Archief - Logje

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

Annihilator__

Legacy Member
Logfile of HijackThis v1.99.1
Scan saved at 11:09:39, on 28/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
C:\PROGRA~1\TELENE~1\ANTI-S~1\fsaw.exe
C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\R4U Soft\Easy Remover 2004 Pro\Easy Pro.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Yannick\LOCALS~1\Temp\Rar$EX01.250\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://altavista.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Telenet Internet Security Pack(2).lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O4 - Global Startup: Telenet Internet Security Pack.lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) - http://plug-in.reallusion.com/CrazyTalk4.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jonaisnnprogamer.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1175064332578
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Annihilator__

Legacy Member
Kzou graag van alle rommel afgeraken, zodat ik mijn pc met de beste performance kan gebruiken.

Jurgenv1

Legacy Member
* Pak hijackthis.exe uit enplaats die in een vaste map bv C:/hijackthis

* Download LSPFix.
Start het programma.
Plaats een vinkje bij I know what I am doing.
Zorg dat in het rechtse venster (remove venster) alle verwijzingen staan van: winsflt.dll.
(Let op enkel deze mogen in het remove-venster staan, geen anderen!!!)
Klik op Finish en start de computer opnieuw.


* Download Dr.Web CureIt naar je bureaublad:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
  • Dubbelklik drweb-cureit.exe en sta het toe om de express scan te starten.
  • Dit zal de bestanden scannen die momenteel in het geheugen geladen zijn en wanneer er iets gevonden wordt, klik de Yes to all knop bij de vraag 'cure it?'. Dit is enkel een korte scan.
  • Eenmaal de korte scan is beeïndigd, Klik Options > Change Settings
  • Kies de "Scan"-tab en verwijder het vinkje bij "Heuristic analyse"
  • Terug in het hoofdvenster kan je de drives selecteren die je wilt laten scannen.
  • Selecteer hier alle drives. Een rood bolletje zal dan tevoorschijn komen op de drives die je laat scannen.
  • Klik daarna de groene pijl rechts om de scan te starten.
  • Klik 'Yes to all' wanneer er gevraagd wordt om cure of move uit te voeren.
  • Wanneer de scan gedaan is, kijk of je volgende icoontje kan aanklikken dat staat naast hetgeen gevonden werd:
    check.gif
  • Indien wel, klik erop en daarna klik op het icoontje er net onder en kies: Move incurable zoals je zal zien in volgende afbeelding:
    move.gif

    Dit zal de bestanden verplaatsen naar volgende map %userprofile%\DoctorWeb\quarantaine-folder indien het niet gedesinfecteerd kan worden. (dit in het geval dat we samples nodig hebben)
  • Na bovenstaande te selecteren, in het menu bovenaan van Dr.Web CureIt, klik file en kies save report list. Bewaar de log op je bureaublad.
  • Sluit daarna Dr.Web Cureit.
  • Herstart je computer!! Belangrijke stap, want het kan zijn dat Dr.Web Cureit bestanden zal verplaatsen/verwijderen tijdens herstart.
  • Na het herstarten, Kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post met een nieuw hijackthis logje.

Annihilator__

Legacy Member
Dit is Dr.Web Cureit. Logje ;

rFactorSetup-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;
Street_Legal_Racing_Redline-dm[1].exe;C:\Downloads;Adware.TryMedia;Incurable.Moved.;
actskn45.ocx;C:\WINDOWS\system32;Trojan.Isbar.439;Deleted.;
A0177435.dll;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Adware.Minibug;Incurable.Moved.;
A0239079.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Tool.Prockill;Incurable.Moved.;
A0239287.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Trojan.MulDrop.3222;Incurable.Moved.;
A0264250.dll\data001;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine\A0264250.dll;Tool.MessenPass;;
A0264250.dll\data002;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine\A0264250.dll;Tool.PassView;;
A0264250.dll;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Archive contains infected objects;Moved.;
A0265921.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Trojan.MulDrop.3222;Incurable.Moved.;
A0265922.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Trojan.MulDrop.3222;Incurable.Moved.;
Norton Internet Security 2006 - Crack.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Trojan.MulDrop.3222;Incurable.Moved.;
nt07.dll\data001;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine\nt07.dll;Tool.MessenPass;;
nt07.dll\data002;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine\nt07.dll;Tool.PassView;;
nt07.dll;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Archive contains infected objects;Moved.;
TipTopDeluxe_v11.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Tool.ASEye.2;Incurable.Moved.;
uninstall.exe;D:\Documents and Settings\Chloë\DoctorWeb\Quarantine;Adware.Xbarre;Incurable.Moved.;
0F81415A.exe;D:\RECYCLER\S-1-5-21-484763869-706699826-1343024091-1004\Dd6\Quarantine;Tool.GameCrack;Incurable.Moved.;
A0302293.exe;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Trojan.MulDrop.3222;Incurable.Moved.;
A0302294.dll\data001;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289\A0302294.dll;Tool.MessenPass;;
A0302294.dll\data002;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289\A0302294.dll;Tool.PassView;;
A0302294.dll;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Archive contains infected objects;Moved.;
A0302295.exe;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Trojan.MulDrop.3222;Incurable.Moved.;
A0302296.exe;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Trojan.MulDrop.3222;Incurable.Moved.;
A0302297.exe;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Trojan.MulDrop.3222;Incurable.Moved.;
A0302298.dll\data001;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289\A0302298.dll;Tool.MessenPass;;
A0302298.dll\data002;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289\A0302298.dll;Tool.PassView;;
A0302298.dll;D:\System Volume Information\_restore{09F5B92C-BCC7-44CD-B98A-8DDA31E7B966}\RP289;Archive contains infected objects;Moved.;

& Dit is het HijackThis logje ;

Logfile of HijackThis v1.99.1
Scan saved at 13:50:06, on 2/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\FSGK32.EXE
C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Telenet Internet Security Pack\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
C:\Program Files\Telenet Internet Security Pack\Common\FCH32.EXE
C:\Program Files\Telenet Internet Security Pack\Common\FAMEH32.EXE
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsqh.exe
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsrw.exe
C:\Program Files\Telenet Internet Security Pack\FSPC\fspc.exe
C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsav32.exe
C:\PROGRA~1\TELENE~1\ANTI-S~1\fsaw.exe
C:\Program Files\Telenet Internet Security Pack\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://altavista.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Internet Security Pack\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Telenet Internet Security Pack\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Internet Security Pack\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Telenet Internet Security Pack(2).lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O4 - Global Startup: Telenet Internet Security Pack.lnk = C:\Program Files\Telenet Internet Security Pack\backweb\3638286\Program\fspex.exe
O8 - Extra context menu item: &Deze pop-up blokkeren - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Telenet Internet Security Pack\FSPC\fspcmsie.dll
O9 - Extra button: IE-shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Telenet Internet Security Pack\Anti-Spyware\ieshield.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {13149882-F480-4F6B-8C6A-0764F75B99ED} (CrazyTalk4 Control) - http://plug-in.reallusion.com/CrazyTalk4.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jonaisnnprogamer.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1175064332578
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game11.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin9USA.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip.com/igloader/igloader.CAB
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Telenet Internet Security Pack (BackWeb Plug-in - 3638286) - BackWeb Technologies Inc. - C:\PROGRA~1\TELENE~1\backweb\3638286\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Telenet Internet Security Pack\backweb\3638286\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Telenet Internet Security Pack\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

;)
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan