Vraag & Antwoord

Beveiliging & privacy

Nieuwe laptop, veilig?

Anoniem
None
10 antwoorden
  • Ik heb een nieuwe laptop gekocht, en ik zou graag willen weten of deze veilig is, na een virus op de oude laptop.
  • Hoi, doe het volgende:

    [b:76031b386e]Welk programma[/b:76031b386e]: sUbs [b:76031b386e]dds[/b:76031b386e]
    [b:76031b386e]Waarvoor/waarom[/b:76031b386e]: DDS is een diagnosetool en maakt gebruik van scripts.
    [b:76031b386e]Moeilijkheidsgraad[/b:76031b386e]: Lees eerst goed wat te doen.
    [b:76031b386e]Downloadlokatie[/b:76031b386e]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
    [b:76031b386e]Download DDS[/b:76031b386e] van [b:76031b386e]sUBS[/b:76031b386e] van één van deze locaties en plaats het op je [b:76031b386e]bureaublad[/b:76031b386e]:
    [b:76031b386e]DDS - Bleeping Computer download.
    DDS - Bleeping Computer download.
    DDS - Infospyware.[/b:76031b386e]

    [img:76031b386e]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:76031b386e]

    [b:76031b386e]sUBs dds. gebruiken[/b:76031b386e]:
    [list:76031b386e][*:76031b386e][b:76031b386e]
  • Dit is de DDS logfile:

    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Kim at 11:26:34 on 2012-05-28
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3872.2343 [GMT 2:00]
    .
    AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
    SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32
    vvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\system32\FBAgent.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    C:\Program Files\NVIDIA Corporation\Display
    vxdsync.exe
    C:\Windows\system32
    vvsvc.exe
    C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
    C:\Program Files\ASUS\P4G\BatteryLife.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Windows\AsScrPro.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\NVIDIA Corporation\Display
    vtray.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://co102w.col102.mail.live.com/default.aspx?n=1145786308&fid=1&fav=1&mid=80ecb0df-a510-11e1-81c8-00215ad9a7b8#n=78412849&fid=1&fav=1
    uDefault_Page_URL = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    mWinlogon: Userinit=userinit.exe
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
    mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    StartupFolder: C:\Users\Kim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    TCP: Interfaces\{3D11E740-0C3B-4AD4-A066-10FAE336057F} : DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\Windows\SysWOW64
    vinit.dll
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {d2ce3e00-f94a-4740-988e-03dc2f38c34f}
    {8dcb7100-df86-4384-8842-8fa844297b3f}
    mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
    mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
    mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
    mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
    mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    AppInit_DLLs-X64: C:\Windows\SysWOW64
    vinit.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\1hkgo6y1.default\
    FF - prefs.js: browser.startup.homepage - hxxp://zwemkroniek.com/
    FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0
    pctrlui.dll
    FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin
    ppdf.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS
    vpciflt.sys –> C:\Windows\system32\DRIVERS
    vpciflt.sys [?]
    R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
    R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys –> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys –> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" –> C:\Windows\system32\FBAgent.exe [?]
    R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-9-1 1166848]
    R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-5-25 86224]
    R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-5-25 110032]
    R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
    R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-2-3 277120]
    R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys –> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
    R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
    R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-10 2253120]
    R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys –> C:\Windows\system32\DRIVERS\TurboB.sys [?]
    R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-10 2656280]
    R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys –> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
    R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys –> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
    R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys –> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
    R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys –> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
    R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys –> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
    R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys –> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
    R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys –> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
    R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys –> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-26 257696]
    S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys –> C:\Windows\system32\DRIVERS\amppal.sys [?]
    S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
    S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys –> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
    S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-25 129976]
    S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-28 340240]
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys –> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys –> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys –> C:\Windows\system32\drivers\TsUsbGD.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe –> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
    .
    =============== Created Last 30 ================
    .
    2012-05-28 08:21:35 ——– d—–w- C:\Users\Kim\AppData\Local\{6D3B4705-AA34-429B-BA04-616FDBFCB631}
    2012-05-28 08:21:24 ——– d—–w- C:\Users\Kim\AppData\Local\{2EAC8FC2-3EC1-4439-A600-9FFA6E3C937E}
    2012-05-27 23:25:41 ——– d—–w- C:\Users\Kim\AppData\Local\{178E691C-4884-4016-9EE4-9F4050E756CC}
    2012-05-27 23:25:31 ——– d—–w- C:\Users\Kim\AppData\Local\{AD8B3633-F55C-4C45-84B6-799CDAD57D33}
    2012-05-27 22:25:38 ——– d—–w- C:\Users\Kim\AppData\Local\{ECA6DE57-C7A3-4216-8417-F2D2653557E2}
    2012-05-27 22:25:28 ——– d—–w- C:\Users\Kim\AppData\Local\{AFD30820-7343-4B8B-A77B-50DD4D4B6BCB}
    2012-05-27 22:22:51 ——– d—–w- C:\Program Files (x86)\ASM104xUSB3
    2012-05-27 22:21:23 196224 —-a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
    2012-05-27 22:21:20 ——– d—–w- C:\ProgramData\P4G
    2012-05-27 22:19:44 216704 —-a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOn.gadget\InstantOnCOM.dll
    2012-05-27 22:16:28 ——– d—–w- C:\Users\Kim\AppData\Local\{A408BEB8-E1DA-4C2E-8D2C-6043B94E29A0}
    2012-05-27 22:16:17 ——– d—–w- C:\Users\Kim\AppData\Local\{1DDB25B1-BA98-435A-995D-56A9D99CF017}
    2012-05-27 22:08:37 ——– d—–w- C:\Users\Kim\AppData\Local\{05D005E2-0A04-479A-B24D-691D31F5CDC4}
    2012-05-27 22:08:26 ——– d—–w- C:\Users\Kim\AppData\Local\{6FEC8422-E775-4FBC-B67E-50C32D603F60}
    2012-05-27 20:35:49 ——– d—–w- C:\Windows\PCHEALTH
    2012-05-27 20:33:30 ——– d—–w- C:\Program Files (x86)\Microsoft Visual Studio 8
    2012-05-27 20:22:39 ——– d—–w- C:\Users\Kim\AppData\Local\{C8F830D6-22A6-486D-9D3F-B8FA698AC8CA}
    2012-05-27 20:22:28 ——– d—–w- C:\Users\Kim\AppData\Local\{E677B099-06E9-4B4F-830E-D813B2B3A36D}
    2012-05-27 18:55:43 ——– d—–w- C:\Users\Kim\AppData\Local\{743A3A1E-959C-4EA0-BA3F-B3A0CEB7D697}
    2012-05-27 18:55:33 ——– d—–w- C:\Users\Kim\AppData\Local\{966D382D-9924-44F7-A159-6B0A424A40BA}
    2012-05-27 15:52:32 ——– d—–w- C:\Users\Kim\AppData\Local\{467C1568-9F36-4C0A-B374-B7E432F559D9}
    2012-05-27 15:52:21 ——– d—–w- C:\Users\Kim\AppData\Local\{07C79122-7CF0-486B-9B91-FEA3DAFA9B46}
    2012-05-27 10:25:59 ——– d—–w- C:\Users\Kim\AppData\Local\{8AA0506D-5D39-494F-9CF7-BABE67597495}
    2012-05-27 10:25:48 ——– d—–w- C:\Users\Kim\AppData\Local\{AA6E3F67-8FF3-4BCA-9379-539B2A98DCC9}
    2012-05-27 10:16:58 ——– d—–w- C:\Users\Kim\AppData\Local\Microsoft Help
    2012-05-27 08:31:20 ——– d—–w- C:\Users\Kim\AppData\Local\{62EB4FE6-E053-4B0A-9894-C98F22373979}
    2012-05-27 08:31:10 ——– d—–w- C:\Users\Kim\AppData\Local\{7494D961-02D5-4942-ADE0-900823C6AFD4}
    2012-05-26 21:53:12 ——– d—–w- C:\Users\Kim\AppData\Local\{E14B3D1F-EECE-4FC7-ACDD-C745513416B6}
    2012-05-26 21:53:01 ——– d—–w- C:\Users\Kim\AppData\Local\{948747CD-39A6-4CD4-81A4-726F73D5F11C}
    2012-05-26 21:13:17 ——– d—–w- C:\Users\Kim\AppData\Roaming\Nuance
    2012-05-26 21:13:17 ——– d—–w- C:\Users\Kim\AppData\Roaming\FLEXnet
    2012-05-26 19:28:07 8769696 —-a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-26 18:55:03 70304 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-26 18:55:03 419488 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-05-26 17:06:00 ——– d—–w- C:\Users\Kim\AppData\Local\{09B0C086-07ED-4329-BF07-7C82171AE0B6}
    2012-05-26 17:05:50 ——– d—–w- C:\Users\Kim\AppData\Local\{9D75CA4F-F321-462C-B4D7-6463627ABFCC}
    2012-05-26 16:54:39 ——– d—–w- C:\Users\Kim\AppData\Roaming\Zeon
    2012-05-26 16:18:27 ——– d—–w- C:\Users\Kim\AppData\Local\{7FEA1929-624B-42B4-99B0-6BB0A4E7DC08}
    2012-05-26 16:18:15 ——– d—–w- C:\Users\Kim\AppData\Local\{39987B2F-C049-4498-A3BF-1E7036922871}
    2012-05-26 11:57:56 ——– d—–w- C:\Users\Kim\AppData\Local\{4EB46134-C3D4-4DF2-95F7-F59F1E67BB69}
    2012-05-26 11:57:45 ——– d—–w- C:\Users\Kim\AppData\Local\{6274509B-7A97-461B-B1FD-B6FD8BD7A0FE}
    2012-05-26 11:52:45 ——– d—–w- C:\Windows\SysWow64\Wat
    2012-05-26 11:52:45 ——– d—–w- C:\Windows\System32\Wat
    2012-05-26 08:58:48 81408 —-a-w- C:\Windows\System32\imagehlp.dll
    2012-05-26 08:58:48 5120 —-a-w- C:\Windows\SysWow64\wmi.dll
    2012-05-26 08:58:48 5120 —-a-w- C:\Windows\System32\wmi.dll
    2012-05-26 08:58:48 23408 —-a-w- C:\Windows\System32\drivers\fs_rec.sys
    2012-05-26 08:58:48 220672 —-a-w- C:\Windows\System32\wintrust.dll
    2012-05-26 08:58:48 172544 —-a-w- C:\Windows\SysWow64\wintrust.dll
    2012-05-26 08:58:48 159232 —-a-w- C:\Windows\SysWow64\imagehlp.dll
    2012-05-26 07:58:58 498688 —-a-w- C:\Windows\System32\drivers\afd.sys
    2012-05-26 07:45:37 ——– d—–w- C:\Users\Kim\AppData\Local\{C860028F-186D-46F5-AD54-A165442F811B}
    2012-05-26 07:45:27 ——– d—–w- C:\Users\Kim\AppData\Local\{53B29970-16C3-4FFE-B75B-FA7D987CA85B}
    2012-05-26 00:22:32 ——– d—–w- C:\ProgramData\VirtualizedApplications
    2012-05-25 22:13:13 ——– d—–w- C:\Users\Kim\AppData\Local\{B74F574F-D492-47C2-BADC-B7B78DC0510C}
    2012-05-25 22:13:02 ——– d—–w- C:\Users\Kim\AppData\Local\{AECAF3BD-268A-42E7-832C-5432EBB832EC}
    2012-05-25 21:24:03 ——– d—–w- C:\Users\Kim\AppData\Local\Microsoft Games
    2012-05-25 21:21:37 ——– d—–w- C:\Users\Kim\AppData\Local\Axialis
    2012-05-25 21:18:45 ——– d—–w- C:\Users\Kim\AppData\Local\SoftGrid Client
    2012-05-25 21:18:43 ——– d—–w- C:\Users\Kim\AppData\Roaming\SoftGrid Client
    2012-05-25 21:17:55 ——– d—–w- C:\Users\Kim\AppData\Roaming\TP
    2012-05-25 21:03:00 ——– d—–w- C:\Users\Kim\AppData\Local\{C7917FC7-66F7-4BAB-8800-EB2FD11EBCB3}
    2012-05-25 21:02:49 ——– d—–w- C:\Users\Kim\AppData\Local\{FD283ADD-7AE0-412E-93C1-793BBB862751}
    2012-05-25 18:04:19 ——– d—–w- C:\Users\Kim\AppData\Local\{3761E697-3BE4-4F67-B485-FFDA0054E1DE}
    2012-05-25 18:04:09 ——– d—–w- C:\Users\Kim\AppData\Local\{BE110BFE-1ADA-4F18-8863-B7F2C9A873BE}
    2012-05-25 18:03:46 ——– d—–w- C:\Users\Kim\AppData\Roaming\ASUS WebStorage
    2012-05-25 17:28:07 ——– d—–w- C:\Users\Kim\AppData\Local\{F024FC82-0F21-432F-9DAB-6C2F9DE352F0}
    2012-05-25 15:30:12 ——– d—–w- C:\Users\Kim\AppData\Local\Windows Live
    2012-05-25 15:30:12 ——– d—–w- C:\Users\Kim\AppData\Local\{1E9BC956-D0CA-4914-A688-8F22E44101BE}
    2012-05-25 15:29:56 ——– d—–w- C:\Users\Kim\AppData\Local\{179A6D8D-CCA1-4CE8-B357-A81272E671F5}
    2012-05-25 15:28:24 ——– d—–w- C:\Users\Kim\AppData\Local\Power2Go
    2012-05-25 15:11:28 ——– d—–w- C:\Users\Kim\AppData\Roaming\Avira
    2012-05-25 15:10:36 ——– d—–w- C:\Users\Kim\Tracing
    2012-05-25 15:06:08 98848 —-a-w- C:\Windows\System32\drivers\avgntflt.sys
    2012-05-25 15:06:08 27760 —-a-w- C:\Windows\System32\drivers\avkmgr.sys
    2012-05-25 15:06:05 ——– d—–w- C:\ProgramData\Avira
    2012-05-25 15:06:05 ——– d—–w- C:\Program Files (x86)\Avira
    2012-05-25 15:01:04 826880 —-a-w- C:\Windows\SysWow64\rdpcore.dll
    2012-05-25 15:01:04 23552 —-a-w- C:\Windows\System32\drivers\tdtcp.sys
    2012-05-25 15:01:04 210944 —-a-w- C:\Windows\System32\drivers\rdpwd.sys
    2012-05-25 15:01:04 1031680 —-a-w- C:\Windows\System32\rdpcore.dll
    2012-05-25 15:01:03 9216 —-a-w- C:\Windows\System32\rdrmemptylst.exe
    2012-05-25 15:01:03 77312 —-a-w- C:\Windows\System32\rdpwsx.dll
    2012-05-25 15:01:03 149504 —-a-w- C:\Windows\System32\rdpcorekmts.dll
    .
    ==================== Find3M ====================
    .
    2012-05-27 20:20:11 45056 —-a-w- C:\Windows\SysWow64\acovcnt.exe
    2012-03-31 06:05:57 5559664 —-a-w- C:\Windows\System32
    toskrnl.exe
    2012-03-31 04:39:37 3968368 —-a-w- C:\Windows\SysWow64
    tkrnlpa.exe
    2012-03-31 04:39:37 3913072 —-a-w- C:\Windows\SysWow64
    toskrnl.exe
    2012-03-31 03:10:03 3146240 —-a-w- C:\Windows\System32\win32k.sys
    2012-03-30 11:35:47 1918320 —-a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-03-17 07:58:57 75120 —-a-w- C:\Windows\System32\drivers\partmgr.sys
    2012-03-03 06:35:38 1544704 —-a-w- C:\Windows\System32\DWrite.dll
    2012-03-03 05:31:19 1077248 —-a-w- C:\Windows\SysWow64\DWrite.dll
    .
    ============= FINISH: 11:27:37,63 ===============












  • Aha, een Asus.
    Vol met Asus crapware.

    Hou onderstaande tool in jouw Windows erbij en gebruik het 1x wekelijks voor een snelle scan (na de tool eerst geupdated te hebben).

    [b:c2e3b84ad4]Welk programma[/b:c2e3b84ad4]:
  • De inhoud van de MBAM log:

    Malwarebytes Anti-Malware 1.61.0.1400
    www.malwarebytes.org

    Databaseversie: v2012.05.28.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Kim :: KIM-PC [administrator]

    28-5-2012 12:13:37
    mbam-log-2012-05-28 (12-13-37).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 220980
    Verstreken tijd: 3 minuut/minuten, 32 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
  • Mooi zo, ik verwachtte niks anders.

    Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

    Download naar je bureaublad [b:e3f2d57970].
    [list:e3f2d57970][*:e3f2d57970] Klik/dubbelklik op [b:e3f2d57970]SecurityCheck.exe[/b:e3f2d57970] en let op de instrukties in het zwarte venster.
    [*:e3f2d57970] Een Kladblok document genaamd [b:e3f2d57970]checkup.txt[/b:e3f2d57970] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*:e3f2d57970] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:e3f2d57970]
    Post de inhoud van [b:e3f2d57970]checkup.txt [/b:e3f2d57970]in je volgende post.
  • Dit is er uit de checkup gekomen:

    Results of screen317's Security Check version 0.99.39
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 9
    [b:b0a678da28][u:b0a678da28]``````````````Antivirus/Firewall Check:``````````````[/b:b0a678da28][/u:b0a678da28]
    Avira Desktop
    Antivirus up to date! (On Access scanning [b:b0a678da28]disabled[/b:b0a678da28]!)
    [b:b0a678da28][u:b0a678da28]`````````Anti-malware/Other Utilities Check:`````````[/b:b0a678da28][/u:b0a678da28]
    Malwarebytes Anti-Malware versie 1.61.0.1400
    Mozilla Firefox (12.0)
    [b:b0a678da28][u:b0a678da28]````````Process Check: objlist.exe by Laurent````````[/b:b0a678da28][/u:b0a678da28]
    Avira Antivir avgnt.exe
    Avira Antivir avguard.exe
    [b:b0a678da28][u:b0a678da28]`````````````````System Health check`````````````````[/b:b0a678da28][/u:b0a678da28]
    Total Fragmentation on Drive C: 4%
    [b:b0a678da28]````````````````````End of Log``````````````````````[/b:b0a678da28]
  • Dat ziet er goed uit.

    Wat je eventueel kan overwegen is een andere firewall dan de Windows firewall gebruiken.

    De Windows firewall wordt via het Windows register geregeld.
    Het gevolg: malware met administratorrechten kan daardoor de firewall regels veranderen om zodoende poorten open te zetten voor communicatie met criminele servers.

    Een firewall van derden kent dit euvel niet en al eerder melding geven dat er iets contact zoekt met internet.
  • Ok, is prima, ik zal eens op zoek gaan.
    Hartstikke bedankt voor alle hulp!
  • Er zijn een aantal firewalls gratis te gebruiken.

    Mijn favoriet is de Emisoft Online Armor firewall.
    Deze installeer je als Demo-versie en 30 dagen schakelt deze automatisch naar de gratis-versie.
    Ook dan blijft o.a. de keylogger-detectie aktief.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord