rhcp
Gebruiker
- Lid geworden
- 13 mrt 2004
- Berichten
- 857
Hedenochtend Spybot en adaware gedraaid. Veel spyware kunnen verwijderen. We zijn nog steeds niet in staat om SPII te installeren.
Bijgaand log, alvast bedankt voor jullie medewerking.
Op jullie advies virusscanner gedraaid en nieuwe log geplaatst.
Alvast bedankt voor jullie medewerking.
Gr.
Logfile of HijackThis v1.98.2
Scan saved at 15:43:23, on 30-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Norman\NVC\BIN\Zanda.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\NJEEVES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\NORMAN\Nvc\BIN\ZLH.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\NORMAN\Nvc\BIN\NYMSE.EXE
C:\NORMAN\Nvc\BIN\NIP.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OutLaster\shhost.exe
C:\WINDOWS\ewupdater.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\cclaw.exe
C:\Documents and Settings\Ben\Bureaublad\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccnet.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\nl\msntb.dll
O3 - Toolbar: (no name) - {9AD55269-A21C-4260-BA7F-866FD09E8A8E} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O3 - Toolbar: (no name) - {02ffc86e-283e-4faa-95d6-addca024f30a} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [azchef] C:\WINDOWS\azchef.exe
O4 - HKLM\..\Run: [cvedilmj] C:\WINDOWS\cvedilmj.exe
O4 - HKLM\..\Run: [chgj] C:\WINDOWS\chgj.exe
O4 - HKLM\..\Run: [pcrqzkt] C:\WINDOWS\pcrqzkt.exe
O4 - HKLM\..\Run: [byhshaf] C:\WINDOWS\byhshaf.exe
O4 - HKLM\..\Run: [jcjatid] C:\WINDOWS\jcjatid.exe
O4 - HKLM\..\Run: [dkxwjiv] C:\WINDOWS\dkxwjiv.exe
O4 - HKLM\..\Run: [dytqtgd] C:\WINDOWS\dytqtgd.exe
O4 - HKLM\..\Run: [pcxqjgr] C:\WINDOWS\pcxqjgr.exe
O4 - HKLM\..\Run: [jqlybyd] C:\WINDOWS\jqlybyd.exe
O4 - HKLM\..\Run: [zunuhqz] C:\WINDOWS\zunuhqz.exe
O4 - HKLM\..\Run: [tgnqzab] C:\WINDOWS\tgnqzab.exe
O4 - HKLM\..\Run: [bkxyxqz] C:\WINDOWS\bkxyxqz.exe
O4 - HKLM\..\Run: [tsnglot] C:\WINDOWS\tsnglot.exe
O4 - HKLM\..\Run: [dkpchcv] C:\WINDOWS\dkpchcv.exe
O4 - HKLM\..\Run: [xqnenup] C:\WINDOWS\xqnenup.exe
O4 - HKLM\..\Run: [pchcxgh] C:\WINDOWS\pchcxgh.exe
O4 - HKLM\..\Run: [vczkbep] C:\WINDOWS\vczkbep.exe
O4 - HKLM\..\Run: [dkvqdud] C:\WINDOWS\dkvqdud.exe
O4 - HKLM\..\Run: [zelqlon] C:\WINDOWS\zelqlon.exe
O4 - HKLM\..\Run: [fuhmhgn] C:\WINDOWS\fuhmhgn.exe
O4 - HKLM\..\Run: [dmxcbyr] C:\WINDOWS\dmxcbyr.exe
O4 - HKLM\..\Run: [zifwfyb] C:\WINDOWS\zifwfyb.exe
O4 - HKLM\..\Run: [nolglsv] C:\WINDOWS\nolglsv.exe
O4 - HKLM\..\Run: [jwlonir] C:\WINDOWS\jwlonir.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [vmbsnaz] C:\WINDOWS\vmbsnaz.exe
O4 - HKLM\..\Run: [tmdgpab] C:\WINDOWS\tmdgpab.exe
O4 - HKLM\..\Run: [xwlqxih] C:\WINDOWS\xwlqxih.exe
O4 - HKLM\..\Run: [lexijkt] C:\WINDOWS\lexijkt.exe
O4 - HKLM\..\Run: [zohedqx] C:\WINDOWS\zohedqx.exe
O4 - HKLM\..\Run: [lifgpwn] C:\WINDOWS\lifgpwn.exe
O4 - HKLM\..\Run: [pghmbmh] C:\WINDOWS\pghmbmh.exe
O4 - HKLM\..\Run: [roritwz] C:\WINDOWS\roritwz.exe
O4 - HKLM\..\Run: [tajopgz] C:\WINDOWS\tajopgz.exe
O4 - HKLM\..\Run: [xozujuh] C:\WINDOWS\xozujuh.exe
O4 - HKLM\..\Run: [pqfofih] C:\WINDOWS\pqfofih.exe
O4 - HKLM\..\Run: [lqjanaj] C:\WINDOWS\lqjanaj.exe
O4 - HKLM\..\Run: [hgvafar] C:\WINDOWS\hgvafar.exe
O4 - HKLM\..\Run: [zstobsb] C:\WINDOWS\zstobsb.exe
O4 - HKLM\..\Run: [hobmtef] C:\WINDOWS\hobmtef.exe
O4 - HKLM\..\Run: [rqlonaf] C:\WINDOWS\rqlonaf.exe
O4 - HKLM\..\Run: [tozilqv] C:\WINDOWS\tozilqv.exe
O4 - HKLM\..\Run: [voxwxgh] C:\WINDOWS\voxwxgh.exe
O4 - HKLM\..\Run: [denmlyf] C:\WINDOWS\denmlyf.exe
O4 - HKLM\..\Run: [botodez] C:\WINDOWS\botodez.exe
O4 - HKLM\..\Run: [jqtunsd] C:\WINDOWS\jqtunsd.exe
O4 - HKLM\..\Run: [bwdepih] C:\WINDOWS\bwdepih.exe
O4 - HKLM\..\Run: [lwjsfwt] C:\WINDOWS\lwjsfwt.exe
O4 - HKLM\..\Run: [jcbsjct] C:\WINDOWS\jcbsjct.exe
O4 - HKLM\..\Run: [CIO] c:\docume~1\rosanne\mijndo~1\che7e1~1.exe
O4 - HKLM\..\Run: [pmpihef] C:\WINDOWS\pmpihef.exe
O4 - HKLM\..\Run: [vgpetcr] C:\WINDOWS\vgpetcr.exe
O4 - HKLM\..\Run: [vgrevqh] C:\WINDOWS\vgrevqh.exe
O4 - HKLM\..\Run: [nkjqfsj] C:\WINDOWS\nkjqfsj.exe
O4 - HKLM\..\Run: [dypgvwx] C:\WINDOWS\dypgvwx.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Rosanne\Mijn documenten\Resources\MsgPlus.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.4.9.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [shhost] C:\Program Files\OutLaster\shhost.exe
O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDonkey2000] "C:\Program Files\eDonkey2000\edonkey2000.exe" -t
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe"
O4 - HKLM\..\Run: [rdr poll creative does] C:\Documents and Settings\All Users\Application Data\BodyLicenseRdrPoll\Mp3Sign.exe
O4 - HKLM\..\Run: [Games toolbar] rundll32.exe "C:\PROGRA~1\Games\tbGame.dll" DllShowTB
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common Files\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Opstarten.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ChatSpace Full Java Client 2.1.0.89 - http://82.161.10.88:8000/Java/cs4fs089.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {3F2705D0-C9D8-4020-A15C-E495A0050EC6} - http://s7.blingblingcontent.com/toolbarcash/activex/easywebinstaller.ocx
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://activex.webcam.nl/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4356/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
Bijgaand log, alvast bedankt voor jullie medewerking.
