 2009-02-21 16:23 <DIR> d-------- c:\program files\AskBarDis(3)

2009-02-20 13:49 . 2009-02-21 16:23 <DIR> d-------- c:\program files\AskBarDis(2)

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-16 20:56 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-03-16 19:57 --------- d-----w c:\program files\Common Files\Real

2009-03-16 19:56 499,712 ----a-w c:\windows\system32\msvcp71.dll

2009-03-16 19:56 348,160 ----a-w c:\windows\system32\msvcr71.dll

2009-03-16 19:54 --------- d-----w c:\program files\Google

2009-03-15 01:19 --------- d-----w c:\program files\Windows Live

2009-03-13 23:45 --------- d-----w c:\program files\Paltalk Messenger

2009-03-11 23:05 --------- d-----w c:\program files\Windows Media Connect 2

2009-03-11 20:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-11 17:05 --------- d-----w c:\program files\MSN Messenger

2009-03-11 16:26 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\NCH Swift Sound

2009-03-11 16:25 --------- d-----w c:\program files\NCH Software

2009-03-11 13:02 --------- d--h--w c:\program files\InstallShield Installation Information

2009-03-10 17:57 --------- d-----w c:\program files\Common Files\InstallShield

2009-03-10 12:22 --------- d-----w c:\program files\Disk Cleaner

2009-03-05 08:20 --------- d-----w c:\program files\Winferno

2009-03-04 20:40 --------- d-----w c:\program files\Microsoft Visual Studio 8

2009-03-04 20:27 --------- d-----w c:\program files\MSBuild

2009-03-01 11:29 --------- d-----w c:\program files\GRETECH

2009-02-28 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\NOS

2009-02-28 17:06 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller

2009-02-28 16:17 --------- d-----w c:\program files\Common Files\DVDVideoSoft

2009-02-28 16:16 --------- d-----w c:\program files\Microsoft

2009-02-28 16:15 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software

2009-02-28 16:13 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound

2009-02-25 21:44 --------- d-----w c:\program files\DVDVideoSoft

2009-02-16 23:27 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Paltalk

2009-02-15 11:12 --------- d-----w c:\program files\Ahead

2009-02-15 11:11 --------- d-----w c:\program files\Common Files\Nero

2009-02-15 11:02 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead

2009-02-15 11:01 --------- d-----w c:\program files\Common Files\Ahead

2009-02-15 10:57 --------- d-----w c:\program files\MediaMonkey

2009-02-15 10:26 --------- d-----w c:\program files\MSXML 4.0

2009-02-14 19:47 --------- d-----w c:\program files\Ela-Salaty

2009-02-14 13:49 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Ahead

2009-02-14 13:39 --------- d-----w c:\program files\Nero

2009-02-11 15:13 --------- d-----w c:\documents and settings\All Users\Application Data\Disk Cleaner

2009-02-09 14:08 1,846,912 ------w c:\windows\system32\win32k.sys

2009-02-08 19:17 --------- d-----w c:\program files\Telemeter 3.0

2009-02-06 18:55 308,616 ----a-w c:\windows\WLXPGSS.SCR

2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll

2009-02-03 14:23 --------- d-----w c:\program files\Common Files\Adobe AIR

2009-01-31 18:55 --------- d-----w c:\program files\Reference Assemblies

2009-01-31 08:24 --------- d-----w c:\program files\KMaestro

2009-01-27 20:10 --------- d-----w c:\program files\IncrediMail

2009-01-27 20:10 --------- d-----w c:\program files\Free Offers from Freeze.com

2009-01-27 20:08 --------- d-----w c:\program files\Freeze.com

2009-01-27 20:00 --------- d-----w c:\documents and settings\All Users\Application Data\IM

2009-01-27 19:58 --------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail

2009-01-21 17:17 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller

2009-01-20 13:45 339,968 ----a-w c:\windows\system32\pythoncom25.dll

2009-01-20 13:45 2,117,632 ----a-w c:\windows\system32\python25.dll

2009-01-20 13:45 114,688 ----a-w c:\windows\system32\pywintypes25.dll

2009-01-19 17:25 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\deskPDF

2009-01-19 07:44 --------- d-----w c:\documents and settings\All Users\Application Data\Windows Live Toolbar

2009-01-18 20:01 --------- d-----w c:\documents and settings\LocalService\Application Data\agi

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SETED.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET8E.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET18.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET14E.tmp

2009-01-15 01:06 105,984 ----a-w c:\windows\system32\url(3)(2).dll

2009-01-15 01:06 1,182,720 ----a-w c:\windows\system32\urlmon(3)(2).dll

2009-01-15 01:05 911,872 ----a-w c:\windows\system32\wininet(3)(2).dll

2009-01-15 01:03 724,992 ----a-w c:\windows\system32\jscript(2)(2).dll

2009-01-15 01:02 1,975,296 ----a-w c:\windows\system32\iertutil(2)(2).dll

2008-12-31 16:04 691,560 ----a-w c:\windows\system32\OGACheckControl.dll

2008-12-31 16:04 528,744 ----a-w c:\windows\system32\OGAVerify.exe

2008-12-31 16:04 502,120 ----a-w c:\windows\system32\OGAAddin.dll

2008-12-19 09:13 70,656 ------w c:\windows\system32\SETD5.tmp

2008-12-19 09:13 70,656 ------w c:\windows\system32\SET72.tmp

2008-12-19 09:13 70,656 ------w c:\windows\system32\SET136.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SETD8.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SET75.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SET139.tmp

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-26 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-02-22 2272592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-16 198160]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-16 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-03-13 23:31 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-13 325640]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-13 107912]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-13 298264]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-15 55152]

R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2006-03-02 14336]

R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

S2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S2 gupdate1c9a42c2425e7b0;Google Updateservice (gupdate1c9a42c2425e7b0);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]

S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]

S4 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-09 33752]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffa0c543-dd88-11dd-92fa-806d6172696f}]

\Shell\AutoRun\command - e:\bin\assetup.exe

.

Contents of the 'Scheduled Tasks' folder

2009-03-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\ErrorFix Scan.job

- c:\program files\ErrorFix\ErrorFix.exe []

2009-03-13 c:\windows\Tasks\ErrorFix Scan.job

- c:\program files\ErrorFix []

2009-03-17 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-13 13:06]

2009-03-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 23:36]

2009-03-15 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\PCConfidential.job

- c:\program files\Winferno\PC Confidential\PCConfidential.exe []

2009-03-17 c:\windows\Tasks\RegPowerClean.job

- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2009-01-27 c:\windows\Tasks\RPCReminder.job

- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-03-10 c:\windows\Tasks\Schedule Task Weekly.job

- c:\program files\Registry Easy\RE.exe []

.

- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Search

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-17 01:37:28

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2009-03-17 1:38:52

ComboFix-quarantined-files.txt 2009-03-17 00:38:47

Pre-Run: 57.284.153.344 bytes beschikbaar

Post-Run: 57,748,062,208 bytes beschikbaar

302 --- E O F --- 2009-03-16 17:22:37

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

c:\windows\msdownld.tmp

c:\windows\system32\drivers\pccsmcfd.sys

c:\windows\system32\drivers\hitmanpro3.sys

Folder::

c:\program files\AskBarDis

c:\program files\AskBarDis(3)

c:\program files\AskBarDis(2)

Driver::

pccsmcfd.sys

hitmanpro3.sys

Registry::

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]

[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffa0c543-dd88-11dd-92fa-806d6172696f}]

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht en laat even weten hoe het nu met het opstarten staat ?

hallo kape , hier is de inhoud van combofix

ComboFix 09-03-15.01 - Hoofdgebruiker 2009-03-17 8:03:47.2 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1256.212.1043.18.2047.1464 [GMT 1:00]

Running from: c:\documents and settings\Hoofdgebruiker\Bureaublad\ComboFix.exe

Command switches used :: c:\documents and settings\Hoofdgebruiker\Bureaublad\CFScript.txt..txt

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::

c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

c:\windows\msdownld.tmp

c:\windows\system32\drivers\hitmanpro3.sys

c:\windows\system32\drivers\pccsmcfd.sys

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\AskBarDis

c:\program files\AskBarDis(2)

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\00026008.bin

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\00027044.bin

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\0002813C.bin

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\0002958F.bin

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\0002A4F0.bin

c:\program files\AskBarDis(2)\bar(2)\Cache(2)\00C44C51

c:\program files\AskBarDis(2)\bar(2)\History(2)\search

c:\program files\AskBarDis(2)\bar(2)\Settings(2)\prevcfg.htm

c:\program files\AskBarDis(3)

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\000490A3.bin

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\00049F3A.bin

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\0004ABCD.bin

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\0004BE2C.bin

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\0004CB1C.bin

c:\program files\AskBarDis(3)\bar(2)\Cache(2)\00C44C51

c:\program files\AskBarDis(3)\bar(2)\History(2)\search

c:\program files\AskBarDis(3)\bar(2)\Settings(2)\prevcfg.htm

c:\program files\AskBarDis\bar\bin\askBar.dll

c:\program files\AskBarDis\bar\bin\askPopStp.dll

c:\program files\AskBarDis\bar\bin\psvince.dll

c:\program files\AskBarDis\bar\Cache\00019E00.bin

c:\program files\AskBarDis\bar\Cache\00019F67.bin

c:\program files\AskBarDis\bar\Cache\0001A0AF.bin

c:\program files\AskBarDis\bar\Cache\0001A1E8.bin

c:\program files\AskBarDis\bar\Cache\0001A2E2.bin

c:\program files\AskBarDis\bar\Cache\00C44C51

c:\program files\AskBarDis\bar\Cache\files.ini

c:\program files\AskBarDis\bar\History\search

c:\program files\AskBarDis\bar\Settings\prevcfg.htm

c:\program files\AskBarDis\PopSwatter\History\allowed

c:\program files\AskBarDis\PopSwatter\History\notallow

c:\program files\AskBarDis\unins000.exe

c:\windows\system32\drivers\pccsmcfd.sys

.

((((((((((((((((((((((((( Files Created from 2009-02-17 to 2009-03-17 )))))))))))))))))))))))))))))))

.

