Ga naar inhoud

moofy

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    7

  • Registratiedatum

  • Laatst bezocht

moofy's prestaties

Groentje

Groentje (2/14)

  • Eerste post
  • Gespreksstarter
  • Week één klaar
  • Een maand later
  • Een jaar binnen

Recente badges

0

Reputatie

  1. moofy
    Ik kan me geen melding herinneren aan het eind van de scan; komt er sowieso een melding aan het einde van de scan? Er is tijdens de scan wel x aantal keer een melding gekomen dat een bepaalde .dll file niet gevonden kon worden omdat de server niet beschikbaar was, en dat ik daarom de install CD moest inbrengen. Aangezien ik deze niet heb, heb ik hier dus telkens 'cancel' moeten aanklikken ('retry' - 'more information' - 'cancel'). Hij vond die server uiteraard niet omdat in de image van het werk wordt verwezen naar een server op het netwerk. Ik kan evt thuis de scan nog eens laten lopen en eens verder zoeken naar de logfile...
  2. moofy
    Bijkomend probleem is dat ik geen Windows install CD heb. Deze computer is tweedehands gekocht op het werk; bij de verkoop wordt er een image opgezet... Ik heb dus wel een legale versie van Windows (met product key), maar geen install CD. Ik heb de System File Checker toch eens laten lopen, maar deze heeft geen logfile gecreeerd. Is er hiervoor een workaround? Ik kan eens vragen op het werk of ik die image op USB-stick kan meekrijgen en de PC herinstalleren, maar dat was natuurlijk wat ik wou vermijden in the first place...
  3. moofy
    Helaas wel, AVG geeft de laatste 11 meldingen uit post 5 opnieuw. De meldingen zijn identiek, alleen de memory-locaties (?) verschillen wat. Het is toch niet de bedoeling om "remove all unhealed" uit te voeren in AVG, of wel?
  4. moofy
    Logfile van ComboFix: ComboFix 12-05-31.02 - Aramis 2012/05/31 18:00:59.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1033.18.1015.382 [GMT 2:00] Running from: c:\documents and settings\Aramis\Desktop\ComboFix.exe AV: AVG Internet Security 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\net c:\windows\net\1028.mst c:\windows\net\1030.mst c:\windows\net\1031.mst c:\windows\net\1033.mst c:\windows\net\1034.mst c:\windows\net\1035.mst c:\windows\net\1036.mst c:\windows\net\1040.mst c:\windows\net\1041.mst c:\windows\net\1042.mst c:\windows\net\1043.mst c:\windows\net\1044.mst c:\windows\net\1046.mst c:\windows\net\1053.mst c:\windows\net\1054.mst c:\windows\net\2052.mst c:\windows\net\b57w2k.sys c:\windows\net\b57win32.cat c:\windows\net\b57win32.inf c:\windows\net\b57xp32.sys c:\windows\net\BCMUPDT.BAT c:\windows\net\BDrvInst.msi c:\windows\net\Files.cab c:\windows\net\MgmtApps\setup.exe c:\windows\net\MgmtApps\Silent.txt c:\windows\net\RIS_2K\readme.txt c:\windows\net\RIS_XP\readme.txt c:\windows\net\RIS_XP\RIS8271.zip c:\windows\net\setup.exe c:\windows\net\Silent.txt c:\windows\net\SP30375.CVA c:\windows\net\SP30375.txt c:\windows\net\WSSP30375.txt . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_6TO4 -------\Legacy_IAS -------\Service_xcpip . . ((((((((((((((((((((((((( Files Created from 2012-04-28 to 2012-05-31 ))))))))))))))))))))))))))))))) . . 2012-05-30 20:38 . 2012-05-30 20:38 -------- d-----w- c:\documents and settings\Aramis\Application Data\Malwarebytes 2012-05-30 20:37 . 2012-05-30 20:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-05-30 20:37 . 2012-05-30 20:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-05-30 20:37 . 2012-04-04 13:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-05-24 18:44 . 2012-05-24 18:44 388096 ----a-r- c:\documents and settings\Aramis\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-05-24 18:44 . 2012-05-24 18:44 -------- d-----w- c:\program files\Trend Micro 2012-05-23 22:41 . 2012-05-23 22:41 -------- d-----w- c:\documents and settings\Aramis\Application Data\AVG 2012-05-23 21:32 . 2012-05-23 21:32 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files 2012-05-23 21:32 . 2012-05-23 21:32 -------- d-----w- c:\documents and settings\Aramis\Local Settings\Application Data\AVG Secure Search 2012-05-23 21:32 . 2012-05-23 21:32 -------- d-----w- c:\documents and settings\Aramis\Application Data\AVG Secure Search 2012-05-23 21:32 . 2012-05-23 21:32 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search 2012-05-23 21:32 . 2012-05-23 21:32 -------- d-----w- c:\program files\AVG Secure Search 2012-05-23 21:32 . 2012-05-23 21:32 -------- d-----w- c:\program files\Common Files\AVG Secure Search 2012-05-23 21:30 . 2012-05-23 21:30 -------- d-----w- C:\$AVG 2012-05-23 21:30 . 2012-05-31 15:48 -------- d-----w- c:\windows\system32\drivers\AVG 2012-05-23 21:30 . 2012-05-23 21:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2012 2012-05-23 21:29 . 2012-05-24 05:16 -------- d-----w- c:\program files\AVG 2012-05-23 21:25 . 2012-05-31 15:48 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2012-05-23 17:47 . 2012-05-23 17:47 -------- d-----w- c:\windows\system32\wbem\Repository 2012-05-21 16:19 . 2012-05-21 16:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe 2012-05-09 20:53 . 2012-05-09 20:52 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-05-09 20:32 . 2012-05-09 20:32 -------- d-----w- c:\program files\BabylonToolbar . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-09 20:52 . 2011-12-22 18:23 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-04-19 02:50 . 2012-04-19 02:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-04-11 13:14 . 2004-08-03 23:18 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-11 13:12 . 1980-01-01 00:00 1862272 ----a-w- c:\windows\system32\win32k.sys 2012-04-11 12:35 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-19 03:17 . 2012-03-19 03:17 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2011-08-28 11:42 . 2011-08-15 16:44 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . Cryptography Services Error !! . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-05-23 21:32 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-05-23 2067328] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\documents and settings\Aramis\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\documents and settings\Aramis\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\documents and settings\Aramis\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ----a-w- c:\documents and settings\Aramis\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-08 94208] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-08 77824] "Persistence"="c:\windows\system32\igfxpers.exe" [2005-06-08 114688] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14854144] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512] "D-Link AirPlus XtremeG"="c:\program files\D-Link\AirPlus XtremeG\AirPlusCFG.exe" [2005-08-04 1294336] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-23 1116544] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] . c:\documents and settings\Default User\Start Menu\Programs\Startup\ Settings.bat [2007-6-20 1066] . c:\documents and settings\Aramis\Start Menu\Programs\Startup\ Dropbox.lnk - c:\documents and settings\Aramis\Application Data\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] Launchy.lnk - c:\programs\Launchy\Launchy.exe [2011-3-24 380928] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoMSAppLogo5ChannelNotify"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\Aramis\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Documents and Settings\\Aramis\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:Remote Desktop "65533:TCP"= 65533:TCP:Services "52344:TCP"= 52344:TCP:Services . R2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [2012-03-23 2321520] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [2012-04-30 5106744] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-05-23 932736] R3 ATHFMWDL;D-Link predator Bootloader driver;c:\windows\system32\Drivers\ATHFMWDL.sys [2005-07-26 43392] R3 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2012-03-19 301248] S3 A5AGU;D-Link USB Wireless Network Adapter Service;c:\windows\system32\DRIVERS\A5AGU.sys [2005-07-26 348352] S3 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944] S3 xpsec;IPSEC driver;c:\windows\system32\drivers\xpsec.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL *Deregistered* - xcpip . Contents of the 'Scheduled Tasks' folder . 2011-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 11:34] . 2012-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1275210071-1801674531-1005Core.job - c:\documents and settings\Aramis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-05-09 20:57] . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1390067357-1275210071-1801674531-1005UA.job - c:\documents and settings\Aramis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-05-09 20:57] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = <local>;*.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\AVG\AVG2012\avgdtiex.dll Trusted Zone: imec.be TCP: DhcpNameServer = 195.130.130.1 195.130.131.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Aramis\Application Data\Mozilla\Firefox\Profiles\imec.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/ FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bca415874-3312-48f0-a6e6-9889e3e8bc38%7D&mid=&ds=AVG&v=11.0.0.9〈=en&pr=pr&d=2012-05-23%2023%3A32%3A05&sap=ku&q= . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-31 18:14 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(2352) c:\windows\system32\WININET.dll c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll c:\documents and settings\Aramis\Application Data\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\RTHDCPL.EXE c:\program files\McAfee\Common Framework\McTray.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Neoteris\Installer Service\NeoterisSetupService.exe c:\windows\system32\wdfmgr.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\program files\iPod\bin\iPodService.exe c:\program files\AVG\AVG2012\avgcsrvx.exe . ************************************************************************** . Completion time: 2012-05-31 18:16:07 - machine was rebooted ComboFix-quarantined-files.txt 2012-05-31 16:15 . Pre-Run: 8,987,500,544 bytes free Post-Run: 9,520,152,576 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect C:\="Previous Operating System on C:" . - - End Of File - - A3589E57598557C20AB76F08FF9C48AB
  5. moofy
    Bij het heropstarten tijdens de stappen die je hierboven hebt beschreven, is de pc al niet vastgelopen bij het inloggen... Maar AVG geeft wel nog altijd melding van infections. Dit is de output die AVG genereert: "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\6.0\38\48fe47e6-7828032d";"Trojan horse Java/Agent.EP";"Moved to Virus Vault" "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\6.0\38\48fe47e6-7828032d:\buildService\BuildClass.class";"Trojan horse Java/Agent.EP";"Moved to Virus Vault" "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\6.0\38\48fe47e6-7828032d:\buildService\ClassId.class";"Trojan horse Exploit_c.TYN";"Moved to Virus Vault" "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\worms.jar-1ba88ed4-72aee973.zip";"Trojan horse Java/Agent.EP";"Moved to Virus Vault" "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\worms.jar-1ba88ed4-72aee973.zip:\buildService\BuildClass.class";"Trojan horse Java/Agent.EP";"Moved to Virus Vault" "";"C:\Documents and Settings\Aramis\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\worms.jar-1ba88ed4-72aee973.zip:\buildService\ClassId.class";"Trojan horse Exploit_c.TYN";"Moved to Virus Vault" "";"C:\Program Files\Mozilla Firefox\firefox.exe (356)";"Trojan horse PSW.Agent.ASJX";"Deleted" "";"C:\Program Files\Mozilla Firefox\firefox.exe (356):\memory_02f40000";"Trojan horse PSW.Agent.ASJX";"Infected" "";"C:\WINDOWS\explorer.exe (1992)";"Trojan horse PSW.Agent.AUET";"Deleted" "";"C:\WINDOWS\explorer.exe (1992):\memory_01b00000";"Trojan horse PSW.Agent.AUET";"Infected" "";"C:\WINDOWS\system32\services.exe (912)";"Trojan horse Generic27.AKPW";"Deleted" "";"C:\WINDOWS\system32\services.exe (912):\memory_00fe0000";"Trojan horse Generic27.AKPW";"Infected" "";"C:\WINDOWS\system32\services.exe (912):\memory_015c0000";"Trojan horse PSW.Generic9.UCX";"Infected" "";"C:\WINDOWS\system32\svchost.exe (1088)";"Trojan horse PSW.Agent.AUET";"Deleted" "";"C:\WINDOWS\system32\svchost.exe (1088):\memory_02740000";"Trojan horse PSW.Agent.AUET";"Infected" "";"C:\WINDOWS\system32\svchost.exe (1196)";"Trojan horse PSW.Agent.AUET";"Deleted" "";"C:\WINDOWS\system32\svchost.exe (1196):\memory_02f30000";"Trojan horse PSW.Agent.AUET";"Infected" "";"C:\WINDOWS\system32\winlogon.exe (868)";"Trojan horse PSW.Agent.AUET";"Deleted" "";"C:\WINDOWS\system32\winlogon.exe (868):\memory_010f0000";"Trojan horse PSW.Agent.AUET";"Infected"
  6. moofy
