Discussie gesloten
Pagina 2 van 3 EersteEerste 123 LaatsteLaatste
Resultaten: 11 t/m 20 van 23
Overzicht bedankjes3Bedankjes

Trojaans Paard bij opstarten AVG proibleem

Dit is een discussie over Trojaans Paard bij opstarten AVG proibleem in het forum Archief Bestrijding malware & virussen , en maakt deel van de Bestrijding malware & virussen categorie; Download ComboFix van één van deze locaties: Link 1 Link 2 * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op ...

  1. #11
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.500

    Standaard

    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
    Klik hier

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
    3. Dubbelklik op "Combofix.exe" om de tool te starten.
    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.



  2. #12
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    Kape,, gaan we dit oplossen?

  3. #13
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.500

    Standaard

    Citaat Oorspronkelijk geplaatst door Tomie Bekijk bericht
    Kape,, gaan we dit oplossen?
    Als we zeker waren dat we dat niet konden, begonnen we er zelfs niet aan. Zeker ben je natuurlijk nooit, maar we doen ons best
    Tomie gaf dit bericht een bedankje.



  4. #14
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    Jullie hebben een goed hard, en als dit is opgelost krijgen jullie een flinke donatie!

    Maar even over die paardjes, is dit niet nu niet gevaarlijk als ik op internet zit, of blijft het gewwon een slechte fout van AVG

    ??????

  5. #15
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.500

    Standaard

    Citaat Oorspronkelijk geplaatst door Tomie Bekijk bericht
    Maar even over die paardjes, is dit niet nu niet gevaarlijk als ik op internet zit, of blijft het gewwon een slechte fout van AVG
    Vermits de paardjes er al opzitten, heb je natuurlijk nu al problemen. Maar indien Combofix duidelijke aanduidingen geeft, zouden we alles er moeten kunnen afhalen. En daarna zit je weer safe. Maar veel hangt af van je logje van Combofix ... en daarna van de reactie van AVG.