2009-03-17 01:22 . 2009-03-17 01:22 <DIR> d-------- c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

2009-03-17 01:22 . 2009-03-17 01:22 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard

2009-03-17 01:17 . 2009-03-17 01:17 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}

2009-03-16 21:56 . 2009-03-16 21:56 <DIR> d-------- c:\program files\Java

2009-03-16 21:56 . 2009-03-16 21:56 73,728 --a------ c:\windows\system32\javacpl.cpl

2009-03-16 20:57 . 2009-03-16 20:57 <DIR> d-------- c:\program files\Common Files\xing shared

2009-03-16 08:53 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\ieencode.dll

2009-03-16 08:53 . 2007-08-13 18:45 78,336 --a--c--- c:\windows\system32\dllcache\ieencode.dll

2009-03-15 02:21 . 2009-02-06 18:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys

2009-03-15 02:17 . 2009-03-15 02:17 <DIR> d-------- c:\program files\Windows Live SkyDrive

2009-03-15 02:07 . 2009-03-15 02:20 <DIR> d-------- c:\program files\Windows Live Toolbar

2009-03-15 02:07 . 2009-03-15 02:07 <DIR> d-------- c:\program files\Windows Live Favorites

2009-03-15 01:57 . 2009-03-15 01:57 <DIR> d-------- c:\program files\Windows Installer Clean Up

2009-03-15 01:52 . 2009-03-15 01:52 <DIR> d-------- c:\program files\CCleaner

2009-03-15 01:22 . 2008-10-16 02:02 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll

2009-03-14 23:09 . 2009-03-14 23:09 <DIR> d-------- c:\program files\Common Files\Windows Live

2009-03-14 22:07 . 2009-03-14 22:09 <DIR> d--h----- C:\$AVG8.VAULT$

2009-03-14 14:00 . 2009-03-14 17:08 3,803,168 --ahs---- c:\windows\system32\drivers\fidbox.dat

2009-03-14 14:00 . 2009-03-14 17:08 46,688 --ahs---- c:\windows\system32\drivers\fidbox.idx

2009-03-13 23:31 . 2009-03-16 16:32 <DIR> d-------- c:\windows\system32\drivers\Avg

2009-03-13 23:31 . 2009-03-13 23:33 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\AVGTOOLBAR

2009-03-13 23:31 . 2009-03-13 23:31 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys

2009-03-13 23:31 . 2009-03-13 23:31 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys

2009-03-13 23:31 . 2009-03-13 23:31 10,520 --a------ c:\windows\system32\avgrsstx.dll

2009-03-13 12:52 . 2009-03-13 12:53 <DIR> d--h----- c:\windows\msdownld.tmp

2009-03-13 11:44 . 2009-03-13 11:44 <DIR> d-------- c:\documents and settings\LocalService\Bureaublad

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\program files\Lavasoft

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2009-03-13 10:17 . 2009-03-13 20:53 <DIR> d-------- c:\windows\BDOSCAN8

2009-03-13 09:59 . 2009-03-17 01:06 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-03-13 09:59 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-03-13 09:59 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-03-12 00:05 . 2009-03-12 00:05 23,392 --a------ c:\windows\system32\nscompat.tlb

2009-03-12 00:05 . 2009-03-12 00:05 16,832 --a------ c:\windows\system32\amcompat.tlb

2009-03-11 23:55 . 2006-03-02 13:00 1,802 --a------ c:\windows\system32exit

2009-03-11 21:12 . 2009-02-23 13:46 0 -ra------ c:\windows\autoexec.bat

2009-03-11 20:48 . 2009-03-16 17:33 1,374 --a------ c:\windows\imsins.BAK

2009-03-11 15:40 . 2009-03-11 15:40 <DIR> d-------- c:\program files\DoubleD

2009-03-11 14:21 . 2009-03-17 08:02 <DIR> dr-h----- c:\documents and settings\Hoofdgebruiker\Onlangs geopend

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brownie

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brother

2009-03-11 14:05 . 2009-03-11 14:05 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\aAvgApi

2009-03-11 14:03 . 2009-03-11 14:03 34 --------- c:\windows\system32\BD2030.DAT

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brownie(2)

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brother(2)

2009-03-10 17:17 . 2009-03-11 14:20 <DIR> d-------- c:\program files\AVS4YOU

2009-03-10 09:39 . 2009-03-13 21:54 <DIR> d-------- c:\program files\Spybot - Search & Destroy

2009-03-10 09:39 . 2009-03-13 21:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-03-10 00:01 . 2009-03-10 00:01 <DIR> d-------- c:\program files\Trend Micro

2009-03-07 18:18 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nokia

2009-03-07 18:17 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Nokia

2009-03-06 23:58 . 2009-03-06 23:58 <DIR> d-------- c:\program files\AVG

2009-03-06 20:41 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2009-03-06 20:34 . 2009-03-06 20:34 <DIR> d-------- c:\program files\Common Files\PCSuite

2009-03-06 20:34 . 2009-03-07 18:17 <DIR> d-------- c:\program files\Common Files\Nokia

2009-03-06 20:33 . 2009-03-06 20:33 <DIR> d-------- c:\program files\PC Connectivity Solution

2009-03-06 20:32 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll

2009-03-06 20:32 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll

2009-03-06 20:32 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys

2009-03-06 20:32 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys

2009-03-06 20:05 . 2009-03-06 20:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Suite

2009-03-06 20:04 . 2009-03-06 20:23 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Phone Browser

2009-03-06 20:04 . 2009-03-06 21:24 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Nokia

2009-03-06 20:03 . 2009-03-06 20:03 <DIR> d-------- c:\program files\DIFX

2009-03-06 20:03 . 2009-03-07 18:16 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\PC Suite

2009-03-06 20:00 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Installations

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2009-03-05 16:01 . 2009-03-05 16:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-03-05 11:34 . 2009-01-09 20:19 1,089,883 -----c--- c:\windows\system32\dllcache\ntprint.cat

2009-03-05 08:35 . 2009-03-05 08:35 106 --a------ C:\index.ini

2009-03-04 21:43 . 2009-03-04 21:43 <DIR> d-------- c:\program files\Microsoft Works

2009-03-04 21:42 . 2009-03-04 21:42 <DIR> d-------- c:\program files\Microsoft.NET

2009-03-04 19:58 . 2009-03-09 21:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\FileZilla

2009-03-04 19:03 . 2009-03-04 19:03 <DIR> d-------- C:\ftpxsetup

2009-03-04 17:57 . 2009-03-04 17:57 <DIR> d-------- c:\program files\Ipswitch

2009-03-04 17:57 . 2004-09-17 11:09 1,060,864 --a------ c:\windows\system32\MFC71.dll

2009-03-04 17:57 . 2005-02-28 12:37 606,293 --a------ c:\windows\system32\wbocx.ocx

2009-03-04 17:57 . 2005-02-28 12:37 50,688 --a------ c:\windows\system32\wbhelp2.dll

2009-03-04 15:08 . 2009-03-04 15:08 <DIR> dr-h----- C:\MSOCache

2009-03-04 12:01 . 2009-03-13 17:39 <DIR> d-------- c:\program files\IObit

2009-03-04 12:01 . 2009-03-04 12:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\IObit

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Malwarebytes

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-03-04 11:45 . 2009-03-13 23:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8

2009-03-04 11:37 . 2009-03-04 11:37 67 --a------ c:\windows\wininit.ini

2009-03-04 11:06 . 2009-03-04 11:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro 3

2009-03-04 11:06 . 2009-03-04 11:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Hitman Pro

2009-03-03 18:55 . 2009-03-03 18:55 80 --a------ C:\bootdelete.lst

2009-03-03 03:12 . 2009-03-15 01:57 <DIR> d-------- c:\program files\MSECACHE

2009-03-03 02:26 . 2009-03-03 02:26 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\OpenOffice.org

2009-03-03 02:25 . 2009-03-04 11:00 <DIR> d-------- c:\program files\OpenOffice.org 3

2009-03-02 17:12 . 2009-03-02 17:12 20,480 --a------ c:\documents and settings\update.exe

2009-02-28 23:46 . 2009-03-03 01:24 379 --a------ c:\windows\ODBC.INI

2009-02-28 18:33 . 2009-02-28 18:33 <DIR> d-------- c:\program files\YouTube Downloader

2009-02-28 17:17 . 2009-03-05 08:56 <DIR> d-------- c:\program files\filehippo.com

2009-02-28 17:16 . 2009-02-28 17:16 <DIR> d-------- c:\windows\CD95F661A5C444F5A6AAECDD91C240B7.TMP

2009-02-28 17:15 . 2009-03-16 09:29 <DIR> d-------- c:\windows\ie8updates

2009-02-28 17:15 . 2009-03-11 18:02 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP

2009-02-27 22:53 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Microsoft Sync Framework

2009-02-27 12:43 . 2009-02-27 12:43 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\SmartFTP

2009-02-27 12:42 . 2009-03-04 19:23 <DIR> d-------- c:\program files\SmartFTP Client

2009-02-23 13:57 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Java(2)

2009-02-23 13:55 . 2009-03-16 17:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Google Updater

2009-02-23 13:39 . 2009-02-23 13:41 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\ErrorFix

2009-02-22 21:59 . 2009-02-22 21:59 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Uniblue

2009-02-22 21:57 . 2009-02-22 22:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip

2009-02-22 21:52 . 2009-03-11 17:26 <DIR> d-------- c:\program files\NCH Swift Sound

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\PrivacIE

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\IETldCache

2009-02-21 22:40 . 2009-01-11 06:00 79,360 -----c--- c:\windows\system32\dllcache\iecompat.dll

2009-02-21 16:24 . 2009-02-21 16:24 <DIR> d-------- c:\windows\Sun

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-16 20:56 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-03-16 19:57 --------- d-----w c:\program files\Common Files\Real

2009-03-16 19:56 499,712 ----a-w c:\windows\system32\msvcp71.dll

2009-03-16 19:56 348,160 ----a-w c:\windows\system32\msvcr71.dll

2009-03-16 19:54 --------- d-----w c:\program files\Google

2009-03-15 01:19 --------- d-----w c:\program files\Windows Live

2009-03-13 23:45 --------- d-----w c:\program files\Paltalk Messenger

2009-03-11 23:05 --------- d-----w c:\program files\Windows Media Connect 2

2009-03-11 20:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-11 17:05 --------- d-----w c:\program files\MSN Messenger

2009-03-11 16:26 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\NCH Swift Sound

2009-03-11 16:25 --------- d-----w c:\program files\NCH Software

2009-03-11 13:02 --------- d--h--w c:\program files\InstallShield Installation Information

2009-03-10 17:57 --------- d-----w c:\program files\Common Files\InstallShield

2009-03-10 12:22 --------- d-----w c:\program files\Disk Cleaner

2009-03-05 08:20 --------- d-----w c:\program files\Winferno

2009-03-04 20:40 --------- d-----w c:\program files\Microsoft Visual Studio 8

2009-03-04 20:27 --------- d-----w c:\program files\MSBuild

2009-03-01 11:29 --------- d-----w c:\program files\GRETECH

2009-02-28 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\NOS

2009-02-28 17:06 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller

2009-02-28 16:17 --------- d-----w c:\program files\Common Files\DVDVideoSoft

2009-02-28 16:16 --------- d-----w c:\program files\Microsoft

2009-02-28 16:15 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software

2009-02-28 16:13 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound

2009-02-25 21:44 --------- d-----w c:\program files\DVDVideoSoft

2009-02-16 23:27 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Paltalk

2009-02-15 11:12 --------- d-----w c:\program files\Ahead

2009-02-15 11:11 --------- d-----w c:\program files\Common Files\Nero

2009-02-15 11:02 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead

2009-02-15 11:01 --------- d-----w c:\program files\Common Files\Ahead

2009-02-15 10:57 --------- d-----w c:\program files\MediaMonkey

2009-02-15 10:26 --------- d-----w c:\program files\MSXML 4.0

2009-02-14 19:47 --------- d-----w c:\program files\Ela-Salaty

2009-02-14 13:49 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Ahead

2009-02-14 13:39 --------- d-----w c:\program files\Nero

2009-02-11 15:13 --------- d-----w c:\documents and settings\All Users\Application Data\Disk Cleaner

2009-02-09 14:08 1,846,912 ------w c:\windows\system32\win32k.sys

2009-02-08 19:17 --------- d-----w c:\program files\Telemeter 3.0

2009-02-06 18:55 308,616 ----a-w c:\windows\WLXPGSS.SCR

2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll

2009-02-03 14:23 --------- d-----w c:\program files\Common Files\Adobe AIR

2009-01-31 18:55 --------- d-----w c:\program files\Reference Assemblies

2009-01-31 08:24 --------- d-----w c:\program files\KMaestro

2009-01-27 20:10 --------- d-----w c:\program files\IncrediMail

2009-01-27 20:10 --------- d-----w c:\program files\Free Offers from Freeze.com

2009-01-27 20:08 --------- d-----w c:\program files\Freeze.com

2009-01-27 20:00 --------- d-----w c:\documents and settings\All Users\Application Data\IM

2009-01-27 19:58 --------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail

2009-01-21 17:17 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller

2009-01-20 13:45 339,968 ----a-w c:\windows\system32\pythoncom25.dll

2009-01-20 13:45 2,117,632 ----a-w c:\windows\system32\python25.dll

2009-01-20 13:45 114,688 ----a-w c:\windows\system32\pywintypes25.dll

2009-01-19 17:25 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\deskPDF

2009-01-19 07:44 --------- d-----w c:\documents and settings\All Users\Application Data\Windows Live Toolbar

2009-01-18 20:01 --------- d-----w c:\documents and settings\LocalService\Application Data\agi

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SETED.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET8E.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET18.tmp

2009-01-16 20:31 3,594,752 ------w c:\windows\system32\SET14E.tmp

2009-01-15 01:06 105,984 ----a-w c:\windows\system32\url(3)(2).dll

2009-01-15 01:06 1,182,720 ----a-w c:\windows\system32\urlmon(3)(2).dll

2009-01-15 01:05 911,872 ----a-w c:\windows\system32\wininet(3)(2).dll

2009-01-15 01:03 724,992 ----a-w c:\windows\system32\jscript(2)(2).dll

2009-01-15 01:02 1,975,296 ----a-w c:\windows\system32\iertutil(2)(2).dll

2008-12-31 16:04 691,560 ----a-w c:\windows\system32\OGACheckControl.dll

2008-12-31 16:04 528,744 ----a-w c:\windows\system32\OGAVerify.exe

2008-12-31 16:04 502,120 ----a-w c:\windows\system32\OGAAddin.dll

2008-12-19 09:13 70,656 ------w c:\windows\system32\SETD5.tmp

2008-12-19 09:13 70,656 ------w c:\windows\system32\SET72.tmp

2008-12-19 09:13 70,656 ------w c:\windows\system32\SET136.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SETD8.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SET75.tmp

2008-12-19 05:23 161,792 ------w c:\windows\system32\SET139.tmp

.

((((((((((((((((((((((((((((( SnapShot@2009-03-17_ 1.37.50,12 )))))))))))))))))))))))))))))))))))))))))

.

+ 2009-03-17 01:21:53 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_578.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-02-22 2272592]

"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-16 198160]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-16 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-03-13 23:31 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-13 325640]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-13 107912]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-13 298264]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-15 55152]

R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2006-03-02 14336]

R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

S2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S2 gupdate1c9a42c2425e7b0;Google Updateservice (gupdate1c9a42c2425e7b0);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]

S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]

S4 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-09 33752]

.

Contents of the 'Scheduled Tasks' folder

2009-03-16 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-03-13 c:\windows\Tasks\ErrorFix Scan.job

- c:\program files\ErrorFix\ErrorFix.exe []

2009-03-13 c:\windows\Tasks\ErrorFix Scan.job

- c:\program files\ErrorFix []

2009-03-17 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-13 13:06]

2009-03-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 23:36]

2009-03-15 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 17:04]

2009-03-17 c:\windows\Tasks\PCConfidential.job

- c:\program files\Winferno\PC Confidential\PCConfidential.exe []

2009-03-17 c:\windows\Tasks\RegPowerClean.job

- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe []

2009-01-27 c:\windows\Tasks\RPCReminder.job

- c:\program files\Winferno\RegistryPowerCleaner\RPCReminder.exe []

2009-03-10 c:\windows\Tasks\Schedule Task Weekly.job

- c:\program files\Registry Easy\RE.exe []

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Search

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-17 08:05:17

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2009-03-17 8:06:39

ComboFix-quarantined-files.txt 2009-03-17 07:06:32

ComboFix2.txt 2009-03-17 00:38:53

Pre-Run: 57.681.776.640 bytes beschikbaar

Post-Run: 57,671,991,296 bytes beschikbaar

340 --- E O F --- 2009-03-16 17:22:37

ik heb net mijn pc herstart maar het probleem is er nog.

Dan lijkt malware niet de oorzaak te zijn van je problemen. Zou je eens een andere browser willen downloaden : Firefox 3 ... en dan eens bekijken of je daarmee dezelfde problemen hebt bij het binnenhalen van pagina's van het Internet ?

met firefox heb ik hetzelfde probleem met google chrome heb ik het probleem niet maar ik ben het gewoon met explorer te surfen en wil het zo houden

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\SET139.tmp

c:\windows\system32\SET75.tmp

c:\windows\system32\SETD8.tmp

c:\windows\system32\SET136.tmp

c:\windows\system32\SET72.tmp

c:\windows\system32\SETD5.tmp

c:\windows\system32\OGAAddin.dll

c:\windows\system32\OGAVerify.exe

c:\windows\system32\OGACheckControl.dll

c:\windows\system32\SET14E.tmp

c:\windows\system32\SET18.tmp

c:\windows\system32\SET8E.tmp

c:\windows\system32\SETED.tmp

c:\program files\Freeze.com

c:\program files\Free Offers from Freeze.com

c:\windows\CD95F661A5C444F5A6AAECDD91C240B7.TMP

c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

Folder::

c:\documents and settings\All Users\Application Data\Hitman Pro

c:\documents and settings\All Users\Application Data\Hitman Pro 3

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

ComboFix 09-03-15.01 - Hoofdgebruiker 2009-03-18 20:34:42.5 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.3.1256.212.1043.18.2047.1577 [GMT 1:00]

Running from: c:\documents and settings\Hoofdgebruiker\Bureaublad\ComboFix.exe

Command switches used :: c:\documents and settings\Hoofdgebruiker\Bureaublad\CFScript.txt..txt

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::

c:\program files\Free Offers from Freeze.com

c:\program files\Freeze.com

c:\windows\5888428E699C4E71BF7194EE06B497DA.TMP

c:\windows\CD95F661A5C444F5A6AAECDD91C240B7.TMP

c:\windows\system32\OGAAddin.dll

c:\windows\system32\OGACheckControl.dll

c:\windows\system32\OGAVerify.exe

c:\windows\system32\SET136.tmp

c:\windows\system32\SET139.tmp

c:\windows\system32\SET14E.tmp

c:\windows\system32\SET18.tmp

c:\windows\system32\SET72.tmp

c:\windows\system32\SET75.tmp

c:\windows\system32\SET8E.tmp

c:\windows\system32\SETD5.tmp

c:\windows\system32\SETD8.tmp

c:\windows\system32\SETED.tmp

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

c:\documents and settings\All Users\Application Data\Hitman Pro 3

c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro2-brightside.dll

c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro3-curl.exe

c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro3-hash.dll

c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro3-lang.ini

c:\documents and settings\All Users\Application Data\Hitman Pro 3\hitmanpro3.dll

c:\documents and settings\All Users\Application Data\Hitman Pro 3\prompt.exe

c:\documents and settings\All Users\Application Data\Hitman Pro 3\sysloc.ini

c:\documents and settings\All Users\Application Data\Hitman Pro

c:\windows\system32\OGAAddin.dll

c:\windows\system32\OGACheckControl.dll

c:\windows\system32\OGAVerify.exe

c:\windows\system32\SET136.tmp

c:\windows\system32\SET139.tmp

c:\windows\system32\SET14E.tmp

c:\windows\system32\SET18.tmp

c:\windows\system32\SET72.tmp

c:\windows\system32\SET75.tmp

c:\windows\system32\SET8E.tmp

c:\windows\system32\SETD5.tmp

c:\windows\system32\SETD8.tmp

c:\windows\system32\SETED.tmp

J:\install.exe

.

((((((((((((((((((((((((( Files Created from 2009-02-18 to 2009-03-18 )))))))))))))))))))))))))))))))

.

