pieter33
Gevestigd lid
- Lid geworden
- 27 okt 2008
- Berichten
- 381
- Waarderingsscore
- 0
Ik krijg steeds een melding van AVG als ik FireFox opstart: Trojan horse Adload_r.
Een logje:
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:50, on 22-1-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\intel\wireless\bin\evteng.exe
c:\program files\intel\wireless\bin\s24evmon.exe
c:\windows\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
c:\program files\agi\common\win32\pythonservice.exe
c:\progra~1\avg\avg8\avgwdsvc.exe
c:\windows\system32\ctsvccda.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehsched.exe
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\program files\afas software\mssql$profitsql\binn\sqlservr.exe
c:\server\mysql\bin\mysqld-nt.exe
c:\program files\dell\quickset\nicconfigsvc.exe
c:\program files\intel\wireless\bin\regsrvc.exe
c:\windows\system32\svchost.exe
c:\progra~1\avg\avg8\avgrsx.exe
c:\windows\system32\dllhost.exe
c:\windows\explorer.exe
c:\windows\stsystra.exe
c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe
c:\windows\system32\rundll32.exe
c:\progra~1\avg\avg8\avgtray.exe
c:\windows\ehome\ehtray.exe
c:\program files\slysoft\clonecd\clonecdtray.exe
c:\program files\common files\real\update_ob\realsched.exe
c:\windows\system32\ctfmon.exe
c:\windows\ehome\ehmsas.exe
c:\program files\microsoft activesync\wcescomm.exe
c:\progra~1\mi3aa1~1\rapimgr.exe
c:\windows\system32\wuauclt.exe
c:\documents and settings\pieter & victor\local settings\application data\google\update\googleupdate.exe
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\msiexec.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r0 - hklm\software\microsoft\internet explorer\main,local page =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
f2 - reg:system.ini: userinit=c:\windows\system32\ezshellstart.exe
o2 - bho: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
o2 - bho: wormradar.com iesiteblocker.navfilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
o2 - bho: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: zango - {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - (no file)
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
o2 - bho: tooltipizer - {c004d9f0-a742-4dc7-afd0-bc29ce3fe04a} - c:\windows\system32\adssitesuggest.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o3 - toolbar: zango - {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - (no file)
o4 - hklm\..\run: [sigmatelsystrayapp] stsystra.exe
o4 - hklm\..\run: [pdffactory pro dispatcher v2] c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe /source=hklm
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [regshave] c:\program files\regshave\regshave.exe /autorun
o4 - hklm\..\run: [avg8_tray] c:\progra~1\avg\avg8\avgtray.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [ehtray] c:\windows\ehome\ehtray.exe
o4 - hklm\..\run: [clonecdtray] c:\program files\slysoft\clonecd\clonecdtray.exe /s
o4 - hklm\..\run: [tkbellexe] c:\program files\common files\real\update_ob\realsched.exe -osboot
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [h/pc connection agent] c:\program files\microsoft activesync\wcescomm.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~2\office11\excel.exe/3000
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\ssv.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\ssv.dll
o9 - extra button: (no name) - {2d663d1a-8670-49d9-a1a5-4c56b4e14e84} - (no file)
o9 - extra button: create mobile favorite - {2eaf5bb1-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra button: (no name) - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra 'tools' menuitem: mobiele favorieten maken... - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: cabbuilder - [noparse]http://kiw.imgag.com/imgag/kiw/toolbar/download/installercontrol.cab[/noparse]
o16 - dpf: {745395c8-d0e1-4227-8586-624ca9a10a8d} (axismediacontrol class) - [noparse]http://193.172.162.99:8080//activex/amc.cab[/noparse]
o16 - dpf: {77e32299-629f-43c6-ab77-6a1e6d7663f6} - [noparse]http://www.nick.com/common/groove/gx/grooveax27.cab[/noparse]
o16 - dpf: {ae2b937e-ea7d-4a8d-888c-b68d7f72a3c4} (ipsuploader4 control) - [noparse]http://as.photoprintit.de/ips-opdata/74914090/activex/ipsuploader4.cab[/noparse]
o16 - dpf: {c49134cc-b5ef-458c-a442-e8dfe7b4645f} (yyginstantplay control) - [noparse]http://www.yoyogames.com/downloads/activex/yoyo.cab[/noparse]
o17 - hklm\system\ccs\services\tcpip\..\{6956cd54-3156-4cb8-81c5-727c40093bc5}: nameserver = 10.0.0.138
o18 - protocol: linkscanner - {f274614c-63f8-47d5-a4d1-fbdde494f8d1} - c:\program files\avg\avg8\avgpp.dll
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o20 - appinit_dlls: avgrsstx.dll
o23 - service: adobe lm service - adobe systems - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
o23 - service: ag windows service (agwinservice) - unknown owner - c:\program files\agi\common\win32\pythonservice.exe
o23 - service: apache2 - apache software foundation - c:\server\apache2\bin\httpd.exe
o23 - service: avg free8 watchdog (avg8wd) - avg technologies cz, s.r.o. - c:\progra~1\avg\avg8\avgwdsvc.exe
o23 - service: creative service for cdrom access - creative technology ltd - c:\windows\system32\ctsvccda.exe
o23 - service: intel(r) proset/wireless event log (evteng) - intel corporation - c:\program files\intel\wireless\bin\evteng.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: ipod service - apple computer, inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: process monitor (lvprcsrv) - logitech inc. - c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
o23 - service: lvsrvlauncher - logitech inc. - c:\program files\common files\logishrd\srvlnch\srvlnch.exe
o23 - service: mysql - unknown owner - c:\server\mysql\bin\mysqld-nt (file missing)
o23 - service: nicconfigsvc - dell inc. - c:\program files\dell\quickset\nicconfigsvc.exe
o23 - service: planner voor automatische liveupdate - unknown owner - c:\program files\symantec\liveupdate\aluschedulersvc.exe (file missing)
o23 - service: intel(r) proset/wireless registry service (regsrvc) - intel corporation - c:\program files\intel\wireless\bin\regsrvc.exe
o23 - service: remote packet capture protocol v.0 (experimental) (rpcapd) - cace technologies - c:\program files\winpcap\rpcapd.exe
o23 - service: intel(r) proset/wireless service (s24eventmonitor) - intel corporation - c:\program files\intel\wireless\bin\s24evmon.exe
--
end of file - 10630 bytes
[/hjt]
Een logje:
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:31:50, on 22-1-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\intel\wireless\bin\evteng.exe
c:\program files\intel\wireless\bin\s24evmon.exe
c:\windows\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
c:\program files\agi\common\win32\pythonservice.exe
c:\progra~1\avg\avg8\avgwdsvc.exe
c:\windows\system32\ctsvccda.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehsched.exe
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\program files\afas software\mssql$profitsql\binn\sqlservr.exe
c:\server\mysql\bin\mysqld-nt.exe
c:\program files\dell\quickset\nicconfigsvc.exe
c:\program files\intel\wireless\bin\regsrvc.exe
c:\windows\system32\svchost.exe
c:\progra~1\avg\avg8\avgrsx.exe
c:\windows\system32\dllhost.exe
c:\windows\explorer.exe
c:\windows\stsystra.exe
c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe
c:\windows\system32\rundll32.exe
c:\progra~1\avg\avg8\avgtray.exe
c:\windows\ehome\ehtray.exe
c:\program files\slysoft\clonecd\clonecdtray.exe
c:\program files\common files\real\update_ob\realsched.exe
c:\windows\system32\ctfmon.exe
c:\windows\ehome\ehmsas.exe
c:\program files\microsoft activesync\wcescomm.exe
c:\progra~1\mi3aa1~1\rapimgr.exe
c:\windows\system32\wuauclt.exe
c:\documents and settings\pieter & victor\local settings\application data\google\update\googleupdate.exe
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\msiexec.exe
c:\program files\java\jre6\bin\jusched.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r0 - hklm\software\microsoft\internet explorer\main,local page =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
f2 - reg:system.ini: userinit=c:\windows\system32\ezshellstart.exe
o2 - bho: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: realplayer download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
o2 - bho: wormradar.com iesiteblocker.navfilter - {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
o2 - bho: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: zango - {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - (no file)
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
o2 - bho: tooltipizer - {c004d9f0-a742-4dc7-afd0-bc29ce3fe04a} - c:\windows\system32\adssitesuggest.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o3 - toolbar: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o3 - toolbar: zango - {90b8b761-df2b-48ac-bbe0-bcc03a819b3b} - (no file)
o4 - hklm\..\run: [sigmatelsystrayapp] stsystra.exe
o4 - hklm\..\run: [pdffactory pro dispatcher v2] c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe /source=hklm
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [regshave] c:\program files\regshave\regshave.exe /autorun
o4 - hklm\..\run: [avg8_tray] c:\progra~1\avg\avg8\avgtray.exe
o4 - hklm\..\run: [adobe reader speed launcher] c:\program files\adobe\reader 9.0\reader\reader_sl.exe
o4 - hklm\..\run: [ehtray] c:\windows\ehome\ehtray.exe
o4 - hklm\..\run: [clonecdtray] c:\program files\slysoft\clonecd\clonecdtray.exe /s
o4 - hklm\..\run: [tkbellexe] c:\program files\common files\real\update_ob\realsched.exe -osboot
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [h/pc connection agent] c:\program files\microsoft activesync\wcescomm.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~2\office11\excel.exe/3000
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\ssv.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\ssv.dll
o9 - extra button: (no name) - {2d663d1a-8670-49d9-a1a5-4c56b4e14e84} - (no file)
o9 - extra button: create mobile favorite - {2eaf5bb1-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra button: (no name) - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra 'tools' menuitem: mobiele favorieten maken... - {2eaf5bb2-070f-11d3-9307-00c04fae2d4f} - c:\progra~1\mi3aa1~1\inetrepl.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office11\refiebar.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: cabbuilder - [noparse]http://kiw.imgag.com/imgag/kiw/toolbar/download/installercontrol.cab[/noparse]
o16 - dpf: {745395c8-d0e1-4227-8586-624ca9a10a8d} (axismediacontrol class) - [noparse]http://193.172.162.99:8080//activex/amc.cab[/noparse]
o16 - dpf: {77e32299-629f-43c6-ab77-6a1e6d7663f6} - [noparse]http://www.nick.com/common/groove/gx/grooveax27.cab[/noparse]
o16 - dpf: {ae2b937e-ea7d-4a8d-888c-b68d7f72a3c4} (ipsuploader4 control) - [noparse]http://as.photoprintit.de/ips-opdata/74914090/activex/ipsuploader4.cab[/noparse]
o16 - dpf: {c49134cc-b5ef-458c-a442-e8dfe7b4645f} (yyginstantplay control) - [noparse]http://www.yoyogames.com/downloads/activex/yoyo.cab[/noparse]
o17 - hklm\system\ccs\services\tcpip\..\{6956cd54-3156-4cb8-81c5-727c40093bc5}: nameserver = 10.0.0.138
o18 - protocol: linkscanner - {f274614c-63f8-47d5-a4d1-fbdde494f8d1} - c:\program files\avg\avg8\avgpp.dll
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o20 - appinit_dlls: avgrsstx.dll
o23 - service: adobe lm service - adobe systems - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
o23 - service: ag windows service (agwinservice) - unknown owner - c:\program files\agi\common\win32\pythonservice.exe
o23 - service: apache2 - apache software foundation - c:\server\apache2\bin\httpd.exe
o23 - service: avg free8 watchdog (avg8wd) - avg technologies cz, s.r.o. - c:\progra~1\avg\avg8\avgwdsvc.exe
o23 - service: creative service for cdrom access - creative technology ltd - c:\windows\system32\ctsvccda.exe
o23 - service: intel(r) proset/wireless event log (evteng) - intel corporation - c:\program files\intel\wireless\bin\evteng.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: ipod service - apple computer, inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: process monitor (lvprcsrv) - logitech inc. - c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe
o23 - service: lvsrvlauncher - logitech inc. - c:\program files\common files\logishrd\srvlnch\srvlnch.exe
o23 - service: mysql - unknown owner - c:\server\mysql\bin\mysqld-nt (file missing)
o23 - service: nicconfigsvc - dell inc. - c:\program files\dell\quickset\nicconfigsvc.exe
o23 - service: planner voor automatische liveupdate - unknown owner - c:\program files\symantec\liveupdate\aluschedulersvc.exe (file missing)
o23 - service: intel(r) proset/wireless registry service (regsrvc) - intel corporation - c:\program files\intel\wireless\bin\regsrvc.exe
o23 - service: remote packet capture protocol v.0 (experimental) (rpcapd) - cace technologies - c:\program files\winpcap\rpcapd.exe
o23 - service: intel(r) proset/wireless service (s24eventmonitor) - intel corporation - c:\program files\intel\wireless\bin\s24evmon.exe
--
end of file - 10630 bytes
[/hjt]