ComboFix 09-03-06.02 - Jitty Zeilstra 2009-03-08 17:12:05.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1043.18.1535.1035 [GMT 1:00]
Gestart vanuit: c:\documents and settings\Jitty Zeilstra\Bureaublad\ComboFix.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated)
FW: Norton Internet Security *disabled*
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Mozilla Firefox\components\ilnimjufsttxeq.dll
c:\program files\Mozilla Firefox\components\nsBrowserOpt.dll
c:\windows\IE4 Error Log.txt
c:\windows\system32\a.bat
c:\windows\system32\aaqxcpsm.ini
c:\windows\system32\anddsclw.ini
c:\windows\system32\bbrrmeki.ini
c:\windows\system32\bsxhbwcm.ini
c:\windows\system32\chsvjklo.ini
c:\windows\system32\dcads-remove.exe
c:\windows\system32\dkfqddsh.ini
c:\windows\system32\dnxgxdwf.ini
c:\windows\system32\dplrglki.ini
c:\windows\system32\ffnswnml.ini
c:\windows\system32\fxoiekqv.ini
c:\windows\system32\ivuyhsqy.ini
c:\windows\system32\jcjrpgoi.ini
c:\windows\system32\jtfseein.ini
c:\windows\system32\kfycrnsm.ini
c:\windows\system32\lppbougj.ini
c:\windows\system32\lvbttkpt.ini
c:\windows\system32\mgvsyehm.ini
c:\windows\system32\mnpesdid.ini
c:\windows\system32\oyibkkbp.ini
c:\windows\system32\qdyeeebs.ini
c:\windows\system32\qhmqsptm.ini
c:\windows\system32\qyvhfrau.ini
c:\windows\system32\rimndptl.ini
c:\windows\system32\rxxbwdva.ini
c:\windows\system32\sjyiusqg.ini
c:\windows\system32\SYbJPqss.ini
c:\windows\system32\SYbJPqss.ini2
c:\windows\system32\ueldgtbj.ini
c:\windows\system32\vbxtstxr.ini
c:\windows\system32\vkhhctyt.ini
c:\windows\system32\vueudcqy.ini
c:\windows\system32\wywpnapg.ini
.
(((((((((((((((((((( Bestanden Gemaakt van 2009-02-08 to 2009-03-08 ))))))))))))))))))))))))))))))
.
2009-03-08 17:06 . 2009-03-08 17:08 <DIR> d-------- C:\32788R22FWJFW
2009-03-08 15:23 . 2009-03-08 15:23 <DIR> d-------- c:\documents and settings\Jitty Zeilstra\Application Data\Malwarebytes
2009-03-08 15:23 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-03-08 15:22 . 2009-03-08 15:23 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-08 15:22 . 2009-03-08 15:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-08 15:22 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-05 16:46 . 2009-03-05 16:46 <DIR> d-------- c:\program files\Trend Micro
2009-02-23 18:55 . 2009-02-23 18:55 0 --a------ c:\windows\system32\msexcr.ini
2009-02-19 12:03 . 2009-02-19 12:03 579,464 --a------ c:\windows\system32\SymNeti.dll
2009-02-19 12:03 . 2009-02-19 12:03 207,240 --a------ c:\windows\system32\SymRedir.dll
2009-02-19 11:31 . 2009-02-19 11:31 184,496 --a------ c:\windows\system32\drivers\symtdi.sys
2009-02-19 11:31 . 2009-02-19 11:31 96,560 --a------ c:\windows\system32\drivers\symfw.sys
2009-02-19 11:31 . 2009-02-19 11:31 41,008 --a------ c:\windows\system32\drivers\symndisv.sys
2009-02-19 11:31 . 2009-02-19 11:31 38,576 --a------ c:\windows\system32\drivers\symids.sys
2009-02-19 11:31 . 2009-02-19 11:31 37,424 --a------ c:\windows\system32\drivers\symndis.sys
2009-02-19 11:31 . 2009-02-19 11:31 31,280 --a------ c:\windows\system32\drivers\SymIM.sys
2009-02-19 11:31 . 2009-02-19 11:31 22,320 --a------ c:\windows\system32\drivers\symredrv.sys
2009-02-19 11:31 . 2009-02-19 11:31 13,616 --a------ c:\windows\system32\drivers\symdns.sys
2009-02-19 11:31 . 2009-02-19 11:31 9,844 --a------ c:\windows\system32\drivers\SymRedir.cat
2009-02-19 11:31 . 2009-02-19 11:31 1,611 --a------ c:\windows\system32\drivers\SymRedir.inf
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 16:08 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-03-08 09:34 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-09 20:37 --------- d-----w c:\documents and settings\Jitty Zeilstra\Application Data\uTorrent
2009-02-09 20:06 --------- d-----w c:\program files\EA GAMES
2009-02-09 19:09 107,888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-01-31 14:09 --------- d-----w c:\program files\Jewel Quest
2009-01-28 15:43 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-01-28 15:43 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-01-28 15:43 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-01-28 15:43 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-28 15:43 --------- d-----w c:\program files\Symantec
2009-01-27 13:22 --------- d-----w c:\program files\MagicISO
2009-01-03 11:39 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-20 23:03 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-18 18:59 21,840 ----atw c:\windows\system32\SIntfNT.dll
2008-12-18 18:59 17,212 ----atw c:\windows\system32\SIntf32.dll
2008-12-18 18:59 12,067 ----atw c:\windows\system32\SIntf16.dll
2008-10-29 14:25 30 ----a-w c:\documents and settings\Jitty Zeilstra\jagex_runescape_preferences.dat
2008-01-19 15:37 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2007-01-01 15:07 32 ----a-r c:\documents and settings\All Users\hash.dat
2007-08-24 19:52 300,400 ----a-w c:\program files\mozilla firefox\components\coFFPlgn.dll
2009-01-05 13:17 653,312 ----a-w c:\program files\mozilla firefox\components\nsdcads.dll
2008-08-20 17:17 104 --sh--r c:\windows\system32\10E8033383.sys
2008-09-26 14:08 88 --sh--r c:\windows\system32\833303E810.sys
2008-10-11 13:13 6,686 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-10-01 14:11 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\MSHist012008100120081002\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-11-03 4800512]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 53248]
"DXM6Patch_981116"="c:\windows\p_981116.exe" [1998-11-30 497376]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-03 136600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton Internet Security\osCheck.exe" [2007-08-24 714608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"ALUAlert"="c:\program files\Symantec\LiveUpdate\ALUNotify.exe" [2007-08-23 152952]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
R2 Ca504av;Trust 550 PowerC@M(Video);c:\windows\system32\drivers\Ca504av.sys [2006-04-03 515803]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2007-08-24 149352]
R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-05-29 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-02-26 101936]
R3 USBCamera;Trust 550 PowerC@M(Still);c:\windows\system32\drivers\Bulk504.sys [2006-04-03 11144]
--- Andere Services/Drivers In Geheugen ---
*NewlyCreated* - COMHOST
.
Inhoud van de 'Gedeelde Taken' map
2008-08-01 c:\windows\Tasks\At25.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-01 c:\windows\Tasks\At26.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At27.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At28.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At29.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At30.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At31.job
- c:\windows\system32\KP2E8y6C.exe []
2008-08-02 c:\windows\Tasks\At32.job
- c:\windows\system32\KP2E8y6C.exe []
2009-01-14 c:\windows\Tasks\At33.job
- c:\windows\system32\KP2E8y6C.exe []
2009-01-16 c:\windows\Tasks\At34.job
- c:\windows\system32\KP2E8y6C.exe []
2009-02-25 c:\windows\Tasks\At35.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At36.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At37.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At38.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At39.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At40.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At41.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-08 c:\windows\Tasks\At42.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-05 c:\windows\Tasks\At43.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-05 c:\windows\Tasks\At44.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-05 c:\windows\Tasks\At45.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-05 c:\windows\Tasks\At46.job
- c:\windows\system32\KP2E8y6C.exe []
2009-02-23 c:\windows\Tasks\At47.job
- c:\windows\system32\KP2E8y6C.exe []
2008-11-22 c:\windows\Tasks\At48.job
- c:\windows\system32\KP2E8y6C.exe []
2009-03-02 c:\windows\Tasks\Norton Internet Security - Volledige systeemscan uitvoeren - Jitty Zeilstra.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 18:19]
.
- - - - ORPHANS VERWIJDERD - - - -
BHO-{D8D909EA-BACF-4CA0-A188-13CA5C4620D3} - (no file)
.
------- Bijkomende Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Jitty Zeilstra\Menu Start\Programma's\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
hxxp://game04.zylom.com/activex/zylomgamesplayer.cabFF - ProfilePath - c:\documents and settings\Jitty Zeilstra\Application Data\Mozilla\Firefox\Profiles\zptvxu2j.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://www2.yoog.com/search.php?q=FF - prefs.js: browser.search.selectedEngine - Yoog Search
FF - prefs.js: browser.startup.homepage -
hxxp://www.bogerman.nl/FF - prefs.js: keyword.URL -
hxxp://www2.yoog.com/search.php?q=FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
---- FIREFOX POLICIES ----
FF - user.js: browser.search.selectedEngine - Yoog Search
FF - user.js: keyword.URL -
hxxp://www2.yoog.com/search.php?q=FF - user.js: keyword.enabled - true
FF - user.js: browser.search.defaultenginename - Yoog Search
FF - user.js: browser.search.defaulturl -
hxxp://www2.yoog.com/search.php?q=.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-03-08 17:14:14
Windows 5.1.2600 Service Pack 3 NTFS
scannen van verborgen processen ...
scannen van verborgen autostart items ...
scannen van verborgen bestanden ...
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2009-03-08 17:16:23
ComboFix-quarantined-files.txt 2009-03-08 16:15:45
Pre-Run: 72.706.007.040 bytes beschikbaar
Post-Run: 73,464,049,664 bytes beschikbaar
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
246 --- E O F --- 2009-02-25 10:27:46
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:17:54, on 8-3-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton-werkbalk weergeven - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] "C:\WINDOWS\p_981116.exe" /Q:A
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Jitty Zeilstra\Menu Start\Programma's\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b31267.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b56986.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/Mi ... b31267.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://jittettepetit.spaces.live.com//P ... nPUpld.cabO16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/So ... b56986.cabO16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/NL-NL/a-U ... E_UNO1.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMe ... loader.cabO16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zone.msn.com/binary/ZI ... b56649.cabO16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
http://game04.zylom.com/activex/zylomgamesplayer.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) -
http://messenger.zone.msn.com/binary/Chess.cab57176.cabO16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/Mi ... b56986.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/So ... b31267.cabO23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
--
End of file - 9010 bytes