Wij hadden een mail van jullie gehad Sorry!! dat ik laat op reageer. Het probleem was deels op gelost maar nu komt er toch steeds verschillende zoek balken tevoorschijn.
Kunnen jullie mijn logfile nakijken op raare dingen
Bedankt!!!!!!!!!
A&A
Logfile of HijackThis v1.98.2
Scan saved at 20:28:10, on 9-9-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\System32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
G:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Winamp\Winampa.exe
G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
G:\WINDOWS\Mixer.exe
G:\WINDOWS\System32\atiptaxx.exe
G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
G:\Program Files\Messenger Plus! 2\MsgPlus.exe
G:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
D:\program files\quicktime\qttask.exe
G:\WINDOWS\System32\rundll32.exe
G:\WINDOWS\System32\rundll32.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\WINDOWS\System32\ctfmon.exe
G:\Program Files\ATI Multimedia\main\launchpd.exe
G:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
G:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\INCRED~1\bin\IncMail.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Documents and Settings\Andre\Local Settings\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.noowiasbuyfrycrirreofcf....6N5HyZwQyjeKr_7WXjqa0JnX5DGKH5wzWPnlT2s0.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///G:/Program%20Files/QuickPage/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - G:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: Wanadoo - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - G:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O2 - BHO: G:\WINDOWS\lbbho.dll - {11B6B54B-850A-4E02-A093-B68AD9468968} - G:\WINDOWS\lbbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A2D573CD-CE8F-C080-19A2-057A27D0BFAD} - G:\PROGRA~1\itcharmy\City Axis.exe (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Wanadoo - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - G:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - G:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [WinampAgent] "G:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Regx10EXE] G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKLM\..\Run: [NeroCheck] G:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [MessengerPlus2] "G:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Poke noun] G:\PROGRA~1\TRANSJ~1\active gram for.exe
O4 - HKLM\..\Run: [01 bits city spam] G:\Documents and Settings\All Users\Application Data\rect101bits\Anti Bat.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 G:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [OSS] G:\WINDOWS\system32\ossproxy.exe -boot
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] D:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "G:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [McAfee Instant Update Monitor] "G:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [MessengerPlus2] "G:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [EPSON Stylus C42 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "G:\WINDOWS\System32\E_S1F.tmp"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - G:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...le.com/saba/nl/win/QuickTimeFullInstaller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.cargodatasystems.com:9000/activex/AxisCamControl.cab
O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/1d/player.virtools.com/downloads/player/Install2.1/Installer.exe
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = f31403.find-quick.com
O17 - HKLM\Software\..\Telephony: DomainName = f31403.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5477D2B4-8D09-4AB1-A332-1D2693FCB6F5}: Domain = f31403.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F47B712F-F264-4D02-A619-24292277D9E3}: Domain = f31403.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = f31403.find-quick.com
Kunnen jullie mijn logfile nakijken op raare dingen
Bedankt!!!!!!!!!
A&A
Logfile of HijackThis v1.98.2
Scan saved at 20:28:10, on 9-9-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\System32\Ati2evxx.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
G:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\system32\Ati2evxx.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Common Files\Symantec Shared\ccProxy.exe
G:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
G:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
G:\WINDOWS\System32\svchost.exe
G:\Program Files\Winamp\Winampa.exe
G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
G:\WINDOWS\Mixer.exe
G:\WINDOWS\System32\atiptaxx.exe
G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
G:\Program Files\Messenger Plus! 2\MsgPlus.exe
G:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
D:\program files\quicktime\qttask.exe
G:\WINDOWS\System32\rundll32.exe
G:\WINDOWS\System32\rundll32.exe
G:\Program Files\Common Files\Symantec Shared\ccApp.exe
G:\WINDOWS\System32\ctfmon.exe
G:\Program Files\ATI Multimedia\main\launchpd.exe
G:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
G:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\INCRED~1\bin\IncMail.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Documents and Settings\Andre\Local Settings\Temp\Tijdelijke map 1 voor hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.noowiasbuyfrycrirreofcf....6N5HyZwQyjeKr_7WXjqa0JnX5DGKH5wzWPnlT2s0.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Startpagina = file:///G:/Program%20Files/QuickPage/Portal/portal.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - G:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: Wanadoo - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - G:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O2 - BHO: G:\WINDOWS\lbbho.dll - {11B6B54B-850A-4E02-A093-B68AD9468968} - G:\WINDOWS\lbbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: (no name) - {A2D573CD-CE8F-C080-19A2-057A27D0BFAD} - G:\PROGRA~1\itcharmy\City Axis.exe (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Wanadoo - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - G:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - G:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - G:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [WinampAgent] "G:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [Regx10EXE] G:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKLM\..\Run: [NeroCheck] G:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [MessengerPlus2] "G:\Program Files\Messenger Plus! 2\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Poke noun] G:\PROGRA~1\TRANSJ~1\active gram for.exe
O4 - HKLM\..\Run: [01 bits city spam] G:\Documents and Settings\All Users\Application Data\rect101bits\Anti Bat.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 G:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [OSS] G:\WINDOWS\system32\ossproxy.exe -boot
O4 - HKLM\..\Run: [ccApp] "G:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] D:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [ATI Launchpad] "G:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [McAfee Instant Update Monitor] "G:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [MessengerPlus2] "G:\Program Files\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [EPSON Stylus C42 Series] G:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /A "G:\WINDOWS\System32\E_S1F.tmp"
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] G:\PROGRA~1\SYMNET~1\SNDMon.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - G:\Program Files\ATI Multimedia\TV\EXPLBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - G:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {003FADA5-8FEE-11D6-AFB7-0004768F6183} (CryptoRSA Control) - https://www.p3.postbank.nl/sesam/CAX.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28578.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab30149.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab28578.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...le.com/saba/nl/win/QuickTimeFullInstaller.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28578.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.cargodatasystems.com:9000/activex/AxisCamControl.cab
O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/1d/player.virtools.com/downloads/player/Install2.1/Installer.exe
O16 - DPF: {DE591B16-A452-11D6-AED1-0001030A4E46} (PBGNX Control) - https://gto.postbank.nl/GTO/PBGNX.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = f31403.find-quick.com
O17 - HKLM\Software\..\Telephony: DomainName = f31403.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{5477D2B4-8D09-4AB1-A332-1D2693FCB6F5}: Domain = f31403.find-quick.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{F47B712F-F264-4D02-A619-24292277D9E3}: Domain = f31403.find-quick.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = f31403.find-quick.com