    Nieuwe logjes... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:20:46, on 2012/05/30 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRAMS\Launchy\Launchy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://imecwww.imec.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by IMEC O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Aramis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - .DEFAULT User Startup: Settings.bat (User 'Default user') O4 - Startup: Launchy.lnk = C:\PROGRAMS\Launchy\Launchy.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://imecwww.imec.be O15 - Trusted Zone: *.imec.be O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247230370609 O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = imec.be O17 - HKLM\Software\..\Telephony: DomainName = imec.be O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = imec.be O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Neoteris Setup Service - Juniper Networks - C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- End of file - 8803 bytes Malwarebytes Anti-Malware 1.61.0.1400 Malwarebytes : Free anti-malware, anti-virus and spyware removal download Database version: v2012.05.30.06 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Aramis :: DC7600XP [administrator] 2012/05/30 22:39:38 mbam-log-2012-05-30 (22-39-38).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 219505 Time elapsed: 6 minute(s), 26 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKCR\AppID\{11C27351-716B-4052-9361-E3B0A3F8221C} (Adware.ClickPotato) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Documents and Settings\Aramis\Local Settings\Temp\clickpotatolitesa.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. C:\Documents and Settings\Aramis\Local Settings\Temp\ClickPotatoLiteUpgrade.exe (Adware.ClickPotato) -> Quarantined and deleted successfully. C:\Documents and Settings\Aramis\Local Settings\Temp\153953.Uninstall\Uninstall.exe (Adware.InstallCore) -> Quarantined and deleted successfully. C:\Documents and Settings\Aramis\Local Settings\Temp\ICReinstall\VideoConverterSetup.exe (Adware.InstallCore) -> Quarantined and deleted successfully. (end)
  7. moofy
    Hallo allemaal Sinds een tijdje geeft onze PC problemen met inloggen en recenter ook met oa internet; blijkbaar last van de trojan horse PSW.Agent.AUET (gelijkaardig als in dit topic: http://www.pc-helpforum.be/f201/trojan-horse-psw-agent-auet-43131/). Hieronder de log van mijn HijackThis... Any help is appreciated! moofy Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:48:20, on 2012/05/30 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\PROGRAMS\Launchy\Launchy.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\AVG\AVG2012\avgidsagent.exe C:\Program Files\AVG\AVG2012\avgfws.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\AVG\AVG2012\avgnsx.exe C:\Program Files\AVG\AVG2012\avgemcx.exe C:\Program Files\AVG\AVG2012\avgrsx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\AVG\AVG2012\avgcsrvx.exe C:\Program Files\AVG\AVG2012\avgui.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32Info.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://imecwww.imec.be R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by IMEC O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\bh\BabylonToolbar.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.2\BabylonToolbarTlbr.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [D-Link AirPlus XtremeG] C:\Program Files\D-Link\AirPlus XtremeG\AirPlusCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Aramis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - .DEFAULT User Startup: Settings.bat (User 'Default user') O4 - Startup: Launchy.lnk = C:\PROGRAMS\Launchy\Launchy.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://imecwww.imec.be O15 - Trusted Zone: *.imec.be O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1247230370609 O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = imec.be O17 - HKLM\Software\..\Telephony: DomainName = imec.be O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = imec.be O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Neoteris Setup Service - Juniper Networks - C:\Program Files\Neoteris\Installer Service\NeoterisSetupService.exe O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe -- End of file - 9350 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.