Op jullie advies virusscanner gedraaid en nieuwe log geplaatst.
Alvast bedankt voor jullie medewerking.
Gr.
Logfile of HijackThis v1.98.2
Scan saved at 15:43:23, on 30-10-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Norman\NVC\BIN\Zanda.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\NJEEVES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\NORMAN\Nvc\BIN\ZLH.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\NORMAN\Nvc\BIN\NYMSE.EXE
C:\NORMAN\Nvc\BIN\NIP.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OutLaster\shhost.exe
C:\WINDOWS\ewupdater.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\eDonkey2000\edonkey2000.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\cclaw.exe
C:\Documents and Settings\Ben\Bureaublad\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hccnet.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\nl\msntb.dll
O3 - Toolbar: (no name) - {9AD55269-A21C-4260-BA7F-866FD09E8A8E} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O3 - Toolbar: (no name) - {02ffc86e-283e-4faa-95d6-addca024f30a} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [azchef] C:\WINDOWS\azchef.exe
O4 - HKLM\..\Run: [cvedilmj] C:\WINDOWS\cvedilmj.exe
O4 - HKLM\..\Run: [chgj] C:\WINDOWS\chgj.exe
O4 - HKLM\..\Run: [pcrqzkt] C:\WINDOWS\pcrqzkt.exe
O4 - HKLM\..\Run: [byhshaf] C:\WINDOWS\byhshaf.exe
O4 - HKLM\..\Run: [jcjatid] C:\WINDOWS\jcjatid.exe
O4 - HKLM\..\Run: [dkxwjiv] C:\WINDOWS\dkxwjiv.exe
O4 - HKLM\..\Run: [dytqtgd] C:\WINDOWS\dytqtgd.exe
O4 - HKLM\..\Run: [pcxqjgr] C:\WINDOWS\pcxqjgr.exe
O4 - HKLM\..\Run: [jqlybyd] C:\WINDOWS\jqlybyd.exe
O4 - HKLM\..\Run: [zunuhqz] C:\WINDOWS\zunuhqz.exe
O4 - HKLM\..\Run: [tgnqzab] C:\WINDOWS\tgnqzab.exe
O4 - HKLM\..\Run: [bkxyxqz] C:\WINDOWS\bkxyxqz.exe
O4 - HKLM\..\Run: [tsnglot] C:\WINDOWS\tsnglot.exe
O4 - HKLM\..\Run: [dkpchcv] C:\WINDOWS\dkpchcv.exe
O4 - HKLM\..\Run: [xqnenup] C:\WINDOWS\xqnenup.exe
O4 - HKLM\..\Run: [pchcxgh] C:\WINDOWS\pchcxgh.exe
O4 - HKLM\..\Run: [vczkbep] C:\WINDOWS\vczkbep.exe
O4 - HKLM\..\Run: [dkvqdud] C:\WINDOWS\dkvqdud.exe
O4 - HKLM\..\Run: [zelqlon] C:\WINDOWS\zelqlon.exe
O4 - HKLM\..\Run: [fuhmhgn] C:\WINDOWS\fuhmhgn.exe
O4 - HKLM\..\Run: [dmxcbyr] C:\WINDOWS\dmxcbyr.exe
O4 - HKLM\..\Run: [zifwfyb] C:\WINDOWS\zifwfyb.exe
O4 - HKLM\..\Run: [nolglsv] C:\WINDOWS\nolglsv.exe
O4 - HKLM\..\Run: [jwlonir] C:\WINDOWS\jwlonir.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [vmbsnaz] C:\WINDOWS\vmbsnaz.exe
O4 - HKLM\..\Run: [tmdgpab] C:\WINDOWS\tmdgpab.exe
O4 - HKLM\..\Run: [xwlqxih] C:\WINDOWS\xwlqxih.exe
O4 - HKLM\..\Run: [lexijkt] C:\WINDOWS\lexijkt.exe
O4 - HKLM\..\Run: [zohedqx] C:\WINDOWS\zohedqx.exe
O4 - HKLM\..\Run: [lifgpwn] C:\WINDOWS\lifgpwn.exe
O4 - HKLM\..\Run: [pghmbmh] C:\WINDOWS\pghmbmh.exe
O4 - HKLM\..\Run: [roritwz] C:\WINDOWS\roritwz.exe