  6. #16
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    here we go,

    ComboFix 12-07-10.01 - Thomas 10-07-2012 22:14:41.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.31.1043.18.3950.2627 [GMT 2:00]
    Gestart vanuit: c:\users\Thomas\Documents\Downloads\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\pkgfurotmvn
    c:\programdata\Windows
    c:\programdata\Windows\ccdxmmde.dat
    c:\programdata\windows\drss.dat
    c:\programdata\Windows\msseedir.dll
    c:\programdata\Windows\xessmsxe.dat
    c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato
    c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk
    c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk
    c:\users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-06-10 to 2012-07-10 ))))))))))))))))))))))))))))))
    .
    .
    2012-07-10 20:20 . 2012-07-10 20:20 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-07-08 23:15 . 2012-07-08 23:15 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-07-08 23:15 . 2012-07-08 23:15 -------- d-----w- c:\program files (x86)\Oracle
    2012-07-08 23:14 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-07-08 14:34 . 2012-07-08 14:34 -------- d-----w- c:\users\Thomas\AppData\Local\Macromedia
    2012-07-06 09:09 . 2012-06-22 14:32 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
    2012-07-06 09:08 . 2012-07-06 09:09 -------- d-----w- c:\users\Thomas\AppData\Roaming\DVDVideoSoft
    2012-06-22 22:19 . 2012-06-22 22:52 -------- d-----w- c:\programdata\MGS
    2012-06-22 22:19 . 2012-06-22 22:19 -------- d-----w- C:\Microgaming
    2012-06-22 21:16 . 2012-06-22 22:42 -------- d-----w- C:\Poker
    2012-06-21 20:14 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-21 20:14 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-21 20:14 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2012-06-21 20:14 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2012-06-21 20:14 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2012-06-21 20:14 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-21 20:14 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2012-06-21 20:14 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2012-06-21 20:14 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2012-06-13 17:16 . 2012-05-18 02:02 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
    2012-06-13 17:16 . 2012-05-18 02:01 499200 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
    2012-06-13 17:16 . 2012-05-17 22:38 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll
    2012-06-13 17:16 . 2012-05-17 22:37 387584 ----a-w- c:\program files (x86)\Internet Explorer\jsdbgui.dll
    2012-06-13 14:53 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-06-13 14:53 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-06-13 14:53 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-06-13 14:53 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-06-13 14:53 . 2012-05-15 01:32 3144192 ----a-w- c:\windows\system32\win32k.sys
    2012-06-13 14:53 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-06-13 14:53 . 2012-05-04 10:08 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2012-06-13 14:53 . 2012-05-04 10:08 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-24 01:57 . 2012-04-21 14:07 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-06-24 01:57 . 2011-08-18 17:43 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-04 17:29 . 2010-08-04 13:44 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-04-22 14:40 . 2012-04-22 14:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2012-04-22 14:40 . 2012-04-22 14:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2012-04-22 14:40 . 2012-04-22 14:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2012-04-22 14:40 . 2012-04-22 14:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2012-04-22 14:40 . 2012-04-22 14:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2012-04-22 14:40 . 2012-04-22 14:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2012-04-22 14:40 . 2012-04-22 14:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2012-04-22 14:40 . 2012-04-22 14:40 367104 ----a-w- c:\windows\SysWow64\html.iec
    2012-04-22 14:40 . 2012-04-22 14:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2012-04-22 14:40 . 2012-04-22 14:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2012-04-22 14:40 . 2012-04-22 14:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2012-04-22 14:40 . 2012-04-22 14:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2012-04-22 14:40 . 2012-04-22 14:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2012-04-22 14:40 . 2012-04-22 14:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2012-04-22 14:40 . 2012-04-22 14:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2012-04-22 14:40 . 2012-04-22 14:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2012-04-22 14:40 . 2012-04-22 14:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2012-04-22 14:40 . 2012-04-22 14:40 222208 ----a-w- c:\windows\system32\msls31.dll
    2012-04-22 14:40 . 2012-04-22 14:40 12288 ----a-w- c:\windows\system32\mshta.exe
    2012-04-22 14:40 . 2012-04-22 14:40 114176 ----a-w- c:\windows\system32\admparse.dll
    2012-04-22 14:40 . 2012-04-22 14:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2012-04-22 14:40 . 2012-04-22 14:40 76800 ----a-w- c:\windows\system32\tdc.ocx
    2012-04-22 14:40 . 2012-04-22 14:40 49664 ----a-w- c:\windows\system32\imgutil.dll
    2012-04-22 14:40 . 2012-04-22 14:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2012-04-22 14:40 . 2012-04-22 14:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2012-04-22 14:40 . 2012-04-22 14:40 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2012-04-22 14:40 . 2012-04-22 14:40 85504 ----a-w- c:\windows\system32\iesetup.dll
    2012-04-22 14:40 . 2012-04-22 14:40 603648 ----a-w- c:\windows\system32\vbscript.dll
    2012-04-22 14:40 . 2012-04-22 14:40 448512 ----a-w- c:\windows\system32\html.iec
    2012-04-22 14:40 . 2012-04-22 14:40 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2012-04-22 14:40 . 2012-04-22 14:40 165888 ----a-w- c:\windows\system32\iexpress.exe
    2012-04-22 14:40 . 2012-04-22 14:40 160256 ----a-w- c:\windows\system32\wextract.exe
    2012-04-22 14:38 . 2012-04-22 14:38 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2012-04-22 14:38 . 2012-04-22 14:38 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
    2012-04-22 14:38 . 2012-04-22 14:38 982912 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2012-04-22 14:38 . 2012-04-22 14:38 265088 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2012-04-22 14:38 . 2012-04-22 14:38 1495040 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
    2012-04-22 14:38 . 2012-04-22 14:38 144384 ----a-w- c:\windows\system32\cdd.dll
    2012-04-22 14:38 . 2012-04-22 14:38 1133568 ----a-w- c:\windows\system32\FntCache.dll
    2012-04-22 14:38 . 2012-04-22 14:38 1863680 ----a-w- c:\windows\system32\ExplorerFrame.dll
    2012-04-22 14:38 . 2012-04-22 14:38 4068864 ----a-w- c:\windows\system32\mf.dll
    2012-04-22 14:38 . 2012-04-22 14:38 3181568 ----a-w- c:\windows\SysWow64\mf.dll
    2012-04-22 14:38 . 2012-04-22 14:38 229888 ----a-w- c:\windows\system32\XpsRasterService.dll
    2012-04-22 14:38 . 2012-04-22 14:38 206848 ----a-w- c:\windows\system32\mfps.dll
    2012-04-22 14:38 . 2012-04-22 14:38 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
    2012-04-22 14:38 . 2012-04-22 14:38 135168 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
    2012-04-22 14:38 . 2012-04-22 14:38 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
    2012-04-18 01:03 . 2012-05-08 13:49 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B1A59211-F058-49E8-ADA7-5DF4D3B4EF8D}\mpengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
    "MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-08 98304]
    "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
    "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
    "NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
    "ConnectionCenter"="c:\users\Thomas\AppData\Local\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    .
    R1 imhepdwa;imhepdwa;c:\windows\system32\drivers\imhepdwa.sys [x]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 136176]
    R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 245352]
    R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 250056]
    R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-13 62800]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 136176]
    R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976]
    R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]
    R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
    R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
    R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
    R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
    R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
    R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
    R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
    R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-22 1255736]
    S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-10 26704]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-13 283360]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
    S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-07-10 375376]
    S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-25 283200]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-13 75032]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-06-24 202752]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-13 149032]
    S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
    S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
    S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
    S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
    S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
    S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
    S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
    S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
    S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
    S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-10 120400]
    S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-10 29776]
    S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-05-28 56344]
    S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
    S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2010-04-26 12032]
    S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
    S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-05-31 402720]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-07-10 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 01:57]
    .
    2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 13:26]
    .
    2012-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-04 13:26]
    .
    2012-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3554109576-521710360-3852539908-1000Core.job
    - c:\users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 18:56]
    .
    2012-07-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3554109576-521710360-3852539908-1000UA.job
    - c:\users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-09 18:56]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.nl/
    uInternet Settings,ProxyOverride = <local>;*.local
    IE: Free YouTube to MP3 Converter - c:\users\Thomas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    TCP: DhcpNameServer = 192.168.2.254
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
    "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
    @Denied: (A) (Everyone)
    "Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
    "Key"="ActionsPane"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-07-10 22:22:33
    ComboFix-quarantined-files.txt 2012-07-10 20:22
    .
    Pre-Run: 237.161.000.960 bytes beschikbaar
    Post-Run: 237.021.978.624 bytes beschikbaar
    .
    - - End Of File - - 34A57CDAABA15C7045C335314E0DB470

