brecko
Legacy Member
Logfile of HijackThis v1.99.1
Scan saved at 17:52:48, on 5/11/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Running processes:
H:\Windows\system32\csrss.exe
H:\Windows\system32\wininit.exe
H:\Windows\system32\csrss.exe
H:\Windows\system32\services.exe
H:\Windows\system32\lsass.exe
H:\Windows\system32\lsm.exe
H:\Windows\system32\winlogon.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\nvvsvc.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\SLsvc.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\rundll32.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\spoolsv.exe
H:\Windows\system32\taskeng.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\Dwm.exe
H:\Windows\Explorer.EXE
H:\Windows\RtHDVCpl.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
H:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\Program Files\Bonjour\mDNSResponder.exe
h:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
H:\Windows\system32\PnkBstrA.exe
H:\Windows\system32\PnkBstrB.exe
H:\Windows\system32\svchost.exe
h:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\system32\SearchIndexer.exe
H:\Windows\system32\WUDFHost.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Windows\System32\mobsync.exe
H:\Windows\system32\taskeng.exe
H:\Program Files\Windows Media Player\wmpnscfg.exe
H:\Windows\System32\rundll32.exe
H:\Program Files\DAEMON Tools Lite\daemon.exe
H:\Program Files\Windows Media Player\wmpnetwk.exe
H:\Windows\ehome\ehtray.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Windows\ehome\ehmsas.exe
H:\Windows\system32\wbem\unsecapp.exe
H:\Windows\system32\wbem\wmiprvse.exe
H:\Windows\system32\conime.exe
H:\Windows\system32\SearchProtocolHost.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\iTunes\iTunes.exe
H:\Program Files\Last.fm\LastFM.exe
H:\Windows\system32\wuauclt.exe
H:\Windows\system32\SearchFilterHost.exe
H:\Windows\system32\taskeng.exe
M:\hjt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = Telenet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] H:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [A8B.tmp] H:\Windows\temp\A8B.tmp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] H:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] H:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = H:\Program Files\Dropbox\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: h:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: h:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{41C5A629-ECE0-4E9D-9328-FF8198358692}: NameServer = 85.255.112.60;85.255.112.237
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - H:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - H:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - h:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - H:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - H:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\Windows\system32\PnkBstrB.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Windows Tribute Service - Unknown owner - H:\Windows\system32\kdwez.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Scan saved at 17:52:48, on 5/11/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Running processes:
H:\Windows\system32\csrss.exe
H:\Windows\system32\wininit.exe
H:\Windows\system32\csrss.exe
H:\Windows\system32\services.exe
H:\Windows\system32\lsass.exe
H:\Windows\system32\lsm.exe
H:\Windows\system32\winlogon.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\nvvsvc.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\SLsvc.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\rundll32.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\spoolsv.exe
H:\Windows\system32\taskeng.exe
H:\Windows\system32\svchost.exe
H:\Windows\system32\Dwm.exe
H:\Windows\Explorer.EXE
H:\Windows\RtHDVCpl.exe
H:\Program Files\Google\Gmail Notifier\gnotify.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
H:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
H:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
H:\Program Files\iTunes\iTunesHelper.exe
H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\Program Files\Bonjour\mDNSResponder.exe
h:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
H:\Windows\system32\PnkBstrA.exe
H:\Windows\system32\PnkBstrB.exe
H:\Windows\system32\svchost.exe
h:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
H:\Windows\system32\svchost.exe
H:\Windows\System32\svchost.exe
H:\Windows\system32\SearchIndexer.exe
H:\Windows\system32\WUDFHost.exe
H:\Program Files\iPod\bin\iPodService.exe
H:\Windows\System32\mobsync.exe
H:\Windows\system32\taskeng.exe
H:\Program Files\Windows Media Player\wmpnscfg.exe
H:\Windows\System32\rundll32.exe
H:\Program Files\DAEMON Tools Lite\daemon.exe
H:\Program Files\Windows Media Player\wmpnetwk.exe
H:\Windows\ehome\ehtray.exe
H:\Program Files\Windows Live\Messenger\msnmsgr.exe
H:\Windows\ehome\ehmsas.exe
H:\Windows\system32\wbem\unsecapp.exe
H:\Windows\system32\wbem\wmiprvse.exe
H:\Windows\system32\conime.exe
H:\Windows\system32\SearchProtocolHost.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Program Files\iTunes\iTunes.exe
H:\Program Files\Last.fm\LastFM.exe
H:\Windows\system32\wuauclt.exe
H:\Windows\system32\SearchFilterHost.exe
H:\Windows\system32\taskeng.exe
M:\hjt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = Telenet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] H:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] H:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "H:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "H:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "H:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "H:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [A8B.tmp] H:\Windows\temp\A8B.tmp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] H:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "H:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] H:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [msnmsgr] "H:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: Adobe Gamma.lnk = H:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Dropbox.lnk = H:\Program Files\Dropbox\Dropbox.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://H:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: h:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\napinsp.dll
O10 - Unknown file in Winsock LSP: h:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{41C5A629-ECE0-4E9D-9328-FF8198358692}: NameServer = 85.255.112.60;85.255.112.237
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - H:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - H:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - H:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Adobe LM Service - Adobe Systems - H:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - H:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - H:\Program Files\GIGABYTE\GEST\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - h:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - H:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - H:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\Windows\system32\PnkBstrB.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Windows Tribute Service - Unknown owner - H:\Windows\system32\kdwez.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)


nkBstrA
oulSeek