O4 - HKLM\..\Run: [tajopgz] C:\WINDOWS\tajopgz.exe
O4 - HKLM\..\Run: [xozujuh] C:\WINDOWS\xozujuh.exe
O4 - HKLM\..\Run: [pqfofih] C:\WINDOWS\pqfofih.exe
O4 - HKLM\..\Run: [lqjanaj] C:\WINDOWS\lqjanaj.exe
O4 - HKLM\..\Run: [hgvafar] C:\WINDOWS\hgvafar.exe
O4 - HKLM\..\Run: [zstobsb] C:\WINDOWS\zstobsb.exe
O4 - HKLM\..\Run: [hobmtef] C:\WINDOWS\hobmtef.exe
O4 - HKLM\..\Run: [rqlonaf] C:\WINDOWS\rqlonaf.exe
O4 - HKLM\..\Run: [tozilqv] C:\WINDOWS\tozilqv.exe
O4 - HKLM\..\Run: [voxwxgh] C:\WINDOWS\voxwxgh.exe
O4 - HKLM\..\Run: [denmlyf] C:\WINDOWS\denmlyf.exe
O4 - HKLM\..\Run: [botodez] C:\WINDOWS\botodez.exe
O4 - HKLM\..\Run: [jqtunsd] C:\WINDOWS\jqtunsd.exe
O4 - HKLM\..\Run: [bwdepih] C:\WINDOWS\bwdepih.exe
O4 - HKLM\..\Run: [lwjsfwt] C:\WINDOWS\lwjsfwt.exe
O4 - HKLM\..\Run: [jcbsjct] C:\WINDOWS\jcbsjct.exe
O4 - HKLM\..\Run: [CIO] c:\docume~1\rosanne\mijndo~1\che7e1~1.exe
O4 - HKLM\..\Run: [pmpihef] C:\WINDOWS\pmpihef.exe
O4 - HKLM\..\Run: [vgpetcr] C:\WINDOWS\vgpetcr.exe
O4 - HKLM\..\Run: [vgrevqh] C:\WINDOWS\vgrevqh.exe
O4 - HKLM\..\Run: [nkjqfsj] C:\WINDOWS\nkjqfsj.exe
O4 - HKLM\..\Run: [dypgvwx] C:\WINDOWS\dypgvwx.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Documents and Settings\Rosanne\Mijn documenten\Resources\MsgPlus.exe"
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\Hotbar\bin\4.4.9.0\WeatherOnTray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [shhost] C:\Program Files\OutLaster\shhost.exe
O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\ewupdater.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [eDonkey2000] "C:\Program Files\eDonkey2000\edonkey2000.exe" -t
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\nl\msnappau.exe"
O4 - HKLM\..\Run: [rdr poll creative does] C:\Documents and Settings\All Users\Application Data\BodyLicenseRdrPoll\Mp3Sign.exe
O4 - HKLM\..\Run: [Games toolbar] rundll32.exe "C:\PROGRA~1\Games\tbGame.dll" DllShowTB
O4 - HKLM\..\Run: [WinTools] C:\Program Files\Common Files\WinTools\WToolsA.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Microsoft Office Snelzoeken.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Opstarten.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb029
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: ChatSpace Full Java Client 2.1.0.89 - http://82.161.10.88:8000/Java/cs4fs089.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {3F2705D0-C9D8-4020-A15C-E495A0050EC6} - http://s7.blingblingcontent.com/toolbarcash/activex/easywebinstaller.ocx
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - http://activex.webcam.nl/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} - http://player.virtools.com/downloads/player/Install3.0/Installer.exe
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4356/mcfscan.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab28578.cab
