Dagelijk draai ik Hitmanpro. Nu toch mijn Favorieten verstoord; er komen een aantal vervelende sites bij die ik niet kan verwijderen. Ook zijn er nu snelkoppelingen op het Bureaublad die ik niet kan verwijderen. Graag hulp.
Logfile of HijackThis v1.99.0
Scan saved at 15:20:38, on 30-12-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\Support.com\bin\tgcmd.exe
C:\Program Files\iISystem Wiper\SystemWiper.exe
C:\Program Files\chello\ChelloMessenger.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\AVPersonal\AVSched32.EXE
C:\Program Files\Nuria\Nuria.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ntcpl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Doctor\spydoctor.exe
C:\Program Files\Dataverbruik\dataverbruik.exe
C:\Program Files\eFax Messenger Plus 3.3\J2GDllCmd.exe
C:\Program Files\eFax Messenger Plus 3.3\J2GTray.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Philex Enterprises\Philex Atomic Time\Time.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\Program Files\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://vljbaymqrco.org/abXfrie3nV8d3S2sRm5VcRUhaGn915Y/ljbpdyWstgOtc365QZKuaIJjcM6nEN6a.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.megasellers.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ams.chello.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {10356B4C-6685-FEE0-58D4-EFB9846F2E6F} - C:\PROGRA~1\MAGSBR~1\win support.exe (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {4BF69EEA-FB5B-FAB8-0EED-F45F40BAB6A3} - C:\DOCUME~1\AMDATH~1\APPLIC~1\MAGSBR~1\win support.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [tgcmd] "C:\PROGRA~1\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [iIWiper] C:\Program Files\iISystem Wiper\SystemWiper.exe m
O4 - HKLM\..\Run: [ChelloBackground] C:\Program Files\chello\ChelloMessenger.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Time settings bags city] C:\Documents and Settings\All Users\Application Data\Dalesofttimesettings\cdrom does.exe
O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [Nuria] C:\Program Files\Nuria\Nuria.exe
O4 - HKLM\..\Run: [ChelloDesktop] C:\Program Files\chello\ChelloDesktop.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\system32\ntcpl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - HKCU\..\Run: [Filehand Search] C:\Program Files\Filehand Search\Filehand Search.exe -auto
O4 - HKCU\..\Run: [Online Ooze] C:\DOCUME~1\AMDATH~1\APPLIC~1\GREATJ~1\TwoRoad.exe
O4 - HKCU\..\Run: [dataverbruik] C:\Program Files\Dataverbruik\dataverbruik.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: eFax Live Menu 3.3.lnk = C:\Program Files\eFax Messenger Plus 3.3\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.3.lnk = C:\Program Files\eFax Messenger Plus 3.3\J2GTray.exe
O4 - Global Startup: Herinneringen van Microsoft Works Agenda.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Philex Atomic Time.lnk = C:\Program Files\Philex Enterprises\Philex Atomic Time\Time.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
O9 - Extra button: (no name) - {26835CE1-D5EC-11d5-AF6E-00C06D0086BF} - (no file)
O9 - Extra button: (no name) - {6A0426D1-0FF2-49a0-ABC2-05B67826C727} - (no file)
O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.megasellers.nl
O16 - DPF: ChatSpace Full Java Client 2.1.0.89 - http://213.133.40.11:8000/Java/cs4fs089.cab
O16 - DPF: ChatSpace Java Client 2.1.0.86 - http://chat.kidsonline.nl/Java/cs4ms086.cab
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://quickfix.chello.nl/sdccommon/download/tgctlsi.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020909/qtinstall.info.apple.com/sikes/nl/win/QuickTimeInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,83/mcinsctl.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B817734E-046C-11D3-B674-00104BA25195} - ftp://ftp.mmm.com/pub/psnotes/psnudate.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://www.p3.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {E3802230-F0E2-4A75-9947-EAB78DD8153F} (InstallerX Class) - http://www.euroklik.nl/cab/EasyWebInstaller.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4299/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://www.tukati.com/software/4/1.7.20.20/tukati.cab
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: IMAPI CD-Burning COM Service - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: MSI_WLAN_Service - Unknown - C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Logfile of HijackThis v1.99.0
Scan saved at 15:20:38, on 30-12-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\PROGRA~1\Support.com\bin\tgcmd.exe
C:\Program Files\iISystem Wiper\SystemWiper.exe
C:\Program Files\chello\ChelloMessenger.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\AVPersonal\AVSched32.EXE
C:\Program Files\Nuria\Nuria.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\ntcpl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Spyware Doctor\spydoctor.exe
C:\Program Files\Dataverbruik\dataverbruik.exe
C:\Program Files\eFax Messenger Plus 3.3\J2GDllCmd.exe
C:\Program Files\eFax Messenger Plus 3.3\J2GTray.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Philex Enterprises\Philex Atomic Time\Time.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MICROS~2\Office\OUTLOOK.EXE
C:\Program Files\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://vljbaymqrco.org/abXfrie3nV8d3S2sRm5VcRUhaGn915Y/ljbpdyWstgOtc365QZKuaIJjcM6nEN6a.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.megasellers.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///C:/Program%20Files/EnterOne/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.ams.chello.nl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {10356B4C-6685-FEE0-58D4-EFB9846F2E6F} - C:\PROGRA~1\MAGSBR~1\win support.exe (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {4BF69EEA-FB5B-FAB8-0EED-F45F40BAB6A3} - C:\DOCUME~1\AMDATH~1\APPLIC~1\MAGSBR~1\win support.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [tgcmd] "C:\PROGRA~1\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [iIWiper] C:\Program Files\iISystem Wiper\SystemWiper.exe m
O4 - HKLM\..\Run: [ChelloBackground] C:\Program Files\chello\ChelloMessenger.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Time settings bags city] C:\Documents and Settings\All Users\Application Data\Dalesofttimesettings\cdrom does.exe
O4 - HKLM\..\Run: [AVSCHED32] C:\Program Files\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [Nuria] C:\Program Files\Nuria\Nuria.exe
O4 - HKLM\..\Run: [ChelloDesktop] C:\Program Files\chello\ChelloDesktop.exe
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [NvCplD] C:\WINDOWS\system32\ntcpl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\spydoctor.exe" /Q
O4 - HKCU\..\Run: [Filehand Search] C:\Program Files\Filehand Search\Filehand Search.exe -auto
O4 - HKCU\..\Run: [Online Ooze] C:\DOCUME~1\AMDATH~1\APPLIC~1\GREATJ~1\TwoRoad.exe
O4 - HKCU\..\Run: [dataverbruik] C:\Program Files\Dataverbruik\dataverbruik.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: eFax Live Menu 3.3.lnk = C:\Program Files\eFax Messenger Plus 3.3\J2GDllCmd.exe
O4 - Global Startup: eFax Tray Menu 3.3.lnk = C:\Program Files\eFax Messenger Plus 3.3\J2GTray.exe
O4 - Global Startup: Herinneringen van Microsoft Works Agenda.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Philex Atomic Time.lnk = C:\Program Files\Philex Enterprises\Philex Atomic Time\Time.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 - Global Startup: WlanUtility.lnk = C:\Program Files\MicroStar\WLANUtility\WlanUtility.exe
O9 - Extra button: (no name) - {26835CE1-D5EC-11d5-AF6E-00C06D0086BF} - (no file)
O9 - Extra button: (no name) - {6A0426D1-0FF2-49a0-ABC2-05B67826C727} - (no file)
O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.megasellers.nl
O16 - DPF: ChatSpace Full Java Client 2.1.0.89 - http://213.133.40.11:8000/Java/cs4fs089.cab
O16 - DPF: ChatSpace Java Client 2.1.0.86 - http://chat.kidsonline.nl/Java/cs4ms086.cab
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://quickfix.chello.nl/sdccommon/download/tgctlsi.cab
O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_41.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20020909/qtinstall.info.apple.com/sikes/nl/win/QuickTimeInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-gb/4,0,0,83/mcinsctl.cab
O16 - DPF: {6211AC26-A1B4-422A-AC52-1E70B7D24465} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/nl/filesharingctrl.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 - DPF: {B817734E-046C-11D3-B674-00104BA25195} - ftp://ftp.mmm.com/pub/psnotes/psnudate.cab
O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://www.p3.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {E3802230-F0E2-4A75-9947-EAB78DD8153F} (InstallerX Class) - http://www.euroklik.nl/cab/EasyWebInstaller.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4299/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://www.tukati.com/software/4/1.7.20.20/tukati.cab
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: IMAPI CD-Burning COM Service - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: MSI_WLAN_Service - Unknown - C:\Program Files\MicroStar\WLANUtility\WLAN_Service.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Comment