2009-03-18 19:56 . 2009-03-18 19:56 <DIR> d--h-c--- c:\windows\ie8

2009-03-18 08:49 . 2006-12-29 00:31 19,569 --a------ c:\windows\000001_.tmp

2009-03-17 22:28 . 2009-03-17 22:38 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\.zenmap

2009-03-17 22:23 . 2009-03-17 22:23 <DIR> d-------- c:\program files\WinPcap

2009-03-17 21:11 . 2009-03-17 21:11 <DIR> d-------- c:\program files\Common Files\xing shared

2009-03-17 14:49 . 2009-03-17 14:49 <DIR> d-------- c:\windows\system32\GroupPolicy

2009-03-17 14:49 . 2009-03-17 15:31 <DIR> d-------- c:\program files\Windows Desktop Search

2009-03-17 09:57 . 2009-03-17 09:57 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\TuneUp Software

2009-03-17 09:57 . 2009-03-17 09:57 355,584 --a------ c:\windows\system32\TuneUpDefragService.exe

2009-03-17 09:57 . 2008-05-29 09:28 28,416 --a------ c:\windows\system32\uxtuneup.dll

2009-03-17 09:56 . 2009-03-17 19:23 <DIR> d-------- c:\program files\TuneUp Utilities 2008

2009-03-17 09:56 . 2009-03-17 09:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software

2009-03-17 01:22 . 2009-03-17 01:22 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard

2009-03-17 01:17 . 2009-03-17 01:17 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}

2009-03-16 21:56 . 2009-03-16 21:56 <DIR> d-------- c:\program files\Java

2009-03-16 21:56 . 2009-03-16 21:56 73,728 --a------ c:\windows\system32\javacpl.cpl

2009-03-15 02:21 . 2009-02-06 18:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys

2009-03-15 02:17 . 2009-03-15 02:17 <DIR> d-------- c:\program files\Windows Live SkyDrive

2009-03-15 02:07 . 2009-03-18 19:58 <DIR> d-------- c:\program files\Windows Live Toolbar

2009-03-15 02:07 . 2009-03-15 02:07 <DIR> d-------- c:\program files\Windows Live Favorites

2009-03-15 01:57 . 2009-03-15 01:57 <DIR> d-------- c:\program files\Windows Installer Clean Up

2009-03-15 01:52 . 2009-03-15 01:52 <DIR> d-------- c:\program files\CCleaner

2009-03-15 01:22 . 2008-10-16 02:02 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll

2009-03-14 23:09 . 2009-03-14 23:09 <DIR> d-------- c:\program files\Common Files\Windows Live

2009-03-14 22:07 . 2009-03-14 22:09 <DIR> d--h----- C:\$AVG8.VAULT$

2009-03-14 14:00 . 2009-03-14 17:08 3,803,168 --ahs---- c:\windows\system32\drivers\fidbox.dat

2009-03-14 14:00 . 2009-03-14 17:08 46,688 --ahs---- c:\windows\system32\drivers\fidbox.idx

2009-03-13 23:31 . 2009-03-18 18:39 <DIR> d-------- c:\windows\system32\drivers\Avg

2009-03-13 23:31 . 2009-03-13 23:33 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\AVGTOOLBAR

2009-03-13 23:31 . 2009-03-13 23:31 325,640 --a------ c:\windows\system32\drivers\avgldx86.sys

2009-03-13 23:31 . 2009-03-13 23:31 107,912 --a------ c:\windows\system32\drivers\avgtdix.sys

2009-03-13 23:31 . 2009-03-13 23:31 10,520 --a------ c:\windows\system32\avgrsstx.dll

2009-03-13 12:52 . 2009-03-18 15:55 <DIR> d--h----- c:\windows\msdownld.tmp

2009-03-13 11:44 . 2009-03-13 11:44 <DIR> d-------- c:\documents and settings\LocalService\Bureaublad

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\program files\Lavasoft

2009-03-13 11:28 . 2009-03-13 20:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft

2009-03-13 10:17 . 2009-03-13 20:53 <DIR> d-------- c:\windows\BDOSCAN8

2009-03-13 09:59 . 2009-03-17 01:06 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

2009-03-13 09:59 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys

2009-03-13 09:59 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys

2009-03-12 00:05 . 2009-03-12 00:05 23,392 --a------ c:\windows\system32\nscompat.tlb

2009-03-12 00:05 . 2009-03-12 00:05 16,832 --a------ c:\windows\system32\amcompat.tlb

2009-03-11 23:55 . 2006-03-02 13:00 1,802 --a------ c:\windows\system32exit

2009-03-11 21:12 . 2009-02-23 13:46 0 -ra------ c:\windows\autoexec.bat

2009-03-11 20:48 . 2009-03-18 19:57 1,374 --a------ c:\windows\imsins.BAK

2009-03-11 15:40 . 2009-03-11 15:40 <DIR> d-------- c:\program files\DoubleD

2009-03-11 14:21 . 2009-03-18 20:33 <DIR> dr-h----- c:\documents and settings\Hoofdgebruiker\Onlangs geopend

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brownie

2009-03-11 14:19 . 2009-03-11 14:19 <DIR> d-------- c:\program files\Brother

2009-03-11 14:05 . 2009-03-11 14:05 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\aAvgApi

2009-03-11 14:03 . 2009-03-11 14:03 34 --------- c:\windows\system32\BD2030.DAT

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brownie(2)

2009-03-11 13:46 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Brother(2)

2009-03-10 17:17 . 2009-03-11 14:20 <DIR> d-------- c:\program files\AVS4YOU

2009-03-10 09:39 . 2009-03-13 21:54 <DIR> d-------- c:\program files\Spybot - Search & Destroy

2009-03-10 09:39 . 2009-03-13 21:27 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2009-03-10 00:01 . 2009-03-10 00:01 <DIR> d-------- c:\program files\Trend Micro

2009-03-07 18:18 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nokia

2009-03-07 18:17 . 2009-03-11 14:15 <DIR> d-------- c:\program files\Nokia

2009-03-06 23:58 . 2009-03-06 23:58 <DIR> d-------- c:\program files\AVG

2009-03-06 20:41 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf

2009-03-06 20:41 . 2009-03-06 20:41 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf

2009-03-06 20:34 . 2009-03-06 20:34 <DIR> d-------- c:\program files\Common Files\PCSuite

2009-03-06 20:34 . 2009-03-07 18:17 <DIR> d-------- c:\program files\Common Files\Nokia

2009-03-06 20:33 . 2009-03-06 20:33 <DIR> d-------- c:\program files\PC Connectivity Solution

2009-03-06 20:32 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll

2009-03-06 20:32 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll

2009-03-06 20:32 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys

2009-03-06 20:32 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys

2009-03-06 20:32 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys

2009-03-06 20:05 . 2009-03-06 20:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Suite

2009-03-06 20:04 . 2009-03-06 20:23 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Phone Browser

2009-03-06 20:04 . 2009-03-06 21:24 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Nokia

2009-03-06 20:03 . 2009-03-06 20:03 <DIR> d-------- c:\program files\DIFX

2009-03-06 20:03 . 2009-03-07 18:16 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\PC Suite

2009-03-06 20:00 . 2009-03-07 18:18 <DIR> d-------- c:\documents and settings\All Users\Application Data\Installations

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a------ c:\windows\system32\drivers\usbser.sys

2009-03-06 19:55 . 2008-04-13 19:45 26,112 --a--c--- c:\windows\system32\dllcache\usbser.sys

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf

2009-03-06 19:45 . 2009-03-06 19:45 0 --------- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf

2009-03-05 16:01 . 2009-03-05 16:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage

2009-03-05 08:35 . 2009-03-05 08:35 106 --a------ C:\index.ini

2009-03-04 21:43 . 2009-03-04 21:43 <DIR> d-------- c:\program files\Microsoft Works

2009-03-04 21:42 . 2009-03-04 21:42 <DIR> d-------- c:\program files\Microsoft.NET

2009-03-04 19:58 . 2009-03-09 21:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\FileZilla

2009-03-04 19:03 . 2009-03-04 19:03 <DIR> d-------- C:\ftpxsetup

2009-03-04 17:57 . 2009-03-04 17:57 <DIR> d-------- c:\program files\Ipswitch

2009-03-04 17:57 . 2004-09-17 11:09 1,060,864 --a------ c:\windows\system32\MFC71.dll

2009-03-04 17:57 . 2005-02-28 12:37 606,293 --a------ c:\windows\system32\wbocx.ocx

2009-03-04 17:57 . 2005-02-28 12:37 50,688 --a------ c:\windows\system32\wbhelp2.dll

2009-03-04 15:08 . 2009-03-04 15:08 <DIR> dr-h----- C:\MSOCache

2009-03-04 12:01 . 2009-03-13 17:39 <DIR> d-------- c:\program files\IObit

2009-03-04 12:01 . 2009-03-04 12:01 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\IObit

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Malwarebytes

2009-03-04 11:56 . 2009-03-04 11:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes

2009-03-04 11:45 . 2009-03-13 23:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8

2009-03-04 11:37 . 2009-03-04 11:37 67 --a------ c:\windows\wininit.ini

2009-03-03 18:55 . 2009-03-03 18:55 80 --a------ C:\bootdelete.lst

2009-03-03 03:12 . 2009-03-15 01:57 <DIR> d-------- c:\program files\MSECACHE

2009-03-03 02:26 . 2009-03-03 02:26 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\OpenOffice.org

2009-03-03 02:25 . 2009-03-04 11:00 <DIR> d-------- c:\program files\OpenOffice.org 3

2009-03-02 17:12 . 2009-03-02 17:12 20,480 --a------ c:\documents and settings\update.exe

2009-02-28 23:46 . 2009-03-03 01:24 379 --a------ c:\windows\ODBC.INI

2009-02-28 18:33 . 2009-02-28 18:33 <DIR> d-------- c:\program files\YouTube Downloader

2009-02-28 17:17 . 2009-03-05 08:56 <DIR> d-------- c:\program files\filehippo.com

2009-02-28 17:16 . 2009-02-28 17:16 <DIR> d-------- c:\windows\CD95F661A5C444F5A6AAECDD91C240B7.TMP

2009-02-28 17:15 . 2009-03-16 09:29 <DIR> d-------- c:\windows\ie8updates

2009-02-28 17:15 . 2009-03-11 18:02 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP

2009-02-27 22:53 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Microsoft Sync Framework

2009-02-27 12:43 . 2009-02-27 12:43 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\SmartFTP

2009-02-27 12:42 . 2009-03-04 19:23 <DIR> d-------- c:\program files\SmartFTP Client

2009-02-23 13:57 . 2009-02-28 17:16 <DIR> d-------- c:\program files\Java(2)

2009-02-23 13:55 . 2009-03-16 17:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Google Updater

2009-02-23 13:39 . 2009-02-23 13:41 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\ErrorFix

2009-02-22 21:59 . 2009-02-22 21:59 <DIR> d-------- c:\documents and settings\Hoofdgebruiker\Application Data\Uniblue

2009-02-22 21:57 . 2009-02-22 22:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\WinZip

2009-02-22 21:52 . 2009-03-11 17:26 <DIR> d-------- c:\program files\NCH Swift Sound

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\PrivacIE

2009-02-21 23:01 . 2009-02-21 23:01 <DIR> d--hs---- c:\documents and settings\Hoofdgebruiker\IETldCache

2009-02-21 22:40 . 2009-01-11 06:00 79,360 -----c--- c:\windows\system32\dllcache\iecompat.dll

2009-02-21 16:24 . 2009-02-21 16:24 <DIR> d-------- c:\windows\Sun

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-18 18:56 --------- d-----w c:\program files\MSN Messenger

2009-03-17 20:11 --------- d-----w c:\program files\Common Files\Real

2009-03-17 20:10 499,712 ----a-w c:\windows\system32\msvcp71.dll

2009-03-17 20:10 348,160 ----a-w c:\windows\system32\msvcr71.dll

2009-03-17 15:06 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-16 20:56 410,984 ----a-w c:\windows\system32\deploytk.dll

2009-03-16 19:54 --------- d-----w c:\program files\Google

2009-03-15 01:19 --------- d-----w c:\program files\Windows Live

2009-03-13 23:45 --------- d-----w c:\program files\Paltalk Messenger

2009-03-11 23:05 --------- d-----w c:\program files\Windows Media Connect 2

2009-03-11 16:26 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\NCH Swift Sound

2009-03-11 16:25 --------- d-----w c:\program files\NCH Software

2009-03-11 13:02 --------- d--h--w c:\program files\InstallShield Installation Information

2009-03-10 17:57 --------- d-----w c:\program files\Common Files\InstallShield

2009-03-10 12:22 --------- d-----w c:\program files\Disk Cleaner

2009-03-05 08:20 --------- d-----w c:\program files\Winferno

2009-03-04 20:40 --------- d-----w c:\program files\Microsoft Visual Studio 8

2009-03-04 20:27 --------- d-----w c:\program files\MSBuild

2009-03-01 11:29 --------- d-----w c:\program files\GRETECH

2009-02-28 21:42 --------- d-----w c:\documents and settings\All Users\Application Data\NOS

2009-02-28 17:06 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller

2009-02-28 16:17 --------- d-----w c:\program files\Common Files\DVDVideoSoft

2009-02-28 16:16 --------- d-----w c:\program files\Microsoft

2009-02-28 16:15 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Software

2009-02-28 16:13 --------- d-----w c:\documents and settings\All Users\Application Data\NCH Swift Sound

2009-02-25 21:44 --------- d-----w c:\program files\DVDVideoSoft

2009-02-16 23:27 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Paltalk

2009-02-15 11:12 --------- d-----w c:\program files\Ahead

2009-02-15 11:11 --------- d-----w c:\program files\Common Files\Nero

2009-02-15 11:02 --------- d-----w c:\documents and settings\All Users\Application Data\Ahead

2009-02-15 11:01 --------- d-----w c:\program files\Common Files\Ahead

2009-02-15 10:57 --------- d-----w c:\program files\MediaMonkey

2009-02-15 10:26 --------- d-----w c:\program files\MSXML 4.0

2009-02-14 19:47 --------- d-----w c:\program files\Ela-Salaty

2009-02-14 13:49 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\Ahead

2009-02-14 13:39 --------- d-----w c:\program files\Nero

2009-02-11 15:13 --------- d-----w c:\documents and settings\All Users\Application Data\Disk Cleaner

2009-02-09 14:08 1,846,912 ------w c:\windows\system32\win32k.sys

2009-02-08 19:17 --------- d-----w c:\program files\Telemeter 3.0

2009-02-06 18:55 308,616 ----a-w c:\windows\WLXPGSS.SCR

2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll

2009-02-03 14:23 --------- d-----w c:\program files\Common Files\Adobe AIR

2009-01-31 18:55 --------- d-----w c:\program files\Reference Assemblies

2009-01-31 08:24 --------- d-----w c:\program files\KMaestro

2009-01-27 20:10 --------- d-----w c:\program files\IncrediMail

2009-01-27 20:10 --------- d-----w c:\program files\Free Offers from Freeze.com

2009-01-27 20:08 --------- d-----w c:\program files\Freeze.com

2009-01-27 20:00 --------- d-----w c:\documents and settings\All Users\Application Data\IM

2009-01-27 19:58 --------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail

2009-01-21 17:17 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller

2009-01-20 13:45 339,968 ----a-w c:\windows\system32\pythoncom25.dll

2009-01-20 13:45 2,117,632 ----a-w c:\windows\system32\python25.dll

2009-01-20 13:45 114,688 ----a-w c:\windows\system32\pywintypes25.dll

2009-01-19 17:25 --------- d-----w c:\documents and settings\Hoofdgebruiker\Application Data\deskPDF

2009-01-19 07:44 --------- d-----w c:\documents and settings\All Users\Application Data\Windows Live Toolbar

2009-01-18 20:01 --------- d-----w c:\documents and settings\LocalService\Application Data\agi

2009-01-15 01:06 105,984 ----a-w c:\windows\system32\url(3)(2).dll

2009-01-15 01:06 1,182,720 ----a-w c:\windows\system32\urlmon(3)(2).dll

2009-01-15 01:05 911,872 ----a-w c:\windows\system32\wininet.dll

2009-01-15 01:05 911,872 ----a-w c:\windows\system32\wininet(3)(2).dll

2009-01-15 01:05 43,008 ----a-w c:\windows\system32\licmgr10.dll

2009-01-15 01:04 18,944 ----a-w c:\windows\system32\corpol.dll

2009-01-15 01:03 724,992 ----a-w c:\windows\system32\jscript(2)(2).dll

2009-01-15 01:03 72,704 ----a-w c:\windows\system32\admparse.dll

2009-01-15 01:03 71,680 ----a-w c:\windows\system32\iesetup.dll

2009-01-15 01:03 420,352 ----a-w c:\windows\system32\vbscript.dll

2009-01-15 01:02 1,975,296 ----a-w c:\windows\system32\iertutil(2)(2).dll

2009-01-15 01:01 34,304 ----a-w c:\windows\system32\imgutil.dll

2009-01-15 01:00 48,128 ----a-w c:\windows\system32\mshtmler.dll

2009-01-15 01:00 45,568 ----a-w c:\windows\system32\mshta.exe

2009-01-15 00:50 156,160 ----a-w c:\windows\system32\msls31.dll

.

((((((((((((((((((((((((((((( SnapShot_2009-03-17_16.31.14,20 )))))))))))))))))))))))))))))))))))))))))

.

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB938464_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB938464_1$\spuninst\updspapi.dll

- 2008-04-14 17:02:31 82,944 -c----w c:\windows\$NtUninstallKB946648$\msgsc.dll

+ 2008-04-14 17:02:31 82,944 -c----w c:\windows\$NtUninstallKB946648_1$\msgsc.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB946648_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB946648_1$\spuninst\updspapi.dll

+ 2008-04-13 18:55:08 202,624 -c----w c:\windows\$NtUninstallKB950762_1$\rmcast.sys

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB950762_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB950762_1$\spuninst\updspapi.dll

+ 2008-04-14 16:34:36 273,536 -c----w c:\windows\$NtUninstallKB951376-v2_1$\bthport.sys

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB951376-v2_1$\spuninst\spuninst.exe

+ 2007-11-30 11:19:44 401,272 -c----w c:\windows\$NtUninstallKB951376-v2_1$\spuninst\updspapi.dll

+ 2008-04-14 17:02:38 1,292,288 -c----w c:\windows\$NtUninstallKB951698_1$\quartz.dll

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB951698_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB951698_1$\spuninst\updspapi.dll

+ 2008-05-01 14:33:36 331,776 -c----w c:\windows\$NtUninstallKB952287_1$\msadce.dll

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB952287_1$\spuninst\spuninst.exe

+ 2007-11-30 11:19:44 401,272 -c----w c:\windows\$NtUninstallKB952287_1$\spuninst\updspapi.dll

+ 2008-04-14 17:02:29 73,728 -c----w c:\windows\$NtUninstallKB952954_1$\mscms.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB952954_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB952954_1$\spuninst\updspapi.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB954211_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB954211_1$\spuninst\updspapi.dll

+ 2008-04-14 16:35:09 1,845,760 -c----w c:\windows\$NtUninstallKB954211_1$\win32k.sys

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB954600_1$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB954600_1$\spuninst\updspapi.dll

+ 2008-10-03 10:17:56 247,326 -c----w c:\windows\$NtUninstallKB954600_1$\strmdll.dll

+ 2008-09-04 16:46:31 1,106,944 -c----w c:\windows\$NtUninstallKB955069_1$\msxml3.dll

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB955069_1$\spuninst\spuninst.exe

+ 2008-07-09 12:14:20 401,272 -c----w c:\windows\$NtUninstallKB955069_1$\spuninst\updspapi.dll

+ 2008-04-14 17:02:26 285,184 -c----w c:\windows\$NtUninstallKB956802_1$\gdi32.dll

+ 2008-07-08 13:07:36 234,872 -c----w c:\windows\$NtUninstallKB956802_1$\spuninst\spuninst.exe

+ 2008-07-09 07:44:19 401,272 -c----w c:\windows\$NtUninstallKB956802_1$\spuninst\updspapi.dll

+ 2008-04-13 19:19:23 138,112 -c----w c:\windows\$NtUninstallKB956803_1$\afd.sys

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB956803_1$\spuninst\spuninst.exe

+ 2007-11-30 11:19:44 401,272 -c----w c:\windows\$NtUninstallKB956803_1$\spuninst\updspapi.dll

+ 2008-04-14 16:41:29 2,070,272 -c----w c:\windows\$NtUninstallKB956841_1$\ntkrnlpa.exe

+ 2008-04-14 16:42:00 2,193,408 -c----w c:\windows\$NtUninstallKB956841_1$\ntoskrnl.exe

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB956841_1$\spuninst\spuninst.exe

+ 2008-07-09 07:44:19 401,272 -c----w c:\windows\$NtUninstallKB956841_1$\spuninst\updspapi.dll

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB957095_1$\spuninst\spuninst.exe

+ 2007-11-30 11:19:44 401,272 -c----w c:\windows\$NtUninstallKB957095_1$\spuninst\updspapi.dll

+ 2008-04-13 19:15:11 334,848 -c----w c:\windows\$NtUninstallKB957095_1$\srv.sys

+ 2008-04-13 19:17:01 456,576 -c----w c:\windows\$NtUninstallKB957097_1$\mrxsmb.sys

+ 2008-07-08 13:07:36 234,872 -c----w c:\windows\$NtUninstallKB957097_1$\spuninst\spuninst.exe

+ 2008-07-08 13:07:47 401,272 -c----w c:\windows\$NtUninstallKB957097_1$\spuninst\updspapi.dll

+ 2006-03-02 12:00:00 1,022,976 -c----w c:\windows\$NtUninstallKB958215_0$\browseui.dll

+ 2006-03-02 12:00:00 151,040 -c----w c:\windows\$NtUninstallKB958215_0$\cdfview.dll

+ 2006-03-02 12:00:00 1,056,768 -c----w c:\windows\$NtUninstallKB958215_0$\danim.dll

+ 2006-03-02 12:00:00 357,888 -c----w c:\windows\$NtUninstallKB958215_0$\dxtmsft.dll

+ 2006-03-02 12:00:00 201,728 -c----w c:\windows\$NtUninstallKB958215_0$\dxtrans.dll

+ 2006-03-02 12:00:00 55,808 -c----w c:\windows\$NtUninstallKB958215_0$\extmgr.dll

+ 2006-03-02 12:00:00 18,432 -c----w c:\windows\$NtUninstallKB958215_0$\iedw.exe

+ 2006-03-02 12:00:00 251,392 -c----w c:\windows\$NtUninstallKB958215_0$\iepeers.dll

+ 2006-03-02 12:00:00 96,768 -c----w c:\windows\$NtUninstallKB958215_0$\inseng.dll

+ 2006-03-02 12:00:00 15,872 -c----w c:\windows\$NtUninstallKB958215_0$\jsproxy.dll

