Vraag & Antwoord
Nieuwe laptop, veilig?
10 antwoorden
- Ik heb een nieuwe laptop gekocht, en ik zou graag willen weten of deze veilig is, na een virus op de oude laptop.
- Hoi, doe het volgende:
[b:76031b386e]Welk programma[/b:76031b386e]: sUbs [b:76031b386e]dds[/b:76031b386e]
[b:76031b386e]Waarvoor/waarom[/b:76031b386e]: DDS is een diagnosetool en maakt gebruik van scripts.
[b:76031b386e]Moeilijkheidsgraad[/b:76031b386e]: Lees eerst goed wat te doen.
[b:76031b386e]Downloadlokatie[/b:76031b386e]: Dit programma absoluut naar het bureaublad downloaden of anders eerst daar naar toe verplaatsen!
[b:76031b386e]Download DDS[/b:76031b386e] van [b:76031b386e]sUBS[/b:76031b386e] van één van deze locaties en plaats het op je [b:76031b386e]bureaublad[/b:76031b386e]:
[b:76031b386e]DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.[/b:76031b386e]
[img:76031b386e]http://img.photobucket.com/albums/v666/sUBs/dds_scr.gif[/img:76031b386e]
[b:76031b386e]sUBs dds. gebruiken[/b:76031b386e]:
[list:76031b386e][*:76031b386e][b:76031b386e] - Dit is de DDS logfile:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Kim at 11:26:34 on 2012-05-28
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3872.2343 [GMT 2:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\FBAgent.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\FaceLogon\smartlogon.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\AsScrPro.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://co102w.col102.mail.live.com/default.aspx?n=1145786308&fid=1&fav=1&mid=80ecb0df-a510-11e1-81c8-00215ad9a7b8#n=78412849&fid=1&fav=1
uDefault_Page_URL = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mWinlogon: Userinit=userinit.exe
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
StartupFolder: C:\Users\Kim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
TCP: Interfaces\{3D11E740-0C3B-4AD4-A066-10FAE336057F} : DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{8dcb7100-df86-4384-8842-8fa844297b3f}
mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun-x64: [SonicMasterTray] C:\Program Files (x86)\ASUS\ASUS Sonic Focus\SonicFocusTray.exe
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\1hkgo6y1.default\
FF - prefs.js: browser.startup.homepage - hxxp://zwemkroniek.com/
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys –> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys –> C:\Windows\system32\DRIVERS\avkmgr.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys –> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" –> C:\Windows\system32\FBAgent.exe [?]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-9-1 1166848]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-5-25 86224]
R2 AntiVirService;Avira Realtime Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-5-25 110032]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-2-3 277120]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys –> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-6-3 134928]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-10 2253120]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys –> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-10 2656280]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys –> C:\Windows\system32\DRIVERS\AMPPAL.sys [?]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys –> C:\Windows\system32\DRIVERS\asmthub3.sys [?]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys –> C:\Windows\system32\DRIVERS\asmtxhci.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys –> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys –> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys –> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys –> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-30 149504]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys –> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-26 257696]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys –> C:\Windows\system32\DRIVERS\amppal.sys [?]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys –> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-14 1492840]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-25 129976]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-7-28 340240]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys –> C:\Windows\system32\DRIVERS\SiSG664.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys –> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys –> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\system32\Wat\WatAdminSvc.exe –> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-05-28 08:21:35 ——– d—–w- C:\Users\Kim\AppData\Local\{6D3B4705-AA34-429B-BA04-616FDBFCB631}
2012-05-28 08:21:24 ——– d—–w- C:\Users\Kim\AppData\Local\{2EAC8FC2-3EC1-4439-A600-9FFA6E3C937E}
2012-05-27 23:25:41 ——– d—–w- C:\Users\Kim\AppData\Local\{178E691C-4884-4016-9EE4-9F4050E756CC}
2012-05-27 23:25:31 ——– d—–w- C:\Users\Kim\AppData\Local\{AD8B3633-F55C-4C45-84B6-799CDAD57D33}
2012-05-27 22:25:38 ——– d—–w- C:\Users\Kim\AppData\Local\{ECA6DE57-C7A3-4216-8417-F2D2653557E2}
2012-05-27 22:25:28 ——– d—–w- C:\Users\Kim\AppData\Local\{AFD30820-7343-4B8B-A77B-50DD4D4B6BCB}
2012-05-27 22:22:51 ——– d—–w- C:\Program Files (x86)\ASM104xUSB3
2012-05-27 22:21:23 196224 —-a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2012-05-27 22:21:20 ——– d—–w- C:\ProgramData\P4G
2012-05-27 22:19:44 216704 —-a-w- C:\Program Files\Windows Sidebar\Shared Gadgets\InstantOn.gadget\InstantOnCOM.dll
2012-05-27 22:16:28 ——– d—–w- C:\Users\Kim\AppData\Local\{A408BEB8-E1DA-4C2E-8D2C-6043B94E29A0}
2012-05-27 22:16:17 ——– d—–w- C:\Users\Kim\AppData\Local\{1DDB25B1-BA98-435A-995D-56A9D99CF017}
2012-05-27 22:08:37 ——– d—–w- C:\Users\Kim\AppData\Local\{05D005E2-0A04-479A-B24D-691D31F5CDC4}
2012-05-27 22:08:26 ——– d—–w- C:\Users\Kim\AppData\Local\{6FEC8422-E775-4FBC-B67E-50C32D603F60}
2012-05-27 20:35:49 ——– d—–w- C:\Windows\PCHEALTH
2012-05-27 20:33:30 ——– d—–w- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-05-27 20:22:39 ——– d—–w- C:\Users\Kim\AppData\Local\{C8F830D6-22A6-486D-9D3F-B8FA698AC8CA}
2012-05-27 20:22:28 ——– d—–w- C:\Users\Kim\AppData\Local\{E677B099-06E9-4B4F-830E-D813B2B3A36D}
2012-05-27 18:55:43 ——– d—–w- C:\Users\Kim\AppData\Local\{743A3A1E-959C-4EA0-BA3F-B3A0CEB7D697}
2012-05-27 18:55:33 ——– d—–w- C:\Users\Kim\AppData\Local\{966D382D-9924-44F7-A159-6B0A424A40BA}
2012-05-27 15:52:32 ——– d—–w- C:\Users\Kim\AppData\Local\{467C1568-9F36-4C0A-B374-B7E432F559D9}
2012-05-27 15:52:21 ——– d—–w- C:\Users\Kim\AppData\Local\{07C79122-7CF0-486B-9B91-FEA3DAFA9B46}
2012-05-27 10:25:59 ——– d—–w- C:\Users\Kim\AppData\Local\{8AA0506D-5D39-494F-9CF7-BABE67597495}
2012-05-27 10:25:48 ——– d—–w- C:\Users\Kim\AppData\Local\{AA6E3F67-8FF3-4BCA-9379-539B2A98DCC9}
2012-05-27 10:16:58 ——– d—–w- C:\Users\Kim\AppData\Local\Microsoft Help
2012-05-27 08:31:20 ——– d—–w- C:\Users\Kim\AppData\Local\{62EB4FE6-E053-4B0A-9894-C98F22373979}
2012-05-27 08:31:10 ——– d—–w- C:\Users\Kim\AppData\Local\{7494D961-02D5-4942-ADE0-900823C6AFD4}
2012-05-26 21:53:12 ——– d—–w- C:\Users\Kim\AppData\Local\{E14B3D1F-EECE-4FC7-ACDD-C745513416B6}
2012-05-26 21:53:01 ——– d—–w- C:\Users\Kim\AppData\Local\{948747CD-39A6-4CD4-81A4-726F73D5F11C}
2012-05-26 21:13:17 ——– d—–w- C:\Users\Kim\AppData\Roaming\Nuance
2012-05-26 21:13:17 ——– d—–w- C:\Users\Kim\AppData\Roaming\FLEXnet
2012-05-26 19:28:07 8769696 —-a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-26 18:55:03 70304 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-26 18:55:03 419488 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-26 17:06:00 ——– d—–w- C:\Users\Kim\AppData\Local\{09B0C086-07ED-4329-BF07-7C82171AE0B6}
2012-05-26 17:05:50 ——– d—–w- C:\Users\Kim\AppData\Local\{9D75CA4F-F321-462C-B4D7-6463627ABFCC}
2012-05-26 16:54:39 ——– d—–w- C:\Users\Kim\AppData\Roaming\Zeon
2012-05-26 16:18:27 ——– d—–w- C:\Users\Kim\AppData\Local\{7FEA1929-624B-42B4-99B0-6BB0A4E7DC08}
2012-05-26 16:18:15 ——– d—–w- C:\Users\Kim\AppData\Local\{39987B2F-C049-4498-A3BF-1E7036922871}
2012-05-26 11:57:56 ——– d—–w- C:\Users\Kim\AppData\Local\{4EB46134-C3D4-4DF2-95F7-F59F1E67BB69}
2012-05-26 11:57:45 ——– d—–w- C:\Users\Kim\AppData\Local\{6274509B-7A97-461B-B1FD-B6FD8BD7A0FE}
2012-05-26 11:52:45 ——– d—–w- C:\Windows\SysWow64\Wat
2012-05-26 11:52:45 ——– d—–w- C:\Windows\System32\Wat
2012-05-26 08:58:48 81408 —-a-w- C:\Windows\System32\imagehlp.dll
2012-05-26 08:58:48 5120 —-a-w- C:\Windows\SysWow64\wmi.dll
2012-05-26 08:58:48 5120 —-a-w- C:\Windows\System32\wmi.dll
2012-05-26 08:58:48 23408 —-a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-05-26 08:58:48 220672 —-a-w- C:\Windows\System32\wintrust.dll
2012-05-26 08:58:48 172544 —-a-w- C:\Windows\SysWow64\wintrust.dll
2012-05-26 08:58:48 159232 —-a-w- C:\Windows\SysWow64\imagehlp.dll
2012-05-26 07:58:58 498688 —-a-w- C:\Windows\System32\drivers\afd.sys
2012-05-26 07:45:37 ——– d—–w- C:\Users\Kim\AppData\Local\{C860028F-186D-46F5-AD54-A165442F811B}
2012-05-26 07:45:27 ——– d—–w- C:\Users\Kim\AppData\Local\{53B29970-16C3-4FFE-B75B-FA7D987CA85B}
2012-05-26 00:22:32 ——– d—–w- C:\ProgramData\VirtualizedApplications
2012-05-25 22:13:13 ——– d—–w- C:\Users\Kim\AppData\Local\{B74F574F-D492-47C2-BADC-B7B78DC0510C}
2012-05-25 22:13:02 ——– d—–w- C:\Users\Kim\AppData\Local\{AECAF3BD-268A-42E7-832C-5432EBB832EC}
2012-05-25 21:24:03 ——– d—–w- C:\Users\Kim\AppData\Local\Microsoft Games
2012-05-25 21:21:37 ——– d—–w- C:\Users\Kim\AppData\Local\Axialis
2012-05-25 21:18:45 ——– d—–w- C:\Users\Kim\AppData\Local\SoftGrid Client
2012-05-25 21:18:43 ——– d—–w- C:\Users\Kim\AppData\Roaming\SoftGrid Client
2012-05-25 21:17:55 ——– d—–w- C:\Users\Kim\AppData\Roaming\TP
2012-05-25 21:03:00 ——– d—–w- C:\Users\Kim\AppData\Local\{C7917FC7-66F7-4BAB-8800-EB2FD11EBCB3}
2012-05-25 21:02:49 ——– d—–w- C:\Users\Kim\AppData\Local\{FD283ADD-7AE0-412E-93C1-793BBB862751}
2012-05-25 18:04:19 ——– d—–w- C:\Users\Kim\AppData\Local\{3761E697-3BE4-4F67-B485-FFDA0054E1DE}
2012-05-25 18:04:09 ——– d—–w- C:\Users\Kim\AppData\Local\{BE110BFE-1ADA-4F18-8863-B7F2C9A873BE}
2012-05-25 18:03:46 ——– d—–w- C:\Users\Kim\AppData\Roaming\ASUS WebStorage
2012-05-25 17:28:07 ——– d—–w- C:\Users\Kim\AppData\Local\{F024FC82-0F21-432F-9DAB-6C2F9DE352F0}
2012-05-25 15:30:12 ——– d—–w- C:\Users\Kim\AppData\Local\Windows Live
2012-05-25 15:30:12 ——– d—–w- C:\Users\Kim\AppData\Local\{1E9BC956-D0CA-4914-A688-8F22E44101BE}
2012-05-25 15:29:56 ——– d—–w- C:\Users\Kim\AppData\Local\{179A6D8D-CCA1-4CE8-B357-A81272E671F5}
2012-05-25 15:28:24 ——– d—–w- C:\Users\Kim\AppData\Local\Power2Go
2012-05-25 15:11:28 ——– d—–w- C:\Users\Kim\AppData\Roaming\Avira
2012-05-25 15:10:36 ——– d—–w- C:\Users\Kim\Tracing
2012-05-25 15:06:08 98848 —-a-w- C:\Windows\System32\drivers\avgntflt.sys
2012-05-25 15:06:08 27760 —-a-w- C:\Windows\System32\drivers\avkmgr.sys
2012-05-25 15:06:05 ——– d—–w- C:\ProgramData\Avira
2012-05-25 15:06:05 ——– d—–w- C:\Program Files (x86)\Avira
2012-05-25 15:01:04 826880 —-a-w- C:\Windows\SysWow64\rdpcore.dll
2012-05-25 15:01:04 23552 —-a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-05-25 15:01:04 210944 —-a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-05-25 15:01:04 1031680 —-a-w- C:\Windows\System32\rdpcore.dll
2012-05-25 15:01:03 9216 —-a-w- C:\Windows\System32\rdrmemptylst.exe
2012-05-25 15:01:03 77312 —-a-w- C:\Windows\System32\rdpwsx.dll
2012-05-25 15:01:03 149504 —-a-w- C:\Windows\System32\rdpcorekmts.dll
.
==================== Find3M ====================
.
2012-05-27 20:20:11 45056 —-a-w- C:\Windows\SysWow64\acovcnt.exe
2012-03-31 06:05:57 5559664 —-a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 —-a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 —-a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 —-a-w- C:\Windows\System32\win32k.sys
2012-03-30 11:35:47 1918320 —-a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-17 07:58:57 75120 —-a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-03 06:35:38 1544704 —-a-w- C:\Windows\System32\DWrite.dll
2012-03-03 05:31:19 1077248 —-a-w- C:\Windows\SysWow64\DWrite.dll
.
============= FINISH: 11:27:37,63 =============== - Aha, een Asus.
Vol met Asus crapware.
Hou onderstaande tool in jouw Windows erbij en gebruik het 1x wekelijks voor een snelle scan (na de tool eerst geupdated te hebben).
[b:c2e3b84ad4]Welk programma[/b:c2e3b84ad4]: - De inhoud van de MBAM log:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Databaseversie: v2012.05.28.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kim :: KIM-PC [administrator]
28-5-2012 12:13:37
mbam-log-2012-05-28 (12-13-37).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 220980
Verstreken tijd: 3 minuut/minuten, 32 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde) - Mooi zo, ik verwachtte niks anders.
Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.
Download naar je bureaublad [b:e3f2d57970].
[list:e3f2d57970][*:e3f2d57970] Klik/dubbelklik op [b:e3f2d57970]SecurityCheck.exe[/b:e3f2d57970] en let op de instrukties in het zwarte venster.
[*:e3f2d57970] Een Kladblok document genaamd [b:e3f2d57970]checkup.txt[/b:e3f2d57970] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
[*:e3f2d57970] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:e3f2d57970]
Post de inhoud van [b:e3f2d57970]checkup.txt [/b:e3f2d57970]in je volgende post. - Dit is er uit de checkup gekomen:
Results of screen317's Security Check version 0.99.39
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
[b:b0a678da28][u:b0a678da28]``````````````Antivirus/Firewall Check:``````````````[/b:b0a678da28][/u:b0a678da28]
Avira Desktop
Antivirus up to date! (On Access scanning [b:b0a678da28]disabled[/b:b0a678da28]!)
[b:b0a678da28][u:b0a678da28]`````````Anti-malware/Other Utilities Check:`````````[/b:b0a678da28][/u:b0a678da28]
Malwarebytes Anti-Malware versie 1.61.0.1400
Mozilla Firefox (12.0)
[b:b0a678da28][u:b0a678da28]````````Process Check: objlist.exe by Laurent````````[/b:b0a678da28][/u:b0a678da28]
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
[b:b0a678da28][u:b0a678da28]`````````````````System Health check`````````````````[/b:b0a678da28][/u:b0a678da28]
Total Fragmentation on Drive C: 4%
[b:b0a678da28]````````````````````End of Log``````````````````````[/b:b0a678da28] - Dat ziet er goed uit.
Wat je eventueel kan overwegen is een andere firewall dan de Windows firewall gebruiken.
De Windows firewall wordt via het Windows register geregeld.
Het gevolg: malware met administratorrechten kan daardoor de firewall regels veranderen om zodoende poorten open te zetten voor communicatie met criminele servers.
Een firewall van derden kent dit euvel niet en al eerder melding geven dat er iets contact zoekt met internet. - Ok, is prima, ik zal eens op zoek gaan.
Hartstikke bedankt voor alle hulp! - Er zijn een aantal firewalls gratis te gebruiken.
Mijn favoriet is de Emisoft Online Armor firewall.
Deze installeer je als Demo-versie en 30 dagen schakelt deze automatisch naar de gratis-versie.
Ook dan blijft o.a. de keylogger-detectie aktief.
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.
Gerelateerde vragen
- URL zonder extensie wil niet helemaal lukken
- https verbinding met ssl in owncloud
- afspelen met audacity werkt niet goed
- Computer!Totaal-forum maakt plaats voor v&a-module
- computer start soms niet op
- Pro show gold 4 overgangen tussen tekstdia's
- wie kan mij meer vertellen over een Gigabyte GA-B85M-HD3
- Windows Tijdelijke bestanden