  7. #17
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.500

    Standaard

    En laat AVG nu eens opnieuw scannen. Benieuwd wat die nog te vertellen heeft ?



  8. #18
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    drama dit volgens mij,

  9. #19
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    scanning in progress

  10. #20
    Lid
    Geregistreerd
    29 juli 2009
    Berichten
    15

    Standaard

    Geen dreigingen ........ volgens AVG ?

Discussie gesloten
Pagina 2 van 3 EersteEerste 123 LaatsteLaatste

Soortgelijke discussies

  1. Trojaans paard
    door sweetsss in forum Archief Bestrijding malware & virussen
    Reacties: 3
    Laatste bericht: 9 juli 2012, 19:08
  2. [OPGELOST] Trojaans paard PSW.Agent.ARMW en Trojaans paard PSW.Agent.ARMW.dropper
    door mitmit2 in forum Archief Bestrijding malware & virussen
    Reacties: 5
    Laatste bericht: 9 december 2011, 14:09
  3. Trojaans paard
    door Ashley in forum Archief Bestrijding malware & virussen
    Reacties: 1
    Laatste bericht: 6 september 2010, 11:07
  4. Trojaans paard
    door Astrid1989 in forum Archief Bestrijding malware & virussen
    Reacties: 7
    Laatste bericht: 8 mei 2010, 18:22
  5. [OPGELOST] Trojaans paard
    door debiemy in forum Archief Bestrijding malware & virussen
    Reacties: 23
    Laatste bericht: 4 januari 2010, 18:27

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •