Vraag & Antwoord

Beveiliging & privacy

pc aanmelden voor onderzoek

Anoniem
Margreet57
60 antwoorden
  • Als ik goed gekeken heb bij Apparaatbeheer is het een:
    ATIRadeon HD 5400 series.
    Daar stond hij onder Beeldschermadapters.
  • Ja, idd, ik kijk nog wel es wat video's. Niet alleen van mn kleinzoon maar ook wel es via ComputerIdee.
  • Ja en nee, dat hangt af van de applikaties die je draait.
    Grafische applikaties zijn inderdaad afhankelijk van het type videokaart.
  • Uh….zijn er nog verdere stappen die ik moet ondernemen?
  • Tja, wat dat betreft pleeg ik niet echt n aanslag op de kaart: kwa spelletjes ben ik niet echt n 'gamer'. Meer spelletjes als: patience, bejewelled, collapse, mahjong..ach, en dat was het dan wel zo'n beetje.
    En verder de normale zoals Office, Nero…enzo.
  • Dan blijft wat dat betreft die kaart voldoen.
    Ook voor videokijken is 'ie natuurlijk belangrijk.
  • Hallo mensen,
    Ik weet niet of dit het goede topic is maar ik wou graag een pc voor onderzoek aanmelden. Kan dat?
    Groetenissen,
    Margreet.
  • Hoi Margreet:

  • Okee, hier is dan het log van AdwCleaner:

    # AdwCleaner v2.100 - Verslag gemaakt op 10/12/2012 om 20:35:05
    # Geactualiseerd op 09/12/2012 door Xplode
    # Besturingssysteem : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Gebruiker : Margreet - MARGREET-PC
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Margreet\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****


    ***** [Files / Mappen] *****

    Map Verwijdert : C:\Program Files (x86)\Application Updater
    Map Verwijdert : C:\Program Files (x86)\Common Files\spigot
    Map Verwijdert : C:\Users\Margreet\AppData\Roaming\yourfiledownloader

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\APN PIP
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\Softonic
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\PIP
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16455

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

    File : C:\Users\Margreet\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    File : C:\Users\Byron\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S2].txt - [1495 octets] - [10/12/2012 20:35:05]

    ########## EOF - C:\AdwCleaner[S2].txt - [1555 octets] ##########
  • En dit is de DDS logtekst:

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
    Run by Margreet at 20:43:59 on 2012-12-10
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.4095.2682 [GMT 1:00]
    .
    AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ESET Persoonlijke firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Users\Margreet\AppData\Local\CrossLoop\CrossLoopService.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\OO Software\Defrag\oodag.exe
    C:\Program Files (x86)\Secunia\PSI\sua.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\OO Software\Defrag\oodtray.exe
    C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
    C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Windows\Samsung\PanelMgr\SSMMgr.exe
    C:\Windows\Samsung\PanelMgr\caller64.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.nl/
    mWinlogon: Userinit = userinit.exe,
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
    mRun: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
    mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
    mRun: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:3
    IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    TCP: NameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    TCP: Interfaces\{683B5A40-ECD6-4F55-9A61-6D1F4257D2D1} : DHCPNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
    x64-Run: [Acronis Scheduler2Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
    x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2011-8-4 62496]
    R0 mv61xx;mv61xx;C:\Windows\System32\drivers\mv61xx.sys [2009-5-11 178728]
    R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-11-28 72240]
    R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-11-28 15920]
    R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2012-5-12 1263200]
    R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2011-8-4 38288]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-12 140672]
    R2 afcdpsrv;Acronis Nonstop Backup-service ;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-5-12 3246040]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-4-6 236544]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
    R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
    R2 CrossLoopService;CrossLoop Service;C:\Users\Margreet\AppData\Local\CrossLoop\CrossLoopService.exe [2012-10-16 569072]
    R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944]
    R2 OODefragAgent;O&O Defrag;C:\Program Files\OO Software\Defrag\oodag.exe [2010-6-21 2532680]
    R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-9-24 656480]
    R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2012-5-13 11576]
    R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-5-12 285280]
    R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-11 46136]
    R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-2-23 95760]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-11 239616]
    R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-5-15 1327520]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2011-12-16 17976]
    S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-10 19456]
    S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-9-24 1328736]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-10 57856]
    S3 tvnserver;TightVNC Server;C:\Users\Margreet\AppData\Local\CrossLoop\tvnserver.exe [2012-10-16 814080]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2012-12-10 17:42:59 340992 —-a-w- C:\Windows\System32\schannel.dll
    2012-12-10 17:42:58 96768 —-a-w- C:\Windows\SysWow64\sspicli.dll
    2012-12-10 17:42:58 458712 —-a-w- C:\Windows\System32\drivers\cng.sys
    2012-12-10 17:42:58 307200 —-a-w- C:\Windows\System32\ncrypt.dll
    2012-12-10 17:42:58 247808 —-a-w- C:\Windows\SysWow64\schannel.dll
    2012-12-10 17:42:58 220160 —-a-w- C:\Windows\SysWow64\ncrypt.dll
    2012-12-10 17:42:58 22016 —-a-w- C:\Windows\SysWow64\secur32.dll
    2012-12-10 17:42:58 154480 —-a-w- C:\Windows\System32\drivers\ksecpkg.sys
    2012-12-10 17:42:58 1448448 —-a-w- C:\Windows\System32\lsasrv.dll
    2012-12-10 11:59:32 ——– d—–w- C:\Users\Margreet\AppData\Local\AdFender
    2012-12-10 11:59:32 ——– d—–w- C:\ProgramData\AdFender
    2012-12-10 11:59:32 ——– d—–w- C:\Program Files (x86)\AdFender
    2012-12-10 11:57:14 ——– d—–w- C:\Users\Margreet\AppData\Local\Secunia PSI
    2012-12-10 11:57:04 ——– d—–w- C:\Program Files (x86)\Secunia
    2012-12-10 11:03:03 ——– d—–w- C:\Users\Margreet\AppData\Local\{6A4264F5-5105-4B32-A9BD-7C15CA9D991F}
    2012-12-09 12:27:16 ——– d—–w- C:\Users\Margreet\AppData\Local\{9A665E3A-8952-4BE4-9C83-B812520253FB}
    2012-12-08 11:15:18 ——– d—–w- C:\Users\Margreet\AppData\Local\{54D4CF7A-43B0-486D-83ED-0E4DC2F8F957}
    2012-12-07 12:26:06 9125352 —-a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D97D4092-E877-42ED-AB2D-355F8B33CE12}\mpengine.dll
    2012-12-07 12:23:38 ——– d—–w- C:\Users\Margreet\AppData\Local\{BA52DBFF-9368-4C45-BD85-CD1A57A7CD57}
    2012-12-06 11:51:07 ——– d—–w- C:\Users\Margreet\AppData\Local\{927BFDF8-CDEC-42F7-B602-033C66580F4C}
    2012-12-05 11:16:40 ——– d—–w- C:\Users\Margreet\AppData\Local\{FBB8D4B1-2C16-4D41-ADE2-11D37A58577D}
    2012-12-04 10:41:20 ——– d—–w- C:\Users\Margreet\AppData\Local\{9F6C6E61-9C01-4FC1-8863-8B22EE7F23C6}
    2012-12-03 09:21:18 ——– d—–w- C:\Users\Margreet\AppData\Local\{8A3E2AEA-4778-49BB-AD02-352DC723EA19}
    2012-12-02 20:38:08 ——– d—–w- C:\Users\Margreet\AppData\Local\{E5D240C8-ECD3-41D2-AC71-E52DD1E864BD}
    2012-12-02 10:49:22 ——– d—–w- C:\Program Files (x86)\MSXML 4.0
    2012-12-02 07:33:36 ——– d—–w- C:\Users\Margreet\AppData\Local\{F6BA043D-1EB2-40B0-BE6B-BAA8035F3898}
    2012-12-02 07:17:38 ——– d—–w- C:\Users\Margreet\AppData\Local\PSU
    2012-12-02 07:16:52 73728 —-a-w- C:\Windows\System32\ssdevm64.dll
    2012-12-02 07:16:52 701440 —-a-w- C:\Windows\SysWow64\msxml2.dll
    2012-12-02 07:16:52 57344 —-a-w- C:\Windows\SysWow64\ssdevm.dll
    2012-12-02 07:16:52 49152 —-a-w- C:\Windows\SysWow64\ssusbpn.dll
    2012-12-02 07:16:52 471040 —-a-w- C:\Windows\ssndii.exe
    2012-12-02 07:16:52 47104 —-a-w- C:\Windows\System32\ssusbp64.dll
    2012-12-02 07:16:52 44544 —-a-w- C:\Windows\SysWow64\msxml4a.dll
    2012-12-02 07:16:52 38160 —-a-w- C:\Windows\SysWow64\msxml2r.dll
    2012-12-02 07:16:52 21776 —-a-w- C:\Windows\SysWow64\msxml2a.dll
    2012-12-02 07:16:50 ——– d—–w- C:\Windows\Samsung
    2012-12-01 16:15:08 ——– d—–w- C:\Users\Margreet\AppData\Local\{DB099405-08B6-4550-BA8F-845341A97981}
    2012-12-01 16:06:47 ——– d—–w- C:\Program Files (x86)\SAMSUNG
    2012-12-01 16:06:44 ——– d—–w- C:\Temp
    2012-11-30 09:42:36 ——– d—–w- C:\Users\Margreet\AppData\Local\{5F9E7A8F-A371-49BA-9999-800C96F35029}
    2012-11-29 10:36:07 ——– d—–w- C:\Users\Margreet\AppData\Local\{219D1E61-8197-44D7-BB04-A4AD0DDB38D1}
    2012-11-28 21:36:23 15920 —-a-w- C:\Windows\System32\drivers\NBVolUp.sys
    2012-11-28 21:36:22 72240 —-a-w- C:\Windows\System32\drivers\NBVol.sys
    2012-11-28 11:26:10 ——– d—–w- C:\Users\Margreet\AppData\Local\{E8E3DAB4-89D3-4F52-9723-6416D9495176}
    2012-11-27 11:02:11 ——– d—–w- C:\Users\Margreet\AppData\Local\{C0E8E32B-A59A-4E7F-AEA8-DB9C5BF3209D}
    2012-11-25 18:27:13 ——– d—–w- C:\Users\Margreet\AppData\Local\{64E5A780-78A0-4771-AE42-925FA1820B3A}
    2012-11-24 13:12:09 ——– d—–w- C:\Users\Margreet\AppData\Local\{2EF6DFDA-F7A7-465C-A84E-D9F39733EBBA}
    2012-11-23 23:26:31 ——– d—–w- C:\Users\Margreet\AppData\Local\{4D032FE1-3DF0-4960-95A1-32307AEB51FB}
    2012-11-23 09:54:56 ——– d—–w- C:\Users\Margreet\AppData\Local\{40E0387C-CE0E-4EC2-AC3E-E5D8EDF4051E}
    2012-11-22 13:15:35 ——– d—–w- C:\Users\Margreet\AppData\Local\{ECDB7B74-58AD-43A1-8B8E-3A79EBC19051}
    2012-11-21 19:49:24 ——– d—–w- C:\Users\Margreet\AppData\Local\{B3555451-3330-457C-A196-C8C1E7F46E61}
    2012-11-21 13:14:59 ——– d—–w- C:\Users\Margreet\AppData\Local\{D67705AA-CFB0-4B68-A53E-6CA172E9A8B6}
    2012-11-20 21:59:24 ——– d—–w- C:\Users\Margreet\AppData\Local\{43B35854-5755-4E3B-A216-B42B4BB84B56}
    2012-11-20 09:54:25 ——– d—–w- C:\Users\Margreet\AppData\Local\{0711803E-C8AF-46D2-B872-05F88AB66703}
    2012-11-19 11:07:43 ——– d—–w- C:\Users\Margreet\AppData\Local\{652E2D22-3B57-44D4-A020-A816022E8402}
    2012-11-18 12:55:00 ——– d—–w- C:\Users\Margreet\AppData\Local\{15658385-0350-4B42-AFB5-691C76C2B822}
    2012-11-16 21:24:37 ——– d—–w- C:\Program Files\Media Preview
    2012-11-16 16:13:22 ——– d—–w- C:\Users\Margreet\AppData\Local\{C499B761-F7D9-427C-A953-CBF3C429B7FA}
    2012-11-15 19:47:39 ——– d—–w- C:\Users\Margreet\AppData\Local\{9BC94501-748D-4E7E-8B76-03DFFAE5495F}
    2012-11-14 23:36:16 ——– d—–w- C:\Users\Margreet\AppData\Local\{A266ED80-EFD2-480A-AC0D-90D2389F099F}
    2012-11-14 11:33:03 ——– d—–w- C:\Users\Margreet\AppData\Local\{3610DE01-4820-41D5-B7AA-FC07259848E3}
    2012-11-13 21:09:53 ——– d—–w- C:\Users\Margreet\AppData\Local\{FBCDB52E-90BC-4E78-BBAF-355AC5349537}
    2012-11-13 19:54:56 2560 —-a-w- C:\Windows\System32\drivers\nl-NL\wdf01000.sys.mui
    2012-11-13 19:54:55 9728 —-a-w- C:\Windows\System32\Wdfres.dll
    2012-11-13 19:54:55 785512 —-a-w- C:\Windows\System32\drivers\Wdf01000.sys
    2012-11-13 19:54:55 54376 —-a-w- C:\Windows\System32\drivers\WdfLdr.sys
    2012-11-13 19:47:38 87040 —-a-w- C:\Windows\System32\drivers\WUDFPf.sys
    2012-11-13 19:47:38 198656 —-a-w- C:\Windows\System32\drivers\WUDFRd.sys
    2012-11-13 19:47:37 84992 —-a-w- C:\Windows\System32\WUDFSvc.dll
    2012-11-13 19:47:37 744448 —-a-w- C:\Windows\System32\WUDFx.dll
    2012-11-13 19:47:37 45056 —-a-w- C:\Windows\System32\WUDFCoinstaller.dll
    2012-11-13 19:47:37 229888 —-a-w- C:\Windows\System32\WUDFHost.exe
    2012-11-13 19:47:37 194048 —-a-w- C:\Windows\System32\WUDFPlatform.dll
    2012-11-12 20:56:56 ——– d—–w- C:\Users\Margreet\AppData\Local\{9805A5FF-8A84-4AC5-B160-BE2D3CD37AE5}
    2012-11-11 21:33:10 ——– d—–w- C:\Users\Margreet\AppData\Local\{F7D287F9-722A-4907-B38F-4CFB6A222792}
    2012-11-11 21:32:41 ——– d—–w- C:\Users\Margreet\AppData\Local\{C42AFD24-89EA-4723-B2DF-28509865ED11}
    .
    ==================== Find3M ====================
    .
    2012-11-11 19:56:00 73656 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-11-11 19:56:00 697272 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-10-18 18:25:58 3149824 —-a-w- C:\Windows\System32\win32k.sys
    2012-10-16 08:38:37 135168 —-a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38:34 350208 —-a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39:52 561664 —-a-w- C:\Windows\apppatch\AcLayers.dll
    2012-10-09 18:17:13 55296 —-a-w- C:\Windows\System32\dhcpcsvc6.dll
    2012-10-09 18:17:13 226816 —-a-w- C:\Windows\System32\dhcpcore6.dll
    2012-10-09 17:40:31 44032 —-a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40:31 193536 —-a-w- C:\Windows\SysWow64\dhcpcore6.dll
    2012-10-08 11:31:03 2312704 —-a-w- C:\Windows\System32\jscript9.dll
    2012-10-08 11:23:52 1392128 —-a-w- C:\Windows\System32\wininet.dll
    2012-10-08 11:22:55 1494528 —-a-w- C:\Windows\System32\inetcpl.cpl
    2012-10-08 11:18:22 173056 —-a-w- C:\Windows\System32\ieUnatt.exe
    2012-10-08 11:17:35 599040 —-a-w- C:\Windows\System32\vbscript.dll
    2012-10-08 11:13:33 2382848 —-a-w- C:\Windows\System32\mshtml.tlb
    2012-10-08 07:56:24 1800704 —-a-w- C:\Windows\SysWow64\jscript9.dll
    2012-10-08 07:48:03 1129472 —-a-w- C:\Windows\SysWow64\wininet.dll
    2012-10-08 07:47:44 1427968 —-a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-10-08 07:44:05 142848 —-a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-10-08 07:43:21 420864 —-a-w- C:\Windows\SysWow64\vbscript.dll
    2012-10-08 07:40:56 2382848 —-a-w- C:\Windows\SysWow64\mshtml.tlb
    2012-10-03 17:56:54 1914248 —-a-w- C:\Windows\System32\drivers\tcpip.sys
    2012-10-03 17:44:21 70656 —-a-w- C:\Windows\System32\nlaapi.dll
    2012-10-03 17:44:21 303104 —-a-w- C:\Windows\System32\nlasvc.dll
    2012-10-03 17:44:17 246272 —-a-w- C:\Windows\System32\netcorehc.dll
    2012-10-03 17:44:17 18944 —-a-w- C:\Windows\System32\netevent.dll
    2012-10-03 17:44:16 216576 —-a-w- C:\Windows\System32\ncsi.dll
    2012-10-03 17:42:16 569344 —-a-w- C:\Windows\System32\iphlpsvc.dll
    2012-10-03 16:42:24 18944 —-a-w- C:\Windows\SysWow64\netevent.dll
    2012-10-03 16:42:24 175104 —-a-w- C:\Windows\SysWow64\netcorehc.dll
    2012-10-03 16:42:23 156672 —-a-w- C:\Windows\SysWow64\ncsi.dll
    2012-10-03 16:07:26 45568 —-a-w- C:\Windows\System32\drivers\tcpipreg.sys
    2012-09-29 17:54:26 25928 —-a-w- C:\Windows\System32\drivers\mbam.sys
    2012-09-25 22:47:43 78336 —-a-w- C:\Windows\SysWow64\synceng.dll
    2012-09-25 22:46:17 95744 —-a-w- C:\Windows\System32\synceng.dll
    2012-09-24 21:16:33 95208 —-a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2012-09-22 11:19:26 131584 —-a-w- C:\Windows\SysWow64\SpoonUninstall.exe
    2012-09-14 19:19:29 2048 —-a-w- C:\Windows\System32\tzres.dll
    2012-09-14 18:28:53 2048 —-a-w- C:\Windows\SysWow64\tzres.dll
    2009-08-11 15:48:44 777320 —-a-w- C:\Program Files (x86)\Setup.exe
    2009-01-23 12:55:36 184320 —-a-w- C:\Program Files (x86)\SecSNMP.dll
    2006-09-01 16:05:22 4218880 —-a-w- C:\Program Files (x86)\Ssres.dll
    .
    ============= FINISH: 20:44:13,49 ===============
  • Tja…weer een nieuwe vorm van besmetting? Ze worden steeds slimmer…zucht.
    Als ik het goed begrijp is een wrapper het schil van de appel die je juist niet wil hebben…., wel de appel zelf.
    Geen wonder dat Eset soms protesteert bij Softonic, en ook vaak bij Toggle.
    Ik heb zo'n donkerbruin vermoeden dat een hoop mensen dit niet weten.
  • Ga naar http://support.amd.com/us/gpudownload/windows/Pages/radeonaiw_vista64.aspx#1 en download de 184MB grote driver voor de videokaart.

    Na de download ga je naar [b:23028c822e]
  • Zo, die is geïnstalleerd.
    Ik had er nog een driver staan van 11-5-2012.
    Uh…kan snelheid een hoop te maken hebben met de videokaart?
  • Je hebt WinSysClean nog niet in deze machine gezet?
    Wel doen hoor.

    [b:69f96bf1e1]Welk programma[/b:69f96bf1e1]:
  • Ik ga ff WinSysClean installeren en..
    Okee, hier is dan het ComboFixLog:

    [hjt]
    combofix 12-12-10.01 - margreet 10-12-2012 22:29:29.1.4 - x64
    microsoft windows 7 ultimate 6.1.7601.1.1252.31.1043.18.4095.2560 [b:e915b4fcbc][gmt 1:00][/b:e915b4fcbc]
    gestart vanuit:
  • Is het misschien ook verstandig om WinSysClean ook op mn andere pc te installeren?
    Sorry maar dit wist ik niet….
  • Gewoon doen inderdaad.

    [b:58cc38d626]Welk programma[/b:58cc38d626]:
  • Tja…en ik dacht dat deze pc 'schoon' was :cry:

    Emsisoft Emergency Kit - Versie 3.0
    Laatste Update: 11-12-2012 12:36:45

    Scaninstellingen:

    Scantype: Diepe scan
    Objecten: Rootkits, Geheugen, Sporen, C:\, D:\

    Detecteer riskware: Uit
    Scan archieven: Aan
    ADS Scan: Aan
    Bestandsextensiefilter: Uit
    Geavanceerde cache: Aan
    Directe schijftoegang: Uit

    Scan gestart: 11-12-2012 12:37:02

    C:\Windows\AutoKMS\AutoKMS.exe Ontdekt: Trojan.Generic.6325903 (B)

    Gescand 498820
    Gevonden 1

    Scan geëindigd: 11-12-2012 15:12:55
    Scantijd: 2:35:53

    C:\Windows\AutoKMS\AutoKMS.exe Verwijderd Trojan.Generic.6325903 (B)

    Verwijderd 1
  • ff Bij de weg:
    Heb het logboek van eset boven es bekeken en wat mij daarbij opviel was een heleboel besmetting via de site van Softonic. Ook dus met net verwijderde trojan. Heb dus ook Softonic geblokkeerd in mijn browser.
  • Softonic geruikt wrappers.
    Je denkt software te downloaden maar krijgt een wrapper.
    Die wrapper installeert vervolgens de bedoelde software en tevens (na onderzoek van jouw Windows) ook zonder jouw weten vervelende dingen, zoals de Abylon toolbar enz.

    Meer info over die wrappers vindt je hier: https://www.emsisoft.com/en/kb/articles/tec120224/

    [b:ef3ef0b6af]Welk programma[/b:ef3ef0b6af]:

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.