+ 2006-03-02 12:00:00 448,512 -c----w c:\windows\$NtUninstallKB958215_0$\mshtmled.dll

+ 2006-03-02 12:00:00 146,432 -c----w c:\windows\$NtUninstallKB958215_0$\msrating.dll

+ 2006-03-02 12:00:00 530,432 -c----w c:\windows\$NtUninstallKB958215_0$\mstime.dll

+ 2006-03-02 12:00:00 39,424 -c----w c:\windows\$NtUninstallKB958215_0$\pngfilt.dll

+ 2006-03-02 12:00:00 1,492,480 -c----w c:\windows\$NtUninstallKB958215_0$\shdocvw.dll

+ 2006-03-02 12:00:00 474,624 -c----w c:\windows\$NtUninstallKB958215_0$\shlwapi.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB958215_0$\spuninst\spuninst.exe

+ 2008-07-09 07:44:19 401,272 -c----w c:\windows\$NtUninstallKB958215_0$\spuninst\updspapi.dll

+ 2006-03-02 12:00:00 613,888 -c----w c:\windows\$NtUninstallKB958215_0$\urlmon.dll

+ 2006-03-02 12:00:00 659,456 -c----w c:\windows\$NtUninstallKB958215_0$\wininet.dll

+ 2006-01-31 15:45:16 17,408 -c----w c:\windows\$NtUninstallKB958215_0$\xpsp3res.dll

+ 2008-04-14 17:02:33 337,408 -c----w c:\windows\$NtUninstallKB958644_1$\netapi32.dll

+ 2007-11-30 11:19:43 234,872 -c----w c:\windows\$NtUninstallKB958644_1$\spuninst\spuninst.exe

+ 2007-11-30 11:19:44 401,272 -c----w c:\windows\$NtUninstallKB958644_1$\spuninst\updspapi.dll

+ 2006-03-02 12:00:00 3,070,464 -c----w c:\windows\$NtUninstallKB960714_0$\mshtml.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\$NtUninstallKB960714_0$\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\$NtUninstallKB960714_0$\spuninst\updspapi.dll

+ 2008-04-14 21:32:22 61,440 -c----w c:\windows\ie8\admparse.dll

+ 2008-04-14 21:32:22 100,864 -c----w c:\windows\ie8\advpack.dll

+ 2008-04-14 21:32:24 35,328 -c----w c:\windows\ie8\corpol.dll

+ 2008-04-14 21:32:26 357,888 -c----w c:\windows\ie8\dxtmsft.dll

+ 2008-04-14 21:32:26 205,312 -c----w c:\windows\ie8\dxtrans.dll

+ 2008-04-14 21:32:28 38,912 -c----w c:\windows\ie8\hmmapi.dll

+ 2008-12-20 23:03:40 63,488 -c----w c:\windows\ie8\icardie.dll

+ 2008-04-14 21:33:02 34,304 -c----w c:\windows\ie8\ie4uinit.exe

+ 2008-04-14 21:32:28 143,360 -c----w c:\windows\ie8\ieakeng.dll

+ 2008-04-14 21:32:28 220,160 -c----w c:\windows\ie8\ieaksie.dll

+ 2006-03-02 12:00:00 237,568 -c----w c:\windows\ie8\ieakui.dll

+ 2008-12-20 23:03:41 383,488 -c----w c:\windows\ie8\ieapfltr.dll

+ 2008-04-14 21:32:28 323,584 -c----w c:\windows\ie8\iedkcs32.dll

+ 2008-04-14 21:32:28 81,920 -c----w c:\windows\ie8\ieencode.dll

+ 2008-12-20 23:03:45 6,066,688 -c----w c:\windows\ie8\ieframe.dll

+ 2008-04-14 21:32:28 251,904 -c----w c:\windows\ie8\iepeers.dll

+ 2008-04-14 21:32:28 48,640 -c----w c:\windows\ie8\iernonce.dll

+ 2008-12-20 23:03:46 267,776 -c----w c:\windows\ie8\iertutil.dll

+ 2008-04-14 21:32:28 63,488 -c----w c:\windows\ie8\iesetup.dll

+ 2008-04-14 21:33:02 93,184 -c----w c:\windows\ie8\iexplore.exe

+ 2008-04-14 21:32:30 35,840 -c----w c:\windows\ie8\imgutil.dll

+ 2008-04-14 21:32:30 96,768 -c----w c:\windows\ie8\inseng.dll

+ 2008-05-09 10:56:23 512,000 -c----w c:\windows\ie8\jscript.dll

+ 2008-04-14 21:32:30 15,872 -c----w c:\windows\ie8\jsproxy.dll

+ 2008-04-14 21:32:30 22,016 -c----w c:\windows\ie8\licmgr10.dll

+ 2008-12-20 23:03:48 459,264 -c----w c:\windows\ie8\msfeeds.dll

+ 2008-12-20 23:03:48 52,224 -c----w c:\windows\ie8\msfeedsbs.dll

+ 2008-04-14 21:33:08 29,184 -c----w c:\windows\ie8\mshta.exe

+ 2008-12-12 17:03:55 3,088,896 -c----w c:\windows\ie8\mshtml.dll

+ 2008-04-14 21:32:32 449,024 -c----w c:\windows\ie8\mshtmled.dll

+ 2008-04-14 21:03:22 57,344 -c----w c:\windows\ie8\mshtmler.dll

+ 2006-03-02 12:00:00 146,432 -c----w c:\windows\ie8\msls31.dll

+ 2008-04-14 21:32:34 146,432 -c----w c:\windows\ie8\msrating.dll

+ 2008-04-14 21:32:34 532,480 -c----w c:\windows\ie8\mstime.dll

+ 2008-04-14 21:32:38 97,280 -c----w c:\windows\ie8\occache.dll

+ 2008-04-14 21:32:40 39,424 -c----w c:\windows\ie8\pngfilt.dll

+ 2009-01-15 08:15:54 59,880 -c----w c:\windows\ie8\spuninst\iecustom.dll

+ 2008-10-13 12:55:46 235,040 -c----w c:\windows\ie8\spuninst\spuninst.exe

+ 2008-10-13 12:55:46 400,928 -c----w c:\windows\ie8\spuninst\updspapi.dll

+ 2008-04-14 21:32:46 37,888 -c----w c:\windows\ie8\url.dll

+ 2008-10-16 01:02:39 620,032 -c----w c:\windows\ie8\urlmon.dll

+ 2008-05-09 10:56:23 430,080 -c----w c:\windows\ie8\vbscript.dll

+ 2008-04-14 21:32:46 851,968 -c----w c:\windows\ie8\vgx.dll

+ 2008-04-14 21:32:46 279,552 -c----w c:\windows\ie8\webcheck.dll

+ 2008-10-16 01:02:39 669,184 -c----w c:\windows\ie8\wininet.dll

+ 2009-01-15 01:06:46 2,048 -c----w c:\windows\ie8updates\KB961813-IE8\iecompat.dll

+ 2007-11-30 12:39:46 26,488 -c----w c:\windows\ie8updates\KB961813-IE8\spcustom.dll

+ 2007-11-30 12:39:46 18,808 -c----w c:\windows\ie8updates\KB961813-IE8\spmsg.dll

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\ie8updates\KB961813-IE8\spuninst.exe

+ 2007-11-30 12:39:46 234,872 -c----w c:\windows\ie8updates\KB961813-IE8\spuninst\spuninst.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\ie8updates\KB961813-IE8\spuninst\updspapi.dll

+ 2007-11-30 12:39:46 765,304 -c----w c:\windows\ie8updates\KB961813-IE8\update.exe

+ 2007-11-30 12:39:47 401,272 -c----w c:\windows\ie8updates\KB961813-IE8\updspapi.dll

+ 2009-03-18 18:56:53 29,926 ----a-r c:\windows\Installer\{9816B8B8-4B53-4D3D-9235-AD931252001D}\MsblIco.Exe

- 2008-12-20 23:03:39 124,928 ----a-w c:\windows\system32\advpack.dll

+ 2009-01-15 01:03:12 128,512 ----a-w c:\windows\system32\advpack.dll

- 2009-03-13 10:41:09 16,384 ------w c:\windows\system32\config\systemprofile\Cookies\index.dat

+ 2009-03-18 13:43:15 16,384 ------w c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2009-03-13 10:41:09 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

+ 2009-03-18 13:43:15 32,768 ------w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

+ 2009-03-18 13:43:15 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012009031820090319\index.dat

- 2007-08-13 17:39:20 71,680 -c--a-w c:\windows\system32\dllcache\admparse.dll

+ 2009-01-15 01:03:32 72,704 -c----w c:\windows\system32\dllcache\admparse.dll

- 2008-12-20 23:03:39 124,928 -c----w c:\windows\system32\dllcache\advpack.dll

+ 2009-01-15 01:03:12 128,512 -c----w c:\windows\system32\dllcache\advpack.dll

- 2006-09-23 12:13:00 1,022,976 -c----w c:\windows\system32\dllcache\browseui.dll

+ 2008-10-13 12:55:46 1,022,976 -c----w c:\windows\system32\dllcache\browseui.dll

- 2006-03-02 12:00:00 35,328 -c----w c:\windows\system32\dllcache\corpol.dll

+ 2009-01-15 01:04:28 18,944 -c----w c:\windows\system32\dllcache\corpol.dll

- 2007-08-13 17:54:10 33,792 -c--a-w c:\windows\system32\dllcache\custsat.dll

+ 2006-06-02 19:34:07 33,792 -c--a-w c:\windows\system32\dllcache\custsat.dll

- 2008-12-20 23:03:39 347,136 -c----w c:\windows\system32\dllcache\dxtmsft.dll

+ 2009-01-15 01:01:22 348,160 -c----w c:\windows\system32\dllcache\dxtmsft.dll

- 2008-12-20 23:03:40 214,528 -c----w c:\windows\system32\dllcache\dxtrans.dll

+ 2009-01-15 01:01:16 216,064 -c----w c:\windows\system32\dllcache\dxtrans.dll

- 2007-08-13 17:18:02 60,416 -c--a-w c:\windows\system32\dllcache\hmmapi.dll

+ 2009-01-15 00:53:40 68,608 -c----w c:\windows\system32\dllcache\hmmapi.dll

- 2008-12-20 23:03:40 63,488 -c--a-w c:\windows\system32\dllcache\icardie.dll

+ 2009-01-15 01:01:40 59,904 -c--a-w c:\windows\system32\dllcache\icardie.dll

- 2008-12-19 09:13:43 70,656 -c----w c:\windows\system32\dllcache\ie4uinit.exe

+ 2009-01-15 01:03:28 172,544 -c----w c:\windows\system32\dllcache\ie4uinit.exe

- 2008-12-20 23:03:40 153,088 -c----w c:\windows\system32\dllcache\ieakeng.dll

+ 2009-01-15 01:03:42 125,952 -c----w c:\windows\system32\dllcache\ieakeng.dll

- 2008-12-20 23:03:40 230,400 -c----w c:\windows\system32\dllcache\ieaksie.dll

+ 2009-01-15 01:03:50 228,352 -c----w c:\windows\system32\dllcache\ieaksie.dll

- 2008-12-19 05:23:56 161,792 -c----w c:\windows\system32\dllcache\ieakui.dll

+ 2009-01-15 01:03:20 163,840 -c--a-w c:\windows\system32\dllcache\ieakui.dll

- 2008-12-20 23:03:41 383,488 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll

+ 2009-01-15 00:35:10 445,440 -c--a-w c:\windows\system32\dllcache\ieapfltr.dll

- 2008-12-20 23:03:41 384,512 -c----w c:\windows\system32\dllcache\iedkcs32.dll

+ 2009-01-15 01:17:22 392,040 -c----w c:\windows\system32\dllcache\iedkcs32.dll

- 2008-12-20 23:03:45 6,066,688 -c--a-w c:\windows\system32\dllcache\ieframe.dll

+ 2009-01-15 01:12:12 10,963,968 -c--a-w c:\windows\system32\dllcache\ieframe.dll

- 2007-08-13 17:54:10 191,488 -c--a-w c:\windows\system32\dllcache\iepeers.dll

+ 2009-01-15 01:01:52 183,808 -c----w c:\windows\system32\dllcache\iepeers.dll

- 2008-12-20 23:03:45 44,544 -c----w c:\windows\system32\dllcache\iernonce.dll

+ 2009-01-15 01:03:14 55,808 -c----w c:\windows\system32\dllcache\iernonce.dll

- 2008-12-20 23:03:46 267,776 -c--a-w c:\windows\system32\dllcache\iertutil.dll

+ 2009-01-15 01:02:50 1,975,296 -c--a-w c:\windows\system32\dllcache\iertutil.dll

- 2007-08-13 17:39:12 55,296 -c--a-w c:\windows\system32\dllcache\iesetup.dll

+ 2009-01-15 01:03:18 71,680 -c----w c:\windows\system32\dllcache\iesetup.dll

- 2008-12-19 05:25:25 634,024 -c----w c:\windows\system32\dllcache\iexplore.exe

+ 2009-01-15 01:17:22 636,264 -c----w c:\windows\system32\dllcache\iexplore.exe

- 2007-08-13 17:36:06 36,352 -c--a-w c:\windows\system32\dllcache\imgutil.dll

+ 2009-01-15 01:01:26 34,304 -c----w c:\windows\system32\dllcache\imgutil.dll

- 2007-08-13 17:39:02 92,672 -c--a-w c:\windows\system32\dllcache\inseng.dll

+ 2009-01-15 01:03:14 94,720 -c----w c:\windows\system32\dllcache\inseng.dll

- 2008-05-09 10:56:23 512,000 -c--a-w c:\windows\system32\dllcache\jscript.dll

+ 2009-01-15 01:03:58 724,992 -c--a-w c:\windows\system32\dllcache\jscript.dll

- 2008-12-20 23:03:47 27,648 -c----w c:\windows\system32\dllcache\jsproxy.dll

+ 2009-01-15 01:04:16 25,600 -c----w c:\windows\system32\dllcache\jsproxy.dll

- 2007-08-13 17:44:18 40,960 -c--a-w c:\windows\system32\dllcache\licmgr10.dll

+ 2009-01-15 01:05:34 43,008 -c----w c:\windows\system32\dllcache\licmgr10.dll

- 2008-12-20 23:03:48 459,264 -c--a-w c:\windows\system32\dllcache\msfeeds.dll

+ 2009-01-15 01:02:40 593,920 -c--a-w c:\windows\system32\dllcache\msfeeds.dll

- 2008-12-20 23:03:48 52,224 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll

+ 2009-01-15 01:01:40 54,272 -c--a-w c:\windows\system32\dllcache\msfeedsbs.dll

- 2007-08-13 17:32:30 45,568 -c--a-w c:\windows\system32\dllcache\mshta.exe

+ 2009-01-15 01:00:38 45,568 -c----w c:\windows\system32\dllcache\mshta.exe

- 2009-01-16 20:31:16 3,594,752 -c----w c:\windows\system32\dllcache\mshtml.dll

+ 2009-01-15 01:13:18 5,888,512 -c--a-w c:\windows\system32\dllcache\mshtml.dll

- 2008-12-20 23:03:51 477,696 -c----w c:\windows\system32\dllcache\mshtmled.dll

+ 2009-01-15 01:01:06 66,560 -c----w c:\windows\system32\dllcache\mshtmled.dll

- 2007-08-13 17:01:12 48,128 -c--a-w c:\windows\system32\dllcache\mshtmler.dll

+ 2009-01-15 01:00:46 48,128 -c----w c:\windows\system32\dllcache\mshtmler.dll

- 2007-08-13 17:54:10 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll

+ 2009-01-15 00:50:38 156,160 -c--a-w c:\windows\system32\dllcache\msls31.dll

- 2008-12-20 23:03:51 193,024 -c----w c:\windows\system32\dllcache\msrating.dll

+ 2009-01-15 01:05:34 193,536 -c----w c:\windows\system32\dllcache\msrating.dll

- 2008-12-20 23:03:51 671,232 -c----w c:\windows\system32\dllcache\mstime.dll

+ 2009-01-15 01:02:20 611,840 -c----w c:\windows\system32\dllcache\mstime.dll

- 2008-09-10 01:16:18 1,307,648 -c----w c:\windows\system32\dllcache\msxml6.dll

+ 2008-04-14 21:32:34 1,306,624 -c----w c:\windows\system32\dllcache\msxml6.dll

- 2008-12-20 23:03:51 102,912 -c----w c:\windows\system32\dllcache\occache.dll

+ 2009-01-15 01:05:34 109,056 -c----w c:\windows\system32\dllcache\occache.dll

- 2008-12-20 23:03:51 44,544 -c----w c:\windows\system32\dllcache\pngfilt.dll

+ 2009-01-15 01:01:18 46,592 -c----w c:\windows\system32\dllcache\pngfilt.dll

- 2006-09-23 12:13:00 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll

+ 2008-10-13 12:55:46 474,624 -c----w c:\windows\system32\dllcache\shlwapi.dll

+ 2008-10-13 12:55:32 134,144 -c----w c:\windows\system32\dllcache\sqmapi.dll

- 2008-12-20 23:03:52 105,984 -c----w c:\windows\system32\dllcache\url.dll

+ 2009-01-15 01:06:00 105,984 -c----w c:\windows\system32\dllcache\url.dll

- 2008-12-20 23:03:52 1,160,192 -c----w c:\windows\system32\dllcache\urlmon.dll

+ 2009-01-15 01:06:48 1,182,720 -c--a-w c:\windows\system32\dllcache\urlmon.dll

- 2008-05-09 10:56:23 430,080 -c--a-w c:\windows\system32\dllcache\vbscript.dll

+ 2009-01-15 01:03:36 420,352 -c--a-w c:\windows\system32\dllcache\vbscript.dll

- 2008-05-27 17:30:36 765,952 -c--a-w c:\windows\system32\dllcache\vgx.dll

+ 2009-01-15 01:04:56 755,200 -c----w c:\windows\system32\dllcache\VGX.dll

- 2008-12-20 23:03:52 233,472 -c----w c:\windows\system32\dllcache\webcheck.dll

+ 2009-01-15 01:06:08 236,544 -c----w c:\windows\system32\dllcache\webcheck.dll

- 2008-12-20 23:03:53 826,368 -c----w c:\windows\system32\dllcache\wininet.dll

+ 2009-01-15 01:05:42 911,872 -c--a-w c:\windows\system32\dllcache\wininet.dll

+ 2008-06-01 07:13:10 34,064 ----a-w c:\windows\system32\drivers\npf.sys

- 2008-12-20 23:03:39 347,136 ----a-w c:\windows\system32\dxtmsft.dll

+ 2009-01-15 01:01:22 348,160 ----a-w c:\windows\system32\dxtmsft.dll

- 2008-12-20 23:03:40 214,528 ----a-w c:\windows\system32\dxtrans.dll

+ 2009-01-15 01:01:16 216,064 ----a-w c:\windows\system32\dxtrans.dll

- 2008-12-20 23:03:40 133,120 ------w c:\windows\system32\extmgr.dll

+ 2008-04-14 21:32:26 55,808 ----a-w c:\windows\system32\extmgr.dll

- 2008-12-20 23:03:40 63,488 ----a-w c:\windows\system32\icardie.dll

+ 2009-01-15 01:01:40 59,904 ------w c:\windows\system32\icardie.dll

- 2008-12-19 09:13:43 70,656 ------w c:\windows\system32\ie4uinit.exe

+ 2009-01-15 01:03:28 172,544 ----a-w c:\windows\system32\ie4uinit.exe

- 2008-12-20 23:03:40 153,088 ------w c:\windows\system32\ieakeng.dll

+ 2009-01-15 01:03:42 125,952 ----a-w c:\windows\system32\ieakeng.dll

- 2008-12-20 23:03:40 230,400 ------w c:\windows\system32\ieaksie.dll

+ 2009-01-15 01:03:50 228,352 ----a-w c:\windows\system32\ieaksie.dll

- 2008-12-19 05:23:56 161,792 ------w c:\windows\system32\ieakui.dll

+ 2009-01-15 01:03:20 163,840 ----a-w c:\windows\system32\ieakui.dll

- 2007-04-17 09:32:38 2,455,488 ----a-w c:\windows\system32\ieapfltr.dat

+ 2008-12-14 16:12:42 3,698,040 ------w c:\windows\system32\ieapfltr.dat

- 2008-12-20 23:03:41 383,488 ----a-w c:\windows\system32\ieapfltr.dll

+ 2009-01-15 00:35:10 445,440 ------w c:\windows\system32\ieapfltr.dll

- 2008-12-20 23:03:41 384,512 ------w c:\windows\system32\iedkcs32.dll

+ 2009-01-15 01:17:22 392,040 ----a-w c:\windows\system32\iedkcs32.dll

- 2008-12-20 23:03:45 6,066,688 ----a-w c:\windows\system32\ieframe.dll

+ 2009-01-15 01:12:12 10,963,968 ------w c:\windows\system32\ieframe.dll

- 2007-08-13 17:54:10 191,488 ----a-w c:\windows\system32\iepeers.dll

+ 2009-01-15 01:01:52 183,808 ----a-w c:\windows\system32\iepeers.dll

- 2008-12-20 23:03:45 44,544 ------w c:\windows\system32\iernonce.dll

+ 2009-01-15 01:03:14 55,808 ----a-w c:\windows\system32\iernonce.dll

- 2008-12-20 23:03:46 267,776 ----a-w c:\windows\system32\iertutil.dll

+ 2009-01-15 01:02:50 1,975,296 ------w c:\windows\system32\iertutil.dll

- 2008-12-19 09:10:15 13,824 ----a-w c:\windows\system32\ieudinit.exe

+ 2009-01-15 01:03:18 36,864 ----a-w c:\windows\system32\ieudinit.exe

- 2007-08-13 17:54:10 180,736 ------w c:\windows\system32\ieui.dll

+ 2009-01-15 00:50:50 164,352 ------w c:\windows\system32\ieui.dll

- 2007-08-13 17:39:02 92,672 ----a-w c:\windows\system32\inseng.dll

+ 2009-01-15 01:03:14 94,720 ----a-w c:\windows\system32\inseng.dll

- 2008-05-09 10:56:23 512,000 ----a-w c:\windows\system32\jscript.dll

+ 2009-01-15 01:03:58 724,992 ----a-w c:\windows\system32\jscript.dll

- 2008-12-20 23:03:47 27,648 ----a-w c:\windows\system32\jsproxy.dll

+ 2009-01-15 01:04:16 25,600 ----a-w c:\windows\system32\jsproxy.dll

- 2008-12-20 23:03:48 459,264 ----a-w c:\windows\system32\msfeeds.dll

+ 2009-01-15 01:02:40 593,920 ------w c:\windows\system32\msfeeds.dll

- 2008-12-20 23:03:48 52,224 ----a-w c:\windows\system32\msfeedsbs.dll

+ 2009-01-15 01:01:40 54,272 ------w c:\windows\system32\msfeedsbs.dll

- 2007-08-13 17:36:40 12,288 ------w c:\windows\system32\msfeedssync.exe

+ 2009-01-15 01:01:42 13,312 ------w c:\windows\system32\msfeedssync.exe

- 2009-01-16 20:31:16 3,594,752 ----a-w c:\windows\system32\mshtml.dll

+ 2009-01-15 01:13:18 5,888,512 ----a-w c:\windows\system32\mshtml.dll

- 2008-12-20 23:03:51 477,696 ----a-w c:\windows\system32\mshtmled.dll

+ 2009-01-15 01:01:06 66,560 ----a-w c:\windows\system32\mshtmled.dll

- 2008-12-20 23:03:51 193,024 ------w c:\windows\system32\msrating.dll

+ 2009-01-15 01:05:34 193,536 ----a-w c:\windows\system32\msrating.dll

- 2008-12-20 23:03:51 671,232 ------w c:\windows\system32\mstime.dll

+ 2009-01-15 01:02:20 611,840 ----a-w c:\windows\system32\mstime.dll

- 2008-12-20 23:03:51 102,912 ------w c:\windows\system32\occache.dll

+ 2009-01-15 01:05:34 109,056 ----a-w c:\windows\system32\occache.dll

+ 2008-06-01 07:13:10 88,696 ----a-w c:\windows\system32\Packet.dll

- 2009-03-16 19:56:52 278,528 ----a-w c:\windows\system32\pncrt.dll

+ 2009-03-17 20:10:51 278,528 ----a-w c:\windows\system32\pncrt.dll

- 2009-03-16 19:56:53 6,656 ----a-w c:\windows\system32\pndx5016.dll

+ 2009-03-17 20:10:58 6,656 ----a-w c:\windows\system32\pndx5016.dll

- 2009-03-16 19:56:53 5,632 ----a-w c:\windows\system32\pndx5032.dll

+ 2009-03-17 20:10:58 5,632 ----a-w c:\windows\system32\pndx5032.dll

- 2008-12-20 23:03:51 44,544 ----a-w c:\windows\system32\pngfilt.dll

+ 2009-01-15 01:01:18 46,592 ----a-w c:\windows\system32\pngfilt.dll

+ 2008-06-01 07:13:10 53,299 ----a-w c:\windows\system32\pthreadVC.dll

+ 2008-04-14 17:02:34 4,274,816 ----a-w c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\nv4_disp.dll

+ 2004-08-03 22:29:56 1,897,408 ----a-w c:\windows\system32\ReinstallBackups\0005\DriverFiles\i386\nv4_mini.sys

- 2009-03-16 19:57:03 185,920 ----a-w c:\windows\system32\rmoc3260.dll

+ 2009-03-17 20:11:13 185,920 ----a-w c:\windows\system32\rmoc3260.dll

- 2008-04-14 17:03:15 7,680 ------w c:\windows\system32\spdwnwxp.exe

+ 2008-04-14 21:33:16 7,680 ----a-w c:\windows\system32\spdwnwxp.exe

- 2008-07-06 12:06:10 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll

+ 2008-04-14 21:32:46 373,248 ----a-w c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll

- 2008-12-20 23:03:52 105,984 ----a-w c:\windows\system32\url.dll

+ 2009-01-15 01:06:00 105,984 ----a-w c:\windows\system32\url.dll

- 2008-12-20 23:03:52 1,160,192 ----a-w c:\windows\system32\urlmon.dll

+ 2009-01-15 01:06:48 1,182,720 ----a-w c:\windows\system32\urlmon.dll

+ 2008-06-01 07:13:10 68,224 ----a-w c:\windows\system32\WanPacket.dll

- 2008-12-20 23:03:52 233,472 ----a-w c:\windows\system32\webcheck.dll

+ 2009-01-15 01:06:08 236,544 ----a-w c:\windows\system32\webcheck.dll

- 2007-08-13 17:45:16 206,336 ------w c:\windows\system32\WinFXDocObj.exe

+ 2009-01-15 01:06:22 208,384 ------w c:\windows\system32\WinFXDocObj.exe

+ 2008-06-01 07:13:10 240,248 ----a-w c:\windows\system32\wpcap.dll

+ 2009-03-18 19:18:59 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_534.dat

+ 2008-04-14 17:00:21 1,054,208 ----a-w c:\windows\WinSxS\InstallTemp\999178\comctl32.dll

- 2008-04-14 17:00:21 74,802 ------w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll

+ 2008-04-14 21:30:22 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll

- 2008-04-14 17:00:21 995,383 ------w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll

+ 2008-04-14 21:30:22 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll

- 2008-04-14 17:00:21 1,011,774 ------w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll

+ 2008-04-14 21:30:22 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll

- 2008-04-14 17:00:21 401,462 ------w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll

+ 2008-04-14 21:30:22 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll

+ 2006-06-05 13:14:28 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll

+ 2006-06-05 13:14:28 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll

+ 2006-06-05 13:14:28 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll

+ 2007-11-07 00:19:32 161,784 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll

+ 2007-11-07 00:19:38 1,156,600 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll

+ 2007-11-07 00:19:38 1,162,744 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll

+ 2007-11-06 21:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll

+ 2007-11-06 21:51:08 59,904 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll

+ 2007-11-07 00:19:16 41,472 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll

+ 2007-11-07 00:19:16 41,984 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll

+ 2007-11-07 00:19:28 60,928 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll

+ 2007-11-07 00:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll

+ 2007-11-07 00:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll

+ 2007-11-07 00:19:22 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll

+ 2007-11-07 00:19:28 60,416 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll

+ 2007-11-07 00:19:28 59,392 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll

+ 2007-11-07 00:19:16 47,104 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll

+ 2007-11-07 00:19:16 46,592 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll

+ 2007-11-07 00:19:22 54,272 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll

- 2008-04-14 17:00:21 1,054,208 ------w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

+ 2008-04-14 21:30:22 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

- 2008-04-14 17:00:21 57,344 ------w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll

+ 2008-04-14 21:30:22 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll

- 2008-04-14 17:00:21 343,040 ------w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

+ 2008-04-14 21:30:22 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

- 2008-04-14 17:00:20 1,724,416 ------w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll

+ 2008-04-14 21:30:22 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll

- 2008-04-14 17:00:21 852,992 ------w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll

+ 2008-04-14 21:30:22 852,992 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll

- 2008-04-14 17:00:21 992,768 ------w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll

+ 2008-04-14 21:30:22 992,768 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll

- 2008-04-14 16:40:36 135,680 ------w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_nl_71cbebcb\rtcres.dll

+ 2008-04-14 21:10:38 135,680 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_nl_71cbebcb\rtcres.dll

.

-- Snapshot reset to current date --

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"PC Suite Tray"="c:\documents and settings\Hoofdgebruiker\Mijn documenten\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]

"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-17 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]

2009-03-13 23:31 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\Program Files\\Paltalk Messenger\\paltalk.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=

"c:\\Program Files\\MSN Messenger\\livecall.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-13 325640]

R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-13 107912]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-13 298264]

R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-03-15 55152]

R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2008-06-01 34064]

R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2006-03-02 14336]

R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]

S2 gupdate1c9a42c2425e7b0;Google Updateservice (gupdate1c9a42c2425e7b0);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]

S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]

S4 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-01-09 33752]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

.

Contents of the 'Scheduled Tasks' folder

2009-03-18 c:\windows\Tasks\1-Click Maintenance.job

- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 09:09]

2009-03-18 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39]

2009-03-18 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-13 13:06]

2009-03-18 c:\windows\Tasks\GoogleUpdateTaskMachine.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 23:36]

2009-03-17 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe []

2009-03-18 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe []

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.tarikibnali.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = <local>

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Search

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?8a356ad4d0ab4ce48a042d3043b1507f

IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?8a356ad4d0ab4ce48a042d3043b1507f

FF - ProfilePath - c:\documents and settings\Hoofdgebruiker\Application Data\Mozilla\Firefox\Profiles\uowycvmc.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=

FF - prefs.js: browser.search.selectedEngine - Live Search

FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/

FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?mkt=fr-FR&FORM=MDSZNE&q=

FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

FF - plugin: c:\program files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll

FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-03-18 20:36:18

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

.

Completion time: 2009-03-18 20:37:39

ComboFix-quarantined-files.txt 2009-03-18 19:37:35

ComboFix2.txt 2009-03-17 15:32:11

ComboFix3.txt 2009-03-17 07:06:41

ComboFix4.txt 2009-03-17 00:38:53

Pre-Run: 62,295,805,952 bytes beschikbaar

Post-Run: 62,282,530,816 bytes beschikbaar

711 --- E O F --- 2009-03-16 17:22:37

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:08:03, on 18/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18372)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Nokia PC Suite 7\PCSuite.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Windows Live\Family Safety\fsssvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080/

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [PC Suite Tray] "C:\Documents and Settings\Hoofdgebruiker\Mijn documenten\Nokia PC Suite 7\PCSuite.exe" -onlytray

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?8a356ad4d0ab4ce48a042d3043b1507f

O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?8a356ad4d0ab4ce48a042d3043b1507f

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Google Updateservice (gupdate1c9a42c2425e7b0) (gupdate1c9a42c2425e7b0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--

End of file - 4633 bytes