Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Ff checken of alles schoon is :)

derpingtimmy
41 antwoorden
  • We gaan verder:

    [b:1bb887bae7]Welk programma[/b:1bb887bae7]:
  • Hey Abraham,

    Ik had net gelezen dat als ik Combofix gebruik en het gaat mis dat het misschien me pc kan beschadigen.

    Verder heb ik Avira en Superantispyware ook laten scannen en die vonden niks. Ook de programma's die je had aanbevolen heb ik gebruikt (Behalve combofix)

    Als die niks vinden dan is er denk ik toch ook niks? (ik bedoel hier niet mee om je hulp af te slaan hoor :))
  • Als jij je aan alles houdt wat ik heb neergeschreven, kan je ComboFix zoals duidenden voor jou dat gedaan gedaan hebben, gewoon gebruiken!
  • Ok ik zal het zorgvuldig lezen en het gebruiken. Komen er nog meerdere programma's die ik hierna moet gebruiken?

    Ik moet er wel bij zeggen dat ik nergens last van heb. Het is gewoon om te checken of er niks op zit :)
  • Ik probeer nu Super Anti spyware te deactiveren maar ik heb de gratis versie, Hoe kan ik dit nu doen?
  • Laat dat tool maar zoals het is!
  • Ok, dus super anti spyware hoeft niet gedeactiveerd te worden?

    Ps: Over het AdwCleaner, Dat icoontje staat nog op me bureaublad, terwijl dat toch zou moeten verdwijnen?
  • Opruimen doen we op het einde!
  • Hey Abraham.

    Ik heb comboFix laten runnen en hij hoefde niet opnieuw op te starten. Verder heb ik nu wel weer me antivirus en spyware etc weer werkend.

    Hier is een log van ComboFix


    ComboFix 12-08-16.01 - Tim 16-08-2012 19:46:30.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8173.6153 [GMT 2:00]
    Gestart vanuit: c:\users\Tim\Desktop\ComboFix.exe
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    FW: FireWall *Enabled* {CE40CCC0-8ADB-6D67-25A0-C5B6438E4B57}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Tim\AppData\Local\assembly\tmp
    c:\users\Tim\AppData\Roaming\.#
    c:\windows\SysWow64\themeui.dll.tmp
    c:\windows\SysWow64\URTTemp
    c:\windows\SysWow64\URTTemp\regtlib.exe
    c:\windows\SysWow64\uxtheme.dll.tmp
    D:\install.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))
    .
    .
    2012-08-16 11:24 . 2012-08-16 11:24 ——– d—–w- c:\users\Tim\AppData\Roaming\Malwarebytes
    2012-08-16 11:24 . 2012-08-16 11:24 ——– d—–w- c:\programdata\Malwarebytes
    2012-08-16 11:24 . 2012-08-16 11:24 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-08-16 11:24 . 2012-07-03 11:46 24904 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-08-15 23:01 . 2012-08-15 23:01 ——– d—–w- c:\users\Tim\AppData\Roaming\RotMG.Production
    2012-08-15 09:04 . 2012-07-04 22:16 73216 —-a-w- c:\windows\system32
    etapi32.dll
    2012-08-15 09:04 . 2012-07-04 22:13 59392 —-a-w- c:\windows\system32\browcli.dll
    2012-08-15 09:04 . 2012-07-04 22:13 136704 —-a-w- c:\windows\system32\browser.dll
    2012-08-15 09:04 . 2012-07-04 21:14 41984 —-a-w- c:\windows\SysWow64\browcli.dll
    2012-08-15 09:04 . 2012-07-18 18:15 3148800 —-a-w- c:\windows\system32\win32k.sys
    2012-08-15 09:04 . 2012-05-14 05:26 956928 —-a-w- c:\windows\system32\localspl.dll
    2012-08-14 10:06 . 2012-06-29 10:04 9133488 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{59408667-BEA5-4D53-B5EC-48F37FBB4BCD}\mpengine.dll
    2012-08-13 15:28 . 2012-08-13 15:28 ——– d—–w- c:\program files (x86)\THQ
    2012-08-09 22:04 . 2012-08-09 22:04 ——– d—–w- c:\users\Tim\AppData\Local\CRE
    2012-08-09 09:47 . 2012-07-25 19:32 4622336 —-a-w- c:\windows\SysWow64\GameMon.des
    2012-08-09 09:46 . 2005-01-04 18:43 4682 —-a-w- c:\windows\SysWow64
    pptNT2.sys
    2012-08-09 09:46 . 2003-07-21 03:17 5174 —-a-w- c:\windows\SysWow64
    ppt9x.vxd
    2012-08-09 09:46 . 2012-08-09 09:46 ——– d—–w- c:\program files\Common Files\INCA Shared
    2012-08-08 14:46 . 2012-08-08 15:49 ——– d—–w- c:\users\Tim\AppData\Roaming\FOG Downloader
    2012-08-04 15:37 . 2012-08-04 15:37 ——– d—–w- c:\users\Tim\AppData\Local\ODUI
    2012-08-04 15:37 . 2012-08-04 15:37 ——– d—–w- c:\users\Tim\AppData\Local\Stardock
    2012-08-04 15:37 . 2012-08-04 15:37 ——– d—–w- c:\users\Tim\AppData\Roaming\Stardock
    2012-08-04 15:36 . 2012-08-04 15:36 ——– d—–w- c:\users\Tim\AppData\Local\PackageAware
    2012-08-04 15:31 . 2012-08-04 15:31 ——– d—–w- c:\program files (x86)\Skin Pack
    2012-08-04 15:26 . 2010-11-21 03:24 1493504 —-a-w- c:\windows\SysWow64\ExplorerFrame.dll
    2012-08-01 15:34 . 2012-08-01 15:34 ——– d—–w- c:\program files (x86)\Microsoft XNA
    2012-07-24 10:07 . 2012-07-24 10:07 ——– d—–w- c:\program files (x86)\Gameforge
    2012-07-23 14:53 . 2012-08-04 14:51 ——– d—–w- c:\programdata\Hi-Rez Studios
    2012-07-22 19:24 . 2012-07-22 19:24 ——– d—–w- c:\users\Tim\AppData\Local\DDMSettings
    2012-07-22 19:20 . 2012-07-22 19:20 ——– d—–w- c:\program files (x86)\DivX
    2012-07-22 19:20 . 2012-07-25 12:49 ——– d—–w- c:\users\Tim\AppData\Roaming\DivX
    2012-07-22 19:20 . 2012-07-22 19:20 ——– d—–w- c:\program files (x86)\Common Files\PX Storage Engine
    2012-07-22 19:20 . 2012-07-22 19:20 ——– d—–w- c:\program files\DivX
    2012-07-22 19:20 . 2012-07-22 19:20 ——– d—–w- c:\program files (x86)\Common Files\DivX Shared
    2012-07-22 19:15 . 2012-07-22 19:23 ——– d—–w- c:\programdata\DivX
    2012-07-22 18:59 . 2012-07-22 18:59 ——– d—–w- c:\program files (x86)\Veoh Networks
    2012-07-21 01:17 . 2012-07-21 01:17 ——– d—–w- c:\program files\CCleaner
    2012-07-21 01:00 . 2012-07-21 01:00 ——– d—–w- c:\program files (x86)\MSXML 4.0
    2012-07-20 23:34 . 2012-07-20 23:34 ——– d—–w- c:\users\Tim\AppData\Roaming\LolClient
    2012-07-20 16:43 . 2012-07-20 16:43 ——– d—–w- c:\users\Tim\AppData\Roaming\Microsoft Games
    2012-07-18 22:53 . 2012-07-18 22:53 ——– d—–w- c:\windows\SysWow64\wbem\en-US
    2012-07-18 22:53 . 2012-07-18 22:53 ——– d—–w- c:\windows\system32\wbem\en-US
    2012-07-18 22:39 . 2012-01-04 10:44 509952 —-a-w- c:\windows\system32
    tshrui.dll
    2012-07-18 22:38 . 2011-02-18 10:51 31232 —-a-w- c:\windows\system32\prevhost.exe
    2012-07-18 22:38 . 2011-02-18 05:39 31232 —-a-w- c:\windows\SysWow64\prevhost.exe
    2012-07-18 22:31 . 2012-07-18 22:31 ——– d—–w- c:\users\Tim\AppData\Local\Rockstar Games
    2012-07-18 22:31 . 2012-07-18 22:31 ——– d–h–r- c:\users\Tim\AppData\Roaming\SecuROM
    2012-07-18 22:31 . 2012-07-18 22:31 178800 —-a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-15 21:12 . 2012-06-10 18:43 426184 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-08-15 21:12 . 2012-01-29 12:34 70344 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-15 09:23 . 2012-01-20 12:49 62134624 —-a-w- c:\windows\system32\MRT.exe
    2012-08-01 09:56 . 2012-01-31 19:45 466456 —-a-w- c:\windows\system32\wrap_oal.dll
    2012-08-01 09:56 . 2012-01-31 19:45 444952 —-a-w- c:\windows\SysWow64\wrap_oal.dll
    2012-08-01 09:56 . 2012-01-31 19:45 122904 —-a-w- c:\windows\system32\OpenAL32.dll
    2012-08-01 09:56 . 2012-01-31 19:45 109080 —-a-w- c:\windows\SysWow64\OpenAL32.dll
    2012-07-20 23:26 . 2012-03-30 11:58 280904 —-a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2012-07-20 22:40 . 2012-03-30 11:04 280904 —-a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2012-07-03 09:54 . 2012-07-03 09:54 670816 —-a-w- c:\windows\SysWow64\xsherlock.xem
    2012-06-26 20:02 . 2012-06-26 20:02 1147424 —-a-w- c:\windows\PE_Rom.dll
    2012-06-26 16:06 . 2009-08-18 10:49 564632 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
    2012-06-26 16:06 . 2009-08-18 09:24 19736 —-a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2012-06-09 05:43 . 2012-07-11 10:39 14172672 —-a-w- c:\windows\system32\shell32.dll
    2012-06-06 06:06 . 2012-07-11 10:39 2004480 —-a-w- c:\windows\system32\msxml6.dll
    2012-06-06 06:06 . 2012-07-11 10:39 1881600 —-a-w- c:\windows\system32\msxml3.dll
    2012-06-06 06:02 . 2012-07-11 10:39 1133568 —-a-w- c:\windows\system32\cdosys.dll
    2012-06-06 05:05 . 2012-07-11 10:39 1390080 —-a-w- c:\windows\SysWow64\msxml6.dll
    2012-06-06 05:05 . 2012-07-11 10:39 1236992 —-a-w- c:\windows\SysWow64\msxml3.dll
    2012-06-06 05:03 . 2012-07-11 10:39 805376 —-a-w- c:\windows\SysWow64\cdosys.dll
    2012-06-05 14:03 . 2012-07-13 17:12 224088 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
    2012-06-05 14:03 . 2012-07-13 17:12 130904 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2012-06-05 14:03 . 2012-06-05 14:03 147288 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
    2012-06-02 22:19 . 2012-06-21 10:52 38424 —-a-w- c:\windows\system32\wups.dll
    2012-06-02 22:19 . 2012-06-21 10:52 2428952 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 22:19 . 2012-06-21 10:52 57880 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 22:19 . 2012-06-21 10:52 44056 —-a-w- c:\windows\system32\wups2.dll
    2012-06-02 22:19 . 2012-06-21 10:52 701976 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-02 22:15 . 2012-06-21 10:52 2622464 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-02 22:15 . 2012-06-21 10:52 99840 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-02 13:19 . 2012-06-21 10:52 186752 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-02 13:15 . 2012-06-21 10:52 36864 —-a-w- c:\windows\system32\wuapp.exe
    2012-06-02 05:50 . 2012-07-11 10:39 458704 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-06-02 05:48 . 2012-07-11 10:39 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-06-02 05:48 . 2012-07-11 10:39 151920 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-06-02 05:45 . 2012-07-11 10:39 340992 —-a-w- c:\windows\system32\schannel.dll
    2012-06-02 05:44 . 2012-07-11 10:39 307200 —-a-w- c:\windows\system32
    crypt.dll
    2012-06-02 04:40 . 2012-07-11 10:39 22016 —-a-w- c:\windows\SysWow64\secur32.dll
    2012-06-02 04:40 . 2012-07-11 10:39 225280 —-a-w- c:\windows\SysWow64\schannel.dll
    2012-06-02 04:39 . 2012-07-11 10:39 219136 —-a-w- c:\windows\SysWow64
    crypt.dll
    2012-06-02 04:34 . 2012-07-11 10:39 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
    2012-05-31 10:25 . 2010-11-21 03:27 279656 ——w- c:\windows\system32\MpSigStub.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 94208 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 94208 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 94208 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Steam"="d:\steam\steam.exe" [2012-08-04 1353080]
    "SUPERAntiSpyware"="d:\programs\Super Anti Spyware\SUPERAntiSpyware.exe" [2012-07-23 5661056]
    "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
    "uTorrent"="d:\programs\uTorrent\uTorrent.exe" [2012-08-09 896400]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-09-27 646232]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    .
    c:\users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dropbox.lnk - c:\users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
    MagicDisc.lnk - d:\programs\MagicDisc\MagicDisc.exe [2012-1-29 576000]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;d:\programs\3DsMax\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
    R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-07-23 1432400]
    R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
    R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
    R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2010-01-14 29472]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys [2010-01-14 48416]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
    R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
    R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
    R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys [2010-01-14 29472]
    R3 vtany;vtany;c:\windows\vtany.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-20 1255736]
    R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
    R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem [x]
    S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
    S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2012-05-14 139360]
    S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-15 27760]
    S1 SASDIFSV;SASDIFSV;d:\programs\Super Anti Spyware\SASDIFSV64.SYS [2011-07-22 14928]
    S1 SASKUTIL;SASKUTIL;d:\programs\Super Anti Spyware\SASKUTIL64.SYS [2011-07-12 12368]
    S2 !SASCORE;SAS Core Service;d:\programs\Super Anti Spyware\SASCORE64.EXE [2011-08-11 140672]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 AntiVirFirewallService;Avira FireWall;c:\program files (x86)\Avira\AntiVir Desktop\avfwsvc.exe [2012-05-14 619472]
    S2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-14 375760]
    S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-14 86224]
    S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-14 465360]
    S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-06-13 922240]
    S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-02 915584]
    S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
    S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2010-01-14 32544]
    S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2011-09-08 6583160]
    S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2011-09-08 528760]
    S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
    S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2012-05-14 114128]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
    S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers
    vhda64v.sys [2012-04-18 188736]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
    S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2011-09-08 13312]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - MBAMPROTECTOR
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-10 21:12]
    .
    2012-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1100947558-1251217672-3031793204-1000Core.job
    - c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-20 12:30]
    .
    2012-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1100947558-1251217672-3031793204-1000UA.job
    - c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-20 12:30]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 97792 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 97792 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 97792 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-01-18 18:49 97792 —-a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>
    LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
    TCP: DhcpNameServer = 192.168.2.254
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Wow6432Node-HKCU-Run-AdobeBridge - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services
    pggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
    "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
    "ImagePath"="c:\windows\system32\xsherlock.xem"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-1100947558-1251217672-3031793204-1000\Software\SecuROM\License information*]
    "datasecu"=hex:e3,e6,6b,84,58,ab,7b,bc,e1,5d,a1,ab,07,21,c2,37,d0,15,9c,b2,99,
    e9,55,42,dc,03,ef,0f,76,0c,c4,fc,f2,54,92,71,d1,e6,0b,71,86,dd,1b,02,30,f5,\
    "rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-08-16 19:49:42
    ComboFix-quarantined-files.txt 2012-08-16 17:49
    .
    Pre-Run: 10.367.131.648 bytes beschikbaar
    Post-Run: 10.225.008.640 bytes beschikbaar
    .
    - - End Of File - - BF62FB5D9A51ADB60B4806D589134B04







  • Vertel maar hoe het nu met jouw Windows gaat.
    Overigens dat jou antivirus en firewall niet werkten - dat had je nog niet eerder vermed.
  • Mijn windows werkt prima. Maar ik wou gewoon weten of alles nog schoon is. Zoals ik eerder zei, ik had er geen problemen mee.

    Mijn antivirus en firewall werken wel. Die moest ik uitzetten vanwege Combofix. Ik heb ze nu weer aan staan.
  • Oké, duidelijk.
    Voordat we gaan opruimen, graag eerst het volgende doen: een test, om te kijken hoe goed de veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:cb53e5516e].
    [list:cb53e5516e][*:cb53e5516e] Klik/dubbelklik op [b:cb53e5516e]SecurityCheck.exe[/b:cb53e5516e] en let op de instrukties in het zwarte venster.
    [*:cb53e5516e] Een Kladblok document genaamd [b:cb53e5516e]checkup.txt[/b:cb53e5516e] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:cb53e5516e] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:cb53e5516e]
    Post de inhoud van [b:cb53e5516e]checkup.txt [/b:cb53e5516e]in je volgende post.
  • Hey abraham :) Hier is de log van de CheckUp


    Results of screen317's Security Check version 0.99.44
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:44eaf25462][u:44eaf25462]``````````````Antivirus/Firewall Check:``````````````[/b:44eaf25462][/u:44eaf25462]
    Avira Desktop
    Antivirus up to date!
    [b:44eaf25462][u:44eaf25462]`````````Anti-malware/Other Utilities Check:`````````[/b:44eaf25462][/u:44eaf25462]
    Malwarebytes Anti-Malware versie 1.62.0.1300
    Java(TM) 6 Update 31
  • Op Java en Adobe Reader na ziet het er goed uit - ook dat jij Gebruikersaccountbeheer aktief hebt is goed!

    [b:9393440ce2]Java[/b:9393440ce2]
    [b:9393440ce2]
  • Ik heb de updates uitgevoerd. Zo is java 7 update 5 en JavaFX 2.1.1 geinstalleerd en de update van Adobe Reader 10.1.4
  • Dat JavaFX 2.1.1 heb niet nodig hoor en let op de systray - als daar een Java-symbool staat, is er een update.
    De oude Java wordt dan netjes eerst verwijderd en dan de nieuwe versie geïnstalleerd!
  • Ok ik zal de updates in de gaten houden. Wat moet ik nu nog verder doen? :)
  • We gaan opruimen.
    Maar eerst dit: hou MBAM jouw Windows erbij.
    Gebruik MBAM 1x wekelijks - na upaten kies je voor snelle scan.
    En nog een tip: hier - http://www.jawwi.nl/artikelen/cookies.html - vindt je info over cookies en hoe in je browser(s) AdAware cookies te weren.

  • Hey abraham,

    Ik kreeg net een berich van Avira "A flooding has started on the adapter LAN-verbinding" en "A flooding has stopped on the adapter LAN-verbinding" 3 keer achter elkaar. Is dit iets ernstigs?
  • Gebruik jij de Avira Premium Security Suite inclusief Avira firewall?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.