Jackske
Legacy Member
Kan rechtsmuisklik niet meer doen, en er is geen bureablad meer.
Alvast bedankt voor de hulp!
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
D:\WINDOWS\System32\TCAUDIAG.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\QuickTime\qttask.exe
D:\program files\powerstrip\pstrip.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
D:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
D:\Program Files\PowerDVD v6.0\PDVDServ.exe
D:\WINDOWS\Peo.exe
D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SVCHOST.EXE
D:\WINDOWS\System32\atipalxx.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\ISP Monitor\isp.exe
D:\Program Files\TV Dinges\TV Dinges.exe
D:\Program Files\Logitech\Profiler\lwemon.exe
D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
D:\WINDOWS\System32\drivers\CDAC11BA.EXE
D:\WINDOWS\System32\dev32.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\Jack\LOCALS~1\Temp\Rar$EX02.500\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://new-search.net/index.php?v=6&aff=0
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://daosearch.com/index.php?id=186
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - D:\WINDOWS\System32\WStart.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NVMixerTray] "D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] D:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PowerStrip] d:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DVD43] D:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe /hidden
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [MsgCenterExe] "D:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\PowerDVD v6.0\PDVDServ.exe"
O4 - HKLM\..\Run: [Cdh] D:\WINDOWS\Peo.exe
O4 - HKLM\..\Run: [Service Host] D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SVCHOST.EXE
O4 - HKLM\..\Run: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKLM\..\Run: [Nbl] D:\WINDOWS\Rmh.exe
O4 - HKLM\..\Run: [Mfe] D:\WINDOWS\Odj.exe
O4 - HKLM\..\Run: [Kdc] D:\WINDOWS\System32\Lhn.exe
O4 - HKLM\..\Run: [Det] D:\WINDOWS\System32\Ftm.exe
O4 - HKLM\..\Run: [Ktd] D:\WINDOWS\System32\Vkt.exe
O4 - HKLM\..\Run: [Lod] D:\WINDOWS\Hnl.exe
O4 - HKLM\..\Run: [Ugh] D:\WINDOWS\System32\Eln.exe
O4 - HKLM\..\Run: [Gjj] D:\WINDOWS\System32\Osg.exe
O4 - HKLM\..\Run: [Fge] D:\WINDOWS\Lst.exe
O4 - HKLM\..\Run: [Upk] D:\WINDOWS\Mvf.exe
O4 - HKLM\..\Run: [Disk Keeper] D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SECURITY.EXE
O4 - HKLM\..\Run: [Psh] D:\WINDOWS\Fgd.exe
O4 - HKLM\..\Run: [Sof] D:\WINDOWS\System32\Fcb.exe
O4 - HKLM\..\Run: [Cde] D:\WINDOWS\System32\Grp.exe
O4 - HKLM\..\RunServices: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISPMonitor] D:\Program Files\ISP Monitor\isp.exe
O4 - HKCU\..\Run: [TV Dinges] D:\Program Files\TV Dinges\TV Dinges.exe start
O4 - HKCU\..\Run: [win-xp] winis.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "D:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Cdh] D:\WINDOWS\Peo.exe
O4 - HKCU\..\Run: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKCU\..\Run: [Nbl] D:\WINDOWS\Rmh.exe
O4 - HKCU\..\Run: [Mfe] D:\WINDOWS\Odj.exe
O4 - HKCU\..\Run: [Kdc] D:\WINDOWS\System32\Lhn.exe
O4 - HKCU\..\Run: [Det] D:\WINDOWS\System32\Ftm.exe
O4 - HKCU\..\Run: [Ktd] D:\WINDOWS\System32\Vkt.exe
O4 - HKCU\..\Run: [Lod] D:\WINDOWS\Hnl.exe
O4 - HKCU\..\Run: [Ugh] D:\WINDOWS\System32\Eln.exe
O4 - HKCU\..\Run: [Gjj] D:\WINDOWS\System32\Osg.exe
O4 - HKCU\..\Run: [Fge] D:\WINDOWS\Lst.exe
O4 - HKCU\..\Run: [Upk] D:\WINDOWS\Mvf.exe
O4 - HKCU\..\Run: [Psh] D:\WINDOWS\Fgd.exe
O4 - HKCU\..\Run: [Sof] D:\WINDOWS\System32\Fcb.exe
O4 - HKCU\..\Run: [Cde] D:\WINDOWS\System32\Grp.exe
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: UltraMon.lnk = D:\Program Files\UltraMon\UltraMon.exe
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: www.master69.biz
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.yeak.net
O16 - DPF: {1358E11F-ADE8-4D2B-9135-1A4CB9A23D7B} (Install Class) - https://genius.belgacom.be/esupport/download/IPGInstaller.CAB
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1DF36010-E276-11D4-A7C0-00C04F0453DD} (Stamps.com Secure Postal Account Registration) - https://secure.stamps.com/download/us/registration/3_0_0_834/sdcregie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0766d927301edca6a821/netzip/RdxIE601.cab
O16 - DPF: {6EE39BFC-2FB6-4B69-9D05-CFC10E4F5B3E} (MavenBootInstallerAXControl Class) - http://client.maven.net/client/mavenBootInstaller.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Provides three management service (FreeBSD) - Unknown owner - D:\WINDOWS\System32\dev32.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Provides five management service (NetBSD) - Unknown owner - D:\WINDOWS\System32\dev32.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Alvast bedankt voor de hulp!
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
D:\WINDOWS\System32\TCAUDIAG.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\QuickTime\qttask.exe
D:\program files\powerstrip\pstrip.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
D:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
D:\Program Files\PowerDVD v6.0\PDVDServ.exe
D:\WINDOWS\Peo.exe
D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SVCHOST.EXE
D:\WINDOWS\System32\atipalxx.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\ISP Monitor\isp.exe
D:\Program Files\TV Dinges\TV Dinges.exe
D:\Program Files\Logitech\Profiler\lwemon.exe
D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
D:\WINDOWS\System32\drivers\CDAC11BA.EXE
D:\WINDOWS\System32\dev32.exe
D:\Program Files\Norton AntiVirus\navapsvc.exe
D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\Jack\LOCALS~1\Temp\Rar$EX02.500\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://new-search.net/index.php?v=6&aff=0
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://daosearch.com/index.php?id=186
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *new-search.net*;*x-google.net*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WHttpHelper Class - {9896231A-C487-43A5-8369-6EC9B0A96CC0} - D:\WINDOWS\System32\WStart.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NVMixerTray] "D:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] D:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PowerStrip] d:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DVD43] D:\PROGRA~1\DVDIDL~1\DVDIdlePro.exe /hidden
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [MsgCenterExe] "D:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\PowerDVD v6.0\PDVDServ.exe"
O4 - HKLM\..\Run: [Cdh] D:\WINDOWS\Peo.exe
O4 - HKLM\..\Run: [Service Host] D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SVCHOST.EXE
O4 - HKLM\..\Run: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKLM\..\Run: [Nbl] D:\WINDOWS\Rmh.exe
O4 - HKLM\..\Run: [Mfe] D:\WINDOWS\Odj.exe
O4 - HKLM\..\Run: [Kdc] D:\WINDOWS\System32\Lhn.exe
O4 - HKLM\..\Run: [Det] D:\WINDOWS\System32\Ftm.exe
O4 - HKLM\..\Run: [Ktd] D:\WINDOWS\System32\Vkt.exe
O4 - HKLM\..\Run: [Lod] D:\WINDOWS\Hnl.exe
O4 - HKLM\..\Run: [Ugh] D:\WINDOWS\System32\Eln.exe
O4 - HKLM\..\Run: [Gjj] D:\WINDOWS\System32\Osg.exe
O4 - HKLM\..\Run: [Fge] D:\WINDOWS\Lst.exe
O4 - HKLM\..\Run: [Upk] D:\WINDOWS\Mvf.exe
O4 - HKLM\..\Run: [Disk Keeper] D:\WINDOWS\System32\Services\{AE8E6D4B-BA54-47FC-A699-99EB72A17A74}\SECURITY.EXE
O4 - HKLM\..\Run: [Psh] D:\WINDOWS\Fgd.exe
O4 - HKLM\..\Run: [Sof] D:\WINDOWS\System32\Fcb.exe
O4 - HKLM\..\Run: [Cde] D:\WINDOWS\System32\Grp.exe
O4 - HKLM\..\RunServices: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISPMonitor] D:\Program Files\ISP Monitor\isp.exe
O4 - HKCU\..\Run: [TV Dinges] D:\Program Files\TV Dinges\TV Dinges.exe start
O4 - HKCU\..\Run: [win-xp] winis.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "D:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Cdh] D:\WINDOWS\Peo.exe
O4 - HKCU\..\Run: [atipalxx] D:\WINDOWS\System32\atipalxx.exe
O4 - HKCU\..\Run: [Nbl] D:\WINDOWS\Rmh.exe
O4 - HKCU\..\Run: [Mfe] D:\WINDOWS\Odj.exe
O4 - HKCU\..\Run: [Kdc] D:\WINDOWS\System32\Lhn.exe
O4 - HKCU\..\Run: [Det] D:\WINDOWS\System32\Ftm.exe
O4 - HKCU\..\Run: [Ktd] D:\WINDOWS\System32\Vkt.exe
O4 - HKCU\..\Run: [Lod] D:\WINDOWS\Hnl.exe
O4 - HKCU\..\Run: [Ugh] D:\WINDOWS\System32\Eln.exe
O4 - HKCU\..\Run: [Gjj] D:\WINDOWS\System32\Osg.exe
O4 - HKCU\..\Run: [Fge] D:\WINDOWS\Lst.exe
O4 - HKCU\..\Run: [Upk] D:\WINDOWS\Mvf.exe
O4 - HKCU\..\Run: [Psh] D:\WINDOWS\Fgd.exe
O4 - HKCU\..\Run: [Sof] D:\WINDOWS\System32\Fcb.exe
O4 - HKCU\..\Run: [Cde] D:\WINDOWS\System32\Grp.exe
O4 - HKCU\..\RunServices: [win-xp] winis.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: UltraMon.lnk = D:\Program Files\UltraMon\UltraMon.exe
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://d:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: www.master69.biz
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.yeak.net
O16 - DPF: {1358E11F-ADE8-4D2B-9135-1A4CB9A23D7B} (Install Class) - https://genius.belgacom.be/esupport/download/IPGInstaller.CAB
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.166.145/x15.chm::/trs15.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {1DF36010-E276-11D4-A7C0-00C04F0453DD} (Stamps.com Secure Postal Account Registration) - https://secure.stamps.com/download/us/registration/3_0_0_834/sdcregie.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0766d927301edca6a821/netzip/RdxIE601.cab
O16 - DPF: {6EE39BFC-2FB6-4B69-9D05-CFC10E4F5B3E} (MavenBootInstallerAXControl Class) - http://client.maven.net/client/mavenBootInstaller.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Provides three management service (FreeBSD) - Unknown owner - D:\WINDOWS\System32\dev32.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Provides five management service (NetBSD) - Unknown owner - D:\WINDOWS\System32\dev32.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

.