Hallo,
Ik heb helaas een virus te pakken.
Kan iemand mij helpen alsjeblieft?
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:06, on 24-8-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\lavasoft\ad-aware\aawservice.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\program files\avira\antivir personaledition classic\sched.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\windows\system32\igfxtray.exe
c:\windows\system32\hkcmd.exe
c:\program files\java\jre1.6.0_05\bin\jusched.exe
c:\program files\analog devices\core\smax4pnp.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\windows\system32\ctfmon.exe
c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe
c:\program files\common files\arcsoft\connection service\bin\acservice.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\avira\antivir personaledition classic\avguard.exe
c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
c:\windows\system32\svchost.exe
c:\program files\common files\intervideo\regmgr\iviregmgr.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\pnkbstra.exe
c:\windows\system32\svchost.exe
c:\windows\system32\mqsvc.exe
c:\program files\hewlett-packard\shared\hpqwmiex.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\svchost.exe
c:\windows\system32\wuauclt.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\java\jre1.6.0_05\bin\jucheck.exe
c:\documents and settings\administrator\local settings\application data\google\chrome\application\chrome.exe
c:\documents and settings\administrator\local settings\application data\google\chrome\application\chrome.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hkcu\software\microsoft\internet connection wizard,shellnext = [noparse]http://www.hp.com/[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
o2 - bho: hp print enhancer - {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
o2 - bho: hp print clips - {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
o2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: threeships iehelper - {17fdb9f8-dcc4-4f6a-ae07-b16018a48469} - c:\program files\common files\threeships shared\dll\threeshipsiehelper.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~2\sdhelper.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: (no name) - {d323c87d-a689-0ac3-7447-d9dbc70c26d6} - (no file)
o4 - hklm\..\run: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe
o4 - hklm\..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm\..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o4 - hklm\..\run: [cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre1.6.0_05\bin\jusched.exe
o4 - hklm\..\run: [soundmaxpnp] c:\program files\analog devices\core\smax4pnp.exe
o4 - hklm\..\run: [hp software update] c:\program files\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [mset] c:\windows\system32\mset.exe
o4 - hklm\..\run: [regedit32] c:\windows\system32\regedit.exe
o4 - hklm\..\run: [kernelfaultcheck] %systemroot%\system32\dumprep 0 -k
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [google update] c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [mset] c:\documents and settings\administrator\mset.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - startup: ikowin32.exe
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~1\micros~2\office12\excel.exe/3000
o8 - extra context menu item: verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files\pokerstars\pokerstarsupdate.exe
o9 - extra button: hp clipboek - {58ecb495-38f0-49cb-a538-10282abf65e7} - c:\program files\hp\smart web printing\hpswp_extensions.dll
o9 - extra button: hp slim selecteren - {700259d7-1666-479a-93b1-3250410481e8} - c:\program files\hp\smart web printing\hpswp_extensions.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office12\refiebar.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~2\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~2\sdhelper.dll
o14 - iereset.inf: start_page_url=[noparse]http://www.hp.com[/noparse]
o16 - dpf: {051d0e35-f4e3-4c8d-b411-ab0875f4c683} (anark client 4.0 activex control) - [noparse]http://install.anark.com/client/version4/windows-ie/en/amclient.cab[/noparse]
o16 - dpf: {20a60f0d-9afa-4515-a0fd-83bd84642501} (checkers class) - [noparse]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/noparse]
o16 - dpf: {6e5e167b-1566-4316-b27f-0ddab3484cf7} (image uploader control) - [noparse]http://cache.hyves-static.net/statics/aurigma/imageuploader4.cab[/noparse]
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse]
o23 - service: lavasoft ad-aware service (aawservice) - lavasoft - c:\program files\lavasoft\ad-aware\aawservice.exe
o23 - service: arcsoft connect daemon (acdaemon) - arcsoft inc. - c:\program files\common files\arcsoft\connection service\bin\acservice.exe
o23 - service: agere modem call progress audio (ageremodemaudio) - agere systems - c:\windows\system32\agrsmsvc.exe
o23 - service: avira antivir personal - free antivirus scheduler (antivirscheduler) - avira gmbh - c:\program files\avira\antivir personaledition classic\sched.exe
o23 - service: avira antivir personal - free antivirus guard (antivirservice) - avira gmbh - c:\program files\avira\antivir personaledition classic\avguard.exe
o23 - service: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\shared\hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: iviregmgr - intervideo - c:\program files\common files\intervideo\regmgr\iviregmgr.exe
o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
o23 - service: stllssvr - unknown owner - c:\program files\common files\surething shared\stllssvr.exe (file missing)
--
end of file - 10539 bytes
[/hjt]
Ik heb helaas een virus te pakken.
Kan iemand mij helpen alsjeblieft?
[hjt]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:06, on 24-8-2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\lavasoft\ad-aware\aawservice.exe
c:\windows\explorer.exe
c:\windows\system32\spoolsv.exe
c:\program files\avira\antivir personaledition classic\sched.exe
c:\program files\synaptics\syntp\syntpenh.exe
c:\windows\system32\igfxtray.exe
c:\windows\system32\hkcmd.exe
c:\program files\java\jre1.6.0_05\bin\jusched.exe
c:\program files\analog devices\core\smax4pnp.exe
c:\program files\hp\hp software update\hpwuschd2.exe
c:\windows\system32\ctfmon.exe
c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe
c:\program files\common files\arcsoft\connection service\bin\acservice.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\avira\antivir personaledition classic\avguard.exe
c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
c:\windows\system32\svchost.exe
c:\program files\common files\intervideo\regmgr\iviregmgr.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\pnkbstra.exe
c:\windows\system32\svchost.exe
c:\windows\system32\mqsvc.exe
c:\program files\hewlett-packard\shared\hpqwmiex.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\system32\svchost.exe
c:\windows\system32\wuauclt.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\program files\java\jre1.6.0_05\bin\jucheck.exe
c:\documents and settings\administrator\local settings\application data\google\chrome\application\chrome.exe
c:\documents and settings\administrator\local settings\application data\google\chrome\application\chrome.exe
c:\program files\trend micro\hijackthis\hijackthis.exe
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://www.google.nl/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hkcu\software\microsoft\internet connection wizard,shellnext = [noparse]http://www.hp.com/[/noparse]
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername = koppelingen
o2 - bho: hp print enhancer - {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\smart web printing\hpswp_printenhancer.dll
o2 - bho: hp print clips - {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll
o2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: threeships iehelper - {17fdb9f8-dcc4-4f6a-ae07-b16018a48469} - c:\program files\common files\threeships shared\dll\threeshipsiehelper.dll
o2 - bho: spybot-s&d ie protection - {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~2\sdhelper.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o2 - bho: (no name) - {7e853d72-626a-48ec-a868-ba8d5e23e045} - (no file)
o2 - bho: (no name) - {d323c87d-a689-0ac3-7447-d9dbc70c26d6} - (no file)
o4 - hklm\..\run: [syntpenh] c:\program files\synaptics\syntp\syntpenh.exe
o4 - hklm\..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm\..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o4 - hklm\..\run: [cpqset] c:\program files\hewlett-packard\default settings\cpqset.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre1.6.0_05\bin\jusched.exe
o4 - hklm\..\run: [soundmaxpnp] c:\program files\analog devices\core\smax4pnp.exe
o4 - hklm\..\run: [hp software update] c:\program files\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [mset] c:\windows\system32\mset.exe
o4 - hklm\..\run: [regedit32] c:\windows\system32\regedit.exe
o4 - hklm\..\run: [kernelfaultcheck] %systemroot%\system32\dumprep 0 -k
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [google update] c:\documents and settings\administrator\local settings\application data\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [mset] c:\documents and settings\administrator\mset.exe
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - startup: ikowin32.exe
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~1\micros~2\office12\excel.exe/3000
o8 - extra context menu item: verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files\pokerstars\pokerstarsupdate.exe
o9 - extra button: hp clipboek - {58ecb495-38f0-49cb-a538-10282abf65e7} - c:\program files\hp\smart web printing\hpswp_extensions.dll
o9 - extra button: hp slim selecteren - {700259d7-1666-479a-93b1-3250410481e8} - c:\program files\hp\smart web printing\hpswp_extensions.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office12\refiebar.dll
o9 - extra button: (no name) - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~2\sdhelper.dll
o9 - extra 'tools' menuitem: spybot - search & destroy configuration - {dfb852a3-47f8-48c4-a200-58cab36fd2a2} - c:\progra~1\spybot~2\sdhelper.dll
o14 - iereset.inf: start_page_url=[noparse]http://www.hp.com[/noparse]
o16 - dpf: {051d0e35-f4e3-4c8d-b411-ab0875f4c683} (anark client 4.0 activex control) - [noparse]http://install.anark.com/client/version4/windows-ie/en/amclient.cab[/noparse]
o16 - dpf: {20a60f0d-9afa-4515-a0fd-83bd84642501} (checkers class) - [noparse]http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab[/noparse]
o16 - dpf: {6e5e167b-1566-4316-b27f-0ddab3484cf7} (image uploader control) - [noparse]http://cache.hyves-static.net/statics/aurigma/imageuploader4.cab[/noparse]
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse]
o23 - service: lavasoft ad-aware service (aawservice) - lavasoft - c:\program files\lavasoft\ad-aware\aawservice.exe
o23 - service: arcsoft connect daemon (acdaemon) - arcsoft inc. - c:\program files\common files\arcsoft\connection service\bin\acservice.exe
o23 - service: agere modem call progress audio (ageremodemaudio) - agere systems - c:\windows\system32\agrsmsvc.exe
o23 - service: avira antivir personal - free antivirus scheduler (antivirscheduler) - avira gmbh - c:\program files\avira\antivir personaledition classic\sched.exe
o23 - service: avira antivir personal - free antivirus guard (antivirservice) - avira gmbh - c:\program files\avira\antivir personaledition classic\avguard.exe
o23 - service: mobiel apple apparaat (apple mobile device) - apple inc. - c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
o23 - service: google updater service (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\shared\hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: iviregmgr - intervideo - c:\program files\common files\intervideo\regmgr\iviregmgr.exe
o23 - service: pnkbstra - unknown owner - c:\windows\system32\pnkbstra.exe
o23 - service: stllssvr - unknown owner - c:\program files\common files\surething shared\stllssvr.exe (file missing)
--
end of file - 10539 bytes
[/hjt]