Ga naar inhoud

Leonardus

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    4

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Leonardus

  1. Leonardus
    Hij lijkt nog wat traag met het opstarten, maar zodra hij draait doet hij het goed.
  2. Leonardus
    ComboFix 10-10-05.06 - Student 06-10-2010 22:58:55.1.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.31.1033.18.2045.903 [GMT 2:00] Gestart vanuit: c:\users\Student\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system\Agcgauge.ax c:\windows\system32\drivers\npf.sys c:\windows\system32\Packet.dll c:\windows\system32\spool\prtprocs\w32x86\xpdpp.dll c:\windows\system32\wpcap.dll Besmet exemplaar van c:\windows\system32\drivers\ndis.sys werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - Kitty had a snack . \\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected . \\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected . (((((((((((((((((((( Bestanden Gemaakt van 2010-09-06 to 2010-10-06 )))))))))))))))))))))))))))))) . 2010-10-06 21:05 . 2010-10-06 21:05 -------- d-----w- c:\users\Student\AppData\Local\temp 2010-10-06 21:05 . 2010-10-06 21:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-10-06 18:40 . 2010-10-06 18:40 -------- d-----w- c:\users\Student\AppData\Roaming\Malwarebytes 2010-10-06 18:40 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-10-06 18:40 . 2010-10-06 18:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-10-06 18:40 . 2010-10-06 18:40 -------- d-----w- c:\programdata\Malwarebytes 2010-10-06 18:40 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-10-06 16:42 . 2010-10-06 16:42 388096 ----a-r- c:\users\Student\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-10-06 16:42 . 2010-10-06 16:42 -------- d-----w- c:\program files\HJT 2010-10-06 15:24 . 2010-10-06 15:26 -------- d-----w- c:\windows\system32\drivers\Avg 2010-10-06 15:23 . 2010-10-06 15:23 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys 2010-10-06 15:23 . 2010-10-06 15:23 -------- d-----w- c:\program files\AVG 2010-10-06 15:23 . 2010-10-06 15:23 -------- d-----w- c:\programdata\avg9 2010-09-29 04:40 . 2010-06-22 12:57 2048 ----a-w- c:\windows\system32\tzres.dll 2010-09-27 19:47 . 2010-09-27 19:47 -------- d-----w- c:\users\Student\AppData\Roaming\Codeheadz 2010-09-27 19:47 . 2010-09-27 19:47 -------- d-----w- c:\programdata\Codeheadz 2010-09-23 15:15 . 2010-09-23 15:15 -------- d-----w- c:\users\Student\.imindmap 2010-09-23 15:15 . 2010-09-23 15:15 -------- d-----w- c:\programdata\BOL 2010-09-21 18:37 . 2010-09-21 18:37 932288 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\9787\AdobeARM.exe 2010-09-21 18:37 . 2010-09-21 18:37 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\9787\AdobeExtractFiles.dll 2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\9787\ReaderUpdater.exe 2010-09-21 18:37 . 2010-09-21 18:37 338856 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\9787\AcrobatUpdater.exe 2010-09-15 14:13 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll 2010-09-15 14:13 . 2010-08-17 13:32 126464 ----a-w- c:\windows\system32\spoolsv.exe 2010-09-15 14:13 . 2010-04-05 16:08 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL 2010-09-15 14:13 . 2010-05-27 19:16 738816 ----a-w- c:\windows\system32\inetcomm.dll 2010-09-15 13:04 . 2010-09-15 13:06 -------- d-----w- c:\users\Student\AppData\Roaming\EndNote 2010-09-15 13:03 . 2010-09-15 13:03 -------- d-----w- c:\program files\Common Files\Risxtd 2010-09-15 13:03 . 2010-09-15 13:03 -------- d-----w- c:\program files\Common Files\ResearchSoft 2010-09-15 13:01 . 2010-09-15 13:03 -------- d-----w- c:\programdata\Thomson.ResearchSoft.Installers . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-10-06 20:48 . 2009-05-20 07:26 -------- d-----w- c:\users\Student\AppData\Roaming\WTablet 2010-10-06 20:48 . 2009-06-08 11:14 558358 ----a-w- c:\programdata\nvModes.dat 2010-10-06 20:31 . 2009-02-17 08:10 -------- d-----w- c:\programdata\McAfee 2010-10-06 18:59 . 2009-08-17 18:51 -------- d-----w- c:\users\Student\AppData\Roaming\Dropbox 2010-10-06 15:59 . 2010-10-06 15:59 360584 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys 2010-10-06 15:59 . 2010-10-06 15:59 333192 ----a-w- c:\programdata\avg9\update\backup\avgldx86.sys 2010-10-06 15:59 . 2010-10-06 15:59 28424 ----a-w- c:\programdata\avg9\update\backup\avgmfx86.sys 2010-10-06 15:59 . 2010-10-06 15:59 161800 ----a-w- c:\programdata\avg9\update\backup\avgrkx86.sys 2010-10-06 15:59 . 2010-10-06 15:24 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-10-06 15:59 . 2010-10-06 15:24 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-10-06 15:59 . 2010-10-06 15:24 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-10-06 15:59 . 2010-10-06 15:24 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-10-06 15:24 . 2010-10-06 15:24 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-10-06 15:24 . 2010-10-06 15:58 877848 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe 2010-10-06 15:24 . 2010-10-06 15:58 798488 ----a-w- c:\programdata\avg9\update\backup\avginet.dll 2010-10-06 15:24 . 2010-10-06 15:58 613656 ----a-w- c:\programdata\avg9\update\backup\avgiproxy.exe 2010-10-06 15:24 . 2010-10-06 15:58 1657112 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll 2010-10-06 15:23 . 2006-11-02 10:25 51200 ----a-w- c:\windows\Inf\infpub.dat 2010-10-06 15:23 . 2006-11-02 10:25 143360 ----a-w- c:\windows\Inf\infstrng.dat 2010-10-06 15:23 . 2006-11-02 10:25 86016 ----a-w- c:\windows\Inf\infstor.dat 2010-10-06 15:21 . 2009-02-17 08:10 -------- d-----w- c:\program files\McAfee 2010-10-06 15:00 . 2010-04-07 14:17 -------- d-----w- c:\users\Student\AppData\Roaming\Resolume Avenue 3 2010-10-06 14:59 . 2010-04-07 14:16 -------- d-----w- c:\program files\QuickTime 2010-10-06 14:59 . 2009-10-14 17:10 -------- d-----w- c:\program files\Microsoft Silverlight 2010-10-06 09:38 . 2009-03-03 10:04 -------- d-----w- c:\users\Student\AppData\Roaming\uTorrent 2010-09-30 20:54 . 2009-09-12 10:40 -------- d-----w- c:\users\Student\AppData\Roaming\Skype 2010-09-30 19:53 . 2009-09-12 10:45 -------- d-----w- c:\users\Student\AppData\Roaming\skypePM 2010-09-26 21:46 . 2009-03-03 13:22 -------- d-----w- c:\users\Student\AppData\Roaming\FileZilla 2010-09-23 21:14 . 2009-03-16 17:18 -------- d-----w- c:\users\Student\AppData\Roaming\dvdcss 2010-09-23 06:30 . 2009-03-18 00:01 -------- d-----w- c:\programdata\CanonIJPLM 2010-09-16 20:57 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-09-16 07:48 . 2009-03-03 12:29 -------- d-----w- c:\programdata\Microsoft Help 2010-09-06 12:30 . 2010-09-06 12:30 -------- d-----w- c:\users\Student\AppData\Roaming\Xerox 2010-08-31 10:11 . 2010-08-31 10:11 3401880 ----a-w- c:\users\Student\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll 2010-08-31 09:55 . 2010-08-31 09:55 275096 ----a-w- c:\users\Student\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll 2010-08-31 09:39 . 2010-08-31 09:39 3734536 ----a-w- c:\users\Student\AppData\Roaming\Mozilla\plugins\Google Talk Plugin Extras\d3dx9_36.dll 2010-08-17 13:29 . 2009-03-05 11:24 -------- d-----w- c:\users\Student\AppData\Roaming\vlc 2010-08-17 09:07 . 2010-08-12 06:33 185954442 ----a-w- c:\windows\DUMP5bb6.tmp 2010-08-11 12:54 . 2010-08-11 12:54 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWA\unins000.exe 2010-08-11 12:54 . 2010-08-11 12:53 107 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat 2010-08-11 12:53 . 2010-08-11 12:53 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWMP\unins000.exe 2010-08-11 12:53 . 2010-08-11 12:53 -------- d-----w- c:\programdata\Last.fm 2010-07-16 17:36 . 2010-06-14 14:13 381 ----a-w- c:\windows\system32\Wacom_Tablet.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- d:\program files\Dropbox\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- d:\program files\Dropbox\DropboxExt.13.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2009-12-09 01:19 94208 ----a-w- d:\program files\Dropbox\DropboxExt.13.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560] "Skype"="c:\program files\Skype\\Phone\Skype.exe" [2010-09-02 13351304] "Gadwin PrintScreen Pro"="d:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2009-02-28 516096] "Google Update"="c:\users\Student\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-09-12 136176] "Netvue"="d:\program files\Codeheadz\Netvue\Netvue.exe" [2006-12-13 528384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="c:\program files\Apoint\Apoint.exe" [2007-01-25 159744] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472] "OpwareSE4"="d:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400] "GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-19 148888] "nwiz"="nwiz.exe" [2009-08-12 1657376] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-19 13793824] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-08-19 92704] "QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2009-09-04 417792] "iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "Adobe Acrobat Speed Launcher"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-10-03 38768] "Acrobat Assistant 8.0"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-10-02 640376] "AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-06 2020120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10b.exe" [2009-02-03 240544] c:\users\Student\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - d:\program files\Dropbox\Dropbox.exe [2010-2-26 21979992] OneNote 2007 Screen Clipper and Launcher.lnk - d:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Watch.lnk - c:\program files\ScanExpress A3 USB\Driver\WATCH.exe [2009-5-20 364544] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3232317721-4012798742-1043214378-1000] "EnableNotificationsRef"=dword:00000001 R0 bnlarmvj;bnlarmvj;c:\windows\System32\drivers\ndjum.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 CamSpaceBus;CamSpace Virtual Joystick Bus device driver;c:\windows\system32\drivers\CamSpaceBus.sys [2008-08-24 14848] R3 CamSpaceJoy;CamSpace Virtual Joystick device driver;c:\windows\system32\drivers\CamSpaceJoy.sys [2008-08-24 30464] R3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\DRIVERS\camdrv21.sys [x] R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;d:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2009-07-29 83240] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-03-03 717296] S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-10-06 52872] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-10-06 24856] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-10-06 216400] S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-10-06 243024] S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-10-06 906520] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-10-06 285392] S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-10-06 2304192] S2 Remote Solver for Flow Simulation 2009;Remote Solver for Flow Simulation 2009;d:\program files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe [2009-05-05 283944] S2 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2009-11-24 4463400] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 179712] S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2009-08-27 16168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc . Inhoud van de 'Gedeelde Taken' map 2010-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232317721-4012798742-1043214378-1000Core.job - c:\users\Student\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-12 22:09] 2010-10-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3232317721-4012798742-1043214378-1000UA.job - c:\users\Student\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-12 22:09] 2010-10-06 c:\windows\Tasks\User_Feed_Synchronization-{286CA6E3-45BB-49AD-A10F-9FC58E515148}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 02:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://search.student.utwente.nl/search uInternet Settings,ProxyOverride = *.local IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Student\AppData\Roaming\Mozilla\Firefox\Profiles\2xam4a93.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.ntnu.edu/ub FF - component: d:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - plugin: c:\program files\TabletPlugins\npwacom.dll FF - plugin: c:\users\Student\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\users\Student\AppData\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll FF - plugin: c:\users\Student\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\users\Student\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: d:\program files\Adobe\Reader\browser\nppdf32.dll FF - plugin: d:\program files\iTunes\Mozilla Plugins\npitunes.dll FF - plugin: d:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS VERWIJDERD - - - - HKCU-Run-AdobeBridge - (no file) . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\S-1-5-21-3232317721-4012798742-1043214378-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:76,e3,e1,72,41,e5,99,b4,4a,fb,aa,56,33,4d,35,fa,a7,b3,3d,10,55,ba,66, 67,eb,b4,37,ad,aa,c5,17,4d,bd,d4,5d,a1,f5,ec,95,2b,d4,c7,4e,d8,37,26,de,8d,\ "??"=hex:9e,e7,7b,e8,d8,51,40,d4,a3,85,20,f7,2d,4c,d9,eb [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version] "Version"=hex:51,9e,46,eb,b8,51,5e,e1,4c,23,1e,96,d0,03,e3,9e,ac,0f,a0,7a,7b, 80,b0,4b,ff,3e,c0,4c,45,99,18,56,74,15,28,70,b9,05,55,1c,44,7c,ac,02,12,c4,\ [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2010-10-06 23:08:30 ComboFix-quarantined-files.txt 2010-10-06 21:08 Pre-Run: 1.785.221.120 bytes free Post-Run: 1.847.877.632 bytes free - - End Of File - - CE963ED125B9F7420FCE9B832B01BF29
  3. Leonardus
    MAM log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4757 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 6-10-2010 20:49:19 mbam-log-2010-10-06 (20-49-19).txt Scan type: Quick scan Objects scanned: 151988 Time elapsed: 7 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 2 Registry Data Items Infected: 1 Folders Infected: 1 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\24d1ca9a-a864-4f7b-86fe-495eb56529d8 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\w32id (Spyware.OnlineGames) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> Quarantined and deleted successfully. Files Infected: C:\$Recycle.Bin\S-1-5-21-3232317721-4012798742-1043214378-1000\$R5BK3ON.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-21-3232317721-4012798742-1043214378-1000\$RA2DI79.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-21-3232317721-4012798742-1043214378-1000\$RR04FJ6.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-21-3232317721-4012798742-1043214378-1000\$RD0TXCA.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\$Recycle.Bin\S-1-5-21-3232317721-4012798742-1043214378-1000\$RHYIGDY.exe (Trojan.Hiloti) -> Quarantined and deleted successfully. C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully. HJT log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:09:05, on 6-10-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18498) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\Explorer.EXE C:\Windows\system32\WTablet\Wacom_TabletUser.exe C:\Program Files\Apoint\Apoint.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe D:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe D:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Windows\system32\wbem\unsecapp.exe D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\AVG\AVG9\avgtray.exe D:\Program Files\DAEMON Tools Lite\daemon.exe D:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe D:\Program Files\Codeheadz\Netvue\Netvue.exe C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe D:\Program Files\Dropbox\Dropbox.exe D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE D:\Program Files\Mozilla Firefox\firefox.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\wuauclt.exe C:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.student.utwente.nl/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Gadwin PrintScreen Pro] D:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe /nosplash O4 - HKCU\..\Run: [Google Update] "C:\Users\Student\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Netvue] D:\Program Files\Codeheadz\Netvue\Netvue.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'Default user') O4 - Startup: Dropbox.lnk = D:\Program Files\Dropbox\Dropbox.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Watch.lnk = C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Dell Internal Network Card Power Management (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Remote Solver for Flow Simulation 2009 - Mentor Graphics Corporation - D:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe -- End of file - 10640 bytes
  4. Leonardus
    Hallo, Heb waarschijnlijk een virus te pakken. Draai Windows Vista Home Basic SP1 op een Dell Latitude D830. Heb met McAfee een aantal scans gedaan, en bij de rootkit-scan gaf hij aan dat als deze scan geen resultaten gaf dit kwam omdat het virus iets in de scancode zelf had veranderd. Ik zou dan een pre-scan moeten doen. Ik heb uiteindelijk maar AVG Anti-Virus geinstalleerd, mijn McAfee was al redelijk oud, wel bijgehouden trouwens. Ik kwam na een aantal vastlopers, pop-up schermpjes van nep virusscanners (terwijl mijn internetconnectie verbroken was) eindelijk weer eens in mn Vista terecht. Het opstarten in Veilige Modus werkte ook niet, zelfs niet alleen met core drivers. In ieder geval hier een log, bij voorbaat dank. Leon Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:51:40, on 6-10-2010 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18498) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Apoint\Apoint.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe D:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\system32\WTablet\Wacom_TabletUser.exe C:\Windows\System32\rundll32.exe D:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\AVG\AVG9\avgtray.exe D:\Program Files\DAEMON Tools Lite\daemon.exe C:\Windows\system32\wbem\unsecapp.exe D:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe D:\Program Files\Codeheadz\Netvue\Netvue.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe D:\Program Files\Dropbox\Dropbox.exe D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Apoint\ApMsgFwd.exe C:\Program Files\Apoint\HidFind.exe C:\Program Files\Apoint\Apntex.exe D:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AVG\AVG9\avgui.exe C:\Windows\system32\wuauclt.exe D:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\AVG\AVG9\avgscanx.exe C:\Program Files\AVG\AVG9\avgcsrvx.exe D:\Program Files\VideoLAN\VLC\vlc.exe C:\Program Files\HJT\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.student.utwente.nl/search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Gadwin PrintScreen Pro] D:\Program Files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe /nosplash O4 - HKCU\..\Run: [Google Update] "C:\Users\Student\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Netvue] D:\Program Files\Codeheadz\Netvue\Netvue.exe O4 - HKCU\..\Run: [dfrgsnapnt.exe] C:\Users\Student\AppData\Local\Temp\dfrgsnapnt.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe (User 'Default user') O4 - Startup: Dropbox.lnk = D:\Program Files\Dropbox\Dropbox.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: QuickSet.lnk = ? O4 - Global Startup: Watch.lnk = C:\Program Files\ScanExpress A3 USB\Driver\WATCH.exe O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corp. - D:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: Dell Internal Network Card Power Management (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Remote Solver for Flow Simulation 2009 - Mentor Graphics Corporation - D:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\StandAloneSlv.exe O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe O23 - Service: Glasovne poruke (Speechsrv) - Unknown owner - D:\Program Files\LAN Voice Chat\Speechs.exe O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\Windows\system32\Wacom_Tablet.exe -- End of file - 11135 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.