wimdeman
wim van hoog naar laag
- Lid geworden
- 24 mei 2007
- Berichten
- 870
- Waarderingsscore
- 0
goedenavond ,nalang weg te zijn geweest is mijn pc erg traag
wilt u mij helpen aub.
hier mijn hjt logje
alvast dank mvg wim
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:47, on 27-2-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\program files\agi\common\win32\pythonservice.exe
c:\progra~1\grisoft\avgfre~1\avgamsvr.exe
c:\progra~1\grisoft\avgfre~1\avgupsvc.exe
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\windows\system32\svchost.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\svchost.exe
c:\windows\explorer.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\ezsp_px.exe
c:\windows\system32\devldr32.exe
c:\program files\windows defender\msascui.exe
c:\progra~1\grisoft\avgfre~1\avgcc.exe
c:\program files\lexmark 3400 series\lxcymon.exe
c:\program files\lexmark 3400 series\ezprint.exe
c:\program files\kiwee toolbar\2.8.167\kwtbaim.exe
c:\program files\java\jre6\bin\jusched.exe
c:\windows\system32\ctfmon.exe
c:\windows\system32\lxcycoms.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\windows\system32\rundll32.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\common files\microsoft shared\windows live\wlloginproxy.exe
c:\program files\common files\motive\mccicmservice.exe
c:\program files\thuishelp\zesko\thuishelp.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: &yahoo! toolbar helper - {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
o2 - bho: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: lexmark werkbalk - {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\sdhelper.dll
o2 - bho: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar.dll
o2 - bho: adobe pdf conversion toolbar helper - {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
o2 - bho: windows live toolbar helper - {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
o2 - bho: google dictionary compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219b3e1547538286.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o2 - bho: singleinstance class - {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll
o3 - toolbar: adobe pdf - {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o3 - toolbar: lexmark werkbalk - {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
o3 - toolbar: yahoo! toolbar - {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
o3 - toolbar: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o3 - toolbar: windows live toolbar - {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
o3 - toolbar: &google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar.dll
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [nerofiltercheck] c:\windows\system32\nerocheck.exe
o4 - hklm\..\run: [ezshieldprotector for px] c:\windows\system32\ezsp_px.exe
o4 - hklm\..\run: [windows defender] c:\program files\windows defender\msascui.exe -hide
o4 - hklm\..\run: [avg7_cc] c:\progra~1\grisoft\avgfre~1\avgcc.exe /startup
o4 - hklm\..\run: [lxcymon.exe] c:\program files\lexmark 3400 series\lxcymon.exe
o4 - hklm\..\run: [ezprint] c:\program files\lexmark 3400 series\ezprint.exe
o4 - hklm\..\run: [lxcycats] rundll32 c:\windows\system32\spool\drivers\w32x86\3\lxcytime.dll,_rundllentry@16
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nwiz] nwiz.exe /install
o4 - hklm\..\run: [kiweehook] c:\program files\kiwee toolbar\2.8.167\kwtbaim.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [zesko_mccitrayapp] c:\program files\thuishelp\zesko\thuishelp.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [sp2 connection patcher] c:\program files\sp2 connection patcher\sp2connpatcher.exe -n=200
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [nbj] c:\program files\ahead\nero backitup\nbj.exe
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkcu\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-19\..\run: [avg7_run] c:\progra~1\grisoft\avgfre~1\avgw.exe /runonce (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office10\osa.exe
o8 - extra context menu item: &windows live search - res://c:\program files\windows live toolbar\msntb.dll/search.htm
o8 - extra context menu item: add to windows &live favorites - [noparse]http://favorites.live.com/quickadd.aspx[/noparse]
o8 - extra context menu item: convert link target to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert link target to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: convert selected links to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapturesellinks.html
o8 - extra context menu item: convert selected links to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappendsellinks.html
o8 - extra context menu item: convert selection to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert selection to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: convert to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~3\office10\excel.exe/3000
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: cabbuilder - [noparse]http://kiw.imgag.com/imgag/kiw/toolbar/download/installercontrol.cab[/noparse]
o16 - dpf: {149e45d8-163e-4189-86fc-45022ab2b6c9} (spintop drm control) - file:///c:/program%20files/supercow/images/stg_drm.ocx
o16 - dpf: {17492023-c23a-453e-a040-c7c580bbf700} (windows genuine advantage validation tool) - [noparse]http://go.microsoft.com/fwlink/?linkid=39204[/noparse]
o16 - dpf: {255b1372-180c-4a22-a02d-1d4ab65f6ac2} (sdanetconclass class) - file:///c:/program%20files/rise%20of%20atlantis/images/stg_drm.dll
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (installation support) - c:\program files\yahoo!\common\yinsthelper.dll
o16 - dpf: {615f158e-d5ca-422f-a8e7-f6a5eed7063b} (bejeweled control) - [noparse]http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab[/noparse]
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - [noparse]http://update.microsoft.com/windowsupdate/v6/v5controls/en/x86/client/wuweb_site.cab?1163869183281[/noparse]
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) - [noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1163869455078[/noparse]
o16 - dpf: {8a94c905-ff9d-43b6-8708-f0f22d22b1cb} (wwlaunch control) - [noparse]http://www.worldwinner.com/games/shared/wwlaunch.cab[/noparse]
o16 - dpf: {b8be5e93-a60c-4d26-a2dc-220313175592} (zoneintro class) - [noparse]http://cdn2.zone.msn.com/binframework/v10/zintro.cab34246.cab[/noparse]
o16 - dpf: {cc450d71-cc90-424c-8638-1f2dbac87a54} (armhelper control) - file:///c:/program%20files/venice/images/armhelper.ocx
o20 - winlogon notify: __c0017370 - c:\windows\system32\__c0017370.dat (file missing)
o23 - service: adobe lm service - adobe systems - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
o23 - service: ag windows service (agwinservice) - unknown owner - c:\program files\agi\common\win32\pythonservice.exe
o23 - service: ares chatroom server (areschatserver) - ares development group - c:\program files\ares\chatserver.exe
o23 - service: avg7 alert manager server (avg7alrt) - grisoft, s.r.o. - c:\progra~1\grisoft\avgfre~1\avgamsvr.exe
o23 - service: avg7 update service (avg7updsvc) - grisoft, s.r.o. - c:\progra~1\grisoft\avgfre~1\avgupsvc.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: lxcy_device - - c:\windows\system32\lxcycoms.exe
o23 - service: mccicmservice - motive communications, inc. - c:\program files\common files\motive\mccicmservice.exe
o23 - service: nvidia driver helper service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
--
end of file - 12788 bytes
[/hjt]
wilt u mij helpen aub.
hier mijn hjt logje
alvast dank mvg wim
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:01:47, on 27-2-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\program files\agi\common\win32\pythonservice.exe
c:\progra~1\grisoft\avgfre~1\avgamsvr.exe
c:\progra~1\grisoft\avgfre~1\avgupsvc.exe
c:\program files\google\common\google updater\googleupdaterservice.exe
c:\windows\system32\svchost.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\common files\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\svchost.exe
c:\windows\explorer.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\ezsp_px.exe
c:\windows\system32\devldr32.exe
c:\program files\windows defender\msascui.exe
c:\progra~1\grisoft\avgfre~1\avgcc.exe
c:\program files\lexmark 3400 series\lxcymon.exe
c:\program files\lexmark 3400 series\ezprint.exe
c:\program files\kiwee toolbar\2.8.167\kwtbaim.exe
c:\program files\java\jre6\bin\jusched.exe
c:\windows\system32\ctfmon.exe
c:\windows\system32\lxcycoms.exe
c:\program files\spybot - search & destroy\teatimer.exe
c:\windows\system32\rundll32.exe
c:\program files\windows media player\wmpnscfg.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\common files\microsoft shared\windows live\wlloginproxy.exe
c:\program files\common files\motive\mccicmservice.exe
c:\program files\thuishelp\zesko\thuishelp.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
r3 - urlsearchhook: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: &yahoo! toolbar helper - {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
o2 - bho: agsearchhook class - {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - c:\program files\agi\common\agcutils.dll
o2 - bho: lexmark werkbalk - {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\sdhelper.dll
o2 - bho: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar.dll
o2 - bho: adobe pdf conversion toolbar helper - {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
o2 - bho: windows live toolbar helper - {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
o2 - bho: google dictionary compression sdch - {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219b3e1547538286.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o2 - bho: singleinstance class - {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\ytsingleinstance.dll
o3 - toolbar: adobe pdf - {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o3 - toolbar: lexmark werkbalk - {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
o3 - toolbar: yahoo! toolbar - {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
o3 - toolbar: kiwee toolbar - {6638a9de-0745-4292-8a2e-ae530e7b9b3f} - c:\program files\kiwee toolbar\2.8.167\kiweeietoolbar.dll
o3 - toolbar: windows live toolbar - {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
o3 - toolbar: &google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar.dll
o4 - hklm\..\run: [bluetoothauthenticationagent] rundll32.exe bthprops.cpl,,bluetoothauthenticationagent
o4 - hklm\..\run: [nerofiltercheck] c:\windows\system32\nerocheck.exe
o4 - hklm\..\run: [ezshieldprotector for px] c:\windows\system32\ezsp_px.exe
o4 - hklm\..\run: [windows defender] c:\program files\windows defender\msascui.exe -hide
o4 - hklm\..\run: [avg7_cc] c:\progra~1\grisoft\avgfre~1\avgcc.exe /startup
o4 - hklm\..\run: [lxcymon.exe] c:\program files\lexmark 3400 series\lxcymon.exe
o4 - hklm\..\run: [ezprint] c:\program files\lexmark 3400 series\ezprint.exe
o4 - hklm\..\run: [lxcycats] rundll32 c:\windows\system32\spool\drivers\w32x86\3\lxcytime.dll,_rundllentry@16
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [nwiz] nwiz.exe /install
o4 - hklm\..\run: [kiweehook] c:\program files\kiwee toolbar\2.8.167\kwtbaim.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [zesko_mccitrayapp] c:\program files\thuishelp\zesko\thuishelp.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [sp2 connection patcher] c:\program files\sp2 connection patcher\sp2connpatcher.exe -n=200
o4 - hkcu\..\run: [swg] c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe
o4 - hkcu\..\run: [nbj] c:\program files\ahead\nero backitup\nbj.exe
o4 - hkcu\..\run: [spybotsd teatimer] c:\program files\spybot - search & destroy\teatimer.exe
o4 - hkcu\..\run: [nvmediacenter] rundll32.exe c:\windows\system32\nvmctray.dll,nvtaskbarinit
o4 - hkcu\..\run: [wmpnscfg] c:\program files\windows media player\wmpnscfg.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-19\..\run: [avg7_run] c:\progra~1\grisoft\avgfre~1\avgw.exe /runonce (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - global startup: microsoft office.lnk = c:\program files\microsoft office\office10\osa.exe
o8 - extra context menu item: &windows live search - res://c:\program files\windows live toolbar\msntb.dll/search.htm
o8 - extra context menu item: add to windows &live favorites - [noparse]http://favorites.live.com/quickadd.aspx[/noparse]
o8 - extra context menu item: convert link target to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert link target to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: convert selected links to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapturesellinks.html
o8 - extra context menu item: convert selected links to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappendsellinks.html
o8 - extra context menu item: convert selection to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert selection to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: convert to adobe pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - extra context menu item: convert to existing pdf - res://c:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~3\office10\excel.exe/3000
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~1\sdhelper.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o16 - dpf: cabbuilder - [noparse]http://kiw.imgag.com/imgag/kiw/toolbar/download/installercontrol.cab[/noparse]
o16 - dpf: {149e45d8-163e-4189-86fc-45022ab2b6c9} (spintop drm control) - file:///c:/program%20files/supercow/images/stg_drm.ocx
o16 - dpf: {17492023-c23a-453e-a040-c7c580bbf700} (windows genuine advantage validation tool) - [noparse]http://go.microsoft.com/fwlink/?linkid=39204[/noparse]
o16 - dpf: {255b1372-180c-4a22-a02d-1d4ab65f6ac2} (sdanetconclass class) - file:///c:/program%20files/rise%20of%20atlantis/images/stg_drm.dll
o16 - dpf: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (installation support) - c:\program files\yahoo!\common\yinsthelper.dll
o16 - dpf: {615f158e-d5ca-422f-a8e7-f6a5eed7063b} (bejeweled control) - [noparse]http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab[/noparse]
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - [noparse]http://update.microsoft.com/windowsupdate/v6/v5controls/en/x86/client/wuweb_site.cab?1163869183281[/noparse]
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) - [noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1163869455078[/noparse]
o16 - dpf: {8a94c905-ff9d-43b6-8708-f0f22d22b1cb} (wwlaunch control) - [noparse]http://www.worldwinner.com/games/shared/wwlaunch.cab[/noparse]
o16 - dpf: {b8be5e93-a60c-4d26-a2dc-220313175592} (zoneintro class) - [noparse]http://cdn2.zone.msn.com/binframework/v10/zintro.cab34246.cab[/noparse]
o16 - dpf: {cc450d71-cc90-424c-8638-1f2dbac87a54} (armhelper control) - file:///c:/program%20files/venice/images/armhelper.ocx
o20 - winlogon notify: __c0017370 - c:\windows\system32\__c0017370.dat (file missing)
o23 - service: adobe lm service - adobe systems - c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
o23 - service: ag windows service (agwinservice) - unknown owner - c:\program files\agi\common\win32\pythonservice.exe
o23 - service: ares chatroom server (areschatserver) - ares development group - c:\program files\ares\chatserver.exe
o23 - service: avg7 alert manager server (avg7alrt) - grisoft, s.r.o. - c:\progra~1\grisoft\avgfre~1\avgamsvr.exe
o23 - service: avg7 update service (avg7updsvc) - grisoft, s.r.o. - c:\progra~1\grisoft\avgfre~1\avgupsvc.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: lxcy_device - - c:\windows\system32\lxcycoms.exe
o23 - service: mccicmservice - motive communications, inc. - c:\program files\common files\motive\mccicmservice.exe
o23 - service: nvidia driver helper service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
--
end of file - 12788 bytes
[/hjt]