Vraag & Antwoord

Beveiliging & privacy

Help, mijn laptop is erg traag

14 antwoorden
  • Hallo, Sinds enige tijd is mijn laptop heel traag geworden. Hij draait onder Windows 7, en ik voer regelmatig windows update uit. Mijn antivirus programma is Bitdefender internet security 2011. Symptomen zijn: -lang opstarten -cpu gebruik tussen 80 en 100% -internet browser (firefox) start traag en reageert traag -Adobe Reader X reageert vaak niet -..... :( Kan iemand mij helpen?
  • Hallo Jan, dat moeten we dan maar eens onderzoeken. [b:51b60ddbaa]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:51b60ddbaa] [color=Blue:51b60ddbaa][list:51b60ddbaa][*:51b60ddbaa]Lees alle instrukties goed door. [*:51b60ddbaa]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:51b60ddbaa]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:51b60ddbaa]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:51b60ddbaa]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:51b60ddbaa]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:51b60ddbaa][/color:51b60ddbaa] [color=#FF0000:51b60ddbaa][b:51b60ddbaa]Stap •1•[/b:51b60ddbaa][/color:51b60ddbaa] [b:51b60ddbaa]Welk programma[/b:51b60ddbaa]: Trend Micro [b:51b60ddbaa]Hijack This Versie 2.0.4[/b:51b60ddbaa] [b:51b60ddbaa]Waarvoor/waarom[/b:51b60ddbaa]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:51b60ddbaa]Moeilijkheidsgraad[/b:51b60ddbaa]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:51b60ddbaa]Download[/b:51b60ddbaa] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:51b60ddbaa]HijackThis Installer[/b:51b60ddbaa][/url] [b:51b60ddbaa]Installatie[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:51b60ddbaa] Gebruikers van [b:51b60ddbaa]Windows Vista[/b:51b60ddbaa] en [b:51b60ddbaa]Windows 7[/b:51b60ddbaa] gaan daarna naar de installatielokatie van HijackThis. [list:51b60ddbaa][*:51b60ddbaa]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:51b60ddbaa]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:51b60ddbaa]Als laatste wordt dan nog op [b:51b60ddbaa]Toepassen[/b:51b60ddbaa] en [b:51b60ddbaa]OK[/b:51b60ddbaa] geklikt[/list:u:51b60ddbaa] [b:51b60ddbaa]Hijack This gebruiken[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa]Sluit eerst alle openstaande programma's en de webbrowsers. [*:51b60ddbaa]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:51b60ddbaa][*:51b60ddbaa]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:51b60ddbaa] [*:51b60ddbaa]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:51b60ddbaa]Kopieer en plak de inhoud van het Hijack This-logfile in je aansluitende bericht. [*:51b60ddbaa]Hierna mag je Hijack This weer sluiten[/list:u:51b60ddbaa] [color=#FF0000:51b60ddbaa][b:51b60ddbaa]Stap •2•[/b:51b60ddbaa][/color:51b60ddbaa] [b:51b60ddbaa]Welk programma[/b:51b60ddbaa]: Microsoft Safety Scanner [b:51b60ddbaa]Waarvoor/waarom[/b:51b60ddbaa]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:51b60ddbaa]Moeilijkheidsgraad[/b:51b60ddbaa]: geen. [quote:51b60ddbaa]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:51b60ddbaa] Dowload de [b:51b60ddbaa]Microsoft Safety Scanner [/b:51b60ddbaa][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:51b60ddbaa]Scannen[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:51b60ddbaa]Het scannen duurt wel even, dus wees geduldig.[/list:u:51b60ddbaa] [color=#FF0000:51b60ddbaa][b:51b60ddbaa]Stap •3•[/b:51b60ddbaa][/color:51b60ddbaa] [b:51b60ddbaa]Welk programma[/b:51b60ddbaa]: Malwarebytes MBAM [b:51b60ddbaa]Waarvoor/waarom[/b:51b60ddbaa]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:51b60ddbaa]Moeilijkheidsgraad[/b:51b60ddbaa]: geen. [b:51b60ddbaa]Download Malwarebytes MBAM via één van deze locaties[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:51b60ddbaa]Download.com[/b:51b60ddbaa][/url] [*:51b60ddbaa][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:51b60ddbaa]Softpedia.com[/b:51b60ddbaa][/url][*:51b60ddbaa][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:51b60ddbaa]Majorgeeks.com[/b:51b60ddbaa][/url][/list:u:51b60ddbaa] [b:51b60ddbaa]Allereerst[/b:51b60ddbaa]:[list:51b60ddbaa][*:51b60ddbaa] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:51b60ddbaa] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:51b60ddbaa] [b:51b60ddbaa]Malwarebytes MBAM opstarten[/b:51b60ddbaa]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:51b60ddbaa][*:51b60ddbaa][b:51b60ddbaa]Let op:[/b:51b60ddbaa] [list:51b60ddbaa][*:51b60ddbaa]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:51b60ddbaa]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:51b60ddbaa]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:51b60ddbaa]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:51b60ddbaa][/list:u:51b60ddbaa] [img:51b60ddbaa]http://img30.imageshack.us/img30/3928/mbam2.png[/img:51b60ddbaa] [list:51b60ddbaa][*:51b60ddbaa][b:51b60ddbaa]Doe ook nog het volgende:[/b:51b60ddbaa] [list:51b60ddbaa][*:51b60ddbaa]Zodra het programma gestart is, ga dan naar het tabblad "[b:51b60ddbaa]Instellingen[/b:51b60ddbaa]". [*:51b60ddbaa]Vink hier aan: "[b:51b60ddbaa]Sluit Internet Explorer tijdens verwijdering van malware[/b:51b60ddbaa]".[/list:u:51b60ddbaa][/list:u:51b60ddbaa] [b:51b60ddbaa]Scannen[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:51b60ddbaa]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:51b60ddbaa]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:51b60ddbaa] [b:51b60ddbaa]Infecties gevonden[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa]Klik nu eerst op OK om de melding weg te klikken [*:51b60ddbaa]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:51b60ddbaa]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:51b60ddbaa]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:51b60ddbaa]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:51b60ddbaa]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:51b60ddbaa] [b:51b60ddbaa]MBAM-Log[/b:51b60ddbaa]: [list:51b60ddbaa][*:51b60ddbaa] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:51b60ddbaa] [b:51b60ddbaa]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:51b60ddbaa] [color=#FF0000:51b60ddbaa][b:51b60ddbaa]Stap •4•[/b:51b60ddbaa][/color:51b60ddbaa] [b:51b60ddbaa]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:51b60ddbaa] [list:51b60ddbaa][*:51b60ddbaa] een nieuw Hijackthis-log [*:51b60ddbaa] MBAM scanlog[/list:u:51b60ddbaa] Tevens een Uninstall-lijst posten: [list:51b60ddbaa][*:51b60ddbaa] start HijackThis, [*:51b60ddbaa] klik op de knop Open the Misc Tools section, [*:51b60ddbaa] klik op de knop Open Uninstall Manager, [*:51b60ddbaa] Klik op de knop Save.[/list:u:51b60ddbaa]
  • Dag Abraham, Hier komen de logbestanden: ********************************************************* Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:52:49, on 13-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Nuance\PDF Professional 6\bin\PDFDirect.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe C:\Windows\system32\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Nuance PDF Professional 6-reminder] "C:\Program Files\Nuance\PDF Professional 6\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Professional 6\Ereg\Ereg.ini" O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe" O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe" O4 - HKLM\..\Run: [MaxBlastMonitor.exe] C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Inhoud van geselecteerde koppelingen toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML O8 - Extra context menu item: Koppelingsinhoud toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O8 - Extra context menu item: Openen in PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm O8 - Extra context menu item: Openen met Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_dut.dll /100 O8 - Extra context menu item: PDF-bestand maken - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-bestand maken van koppelingsinhoud - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML O8 - Extra context menu item: PDF-bestanden maken van geselecteerde koppelingen - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Comodo Online Storage Service (COSService.exe) - Unknown owner - C:\Program Files\COMODO\COMODO BackUp\COSService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe O23 - Service: Comodo BackUp Service (SynchronizationService.exe) - Unknown owner - C:\Program Files\COMODO\COMODO BackUp\SynchronizationService.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe (file missing) -- End of file - 14027 bytes **************************************************** Microsoft Safety Scanner heeft niets ontdekt **************************************************** Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Databaseversie: 7457 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 13-8-2011 23:12:01 mbam-log-2011-08-13 (23-12-01).txt Scantype: Snelle scan Objecten gescand: 178887 Verstreken tijd: 7 minuut/minuten, 54 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ************************************************ Acronis True Image Home Adobe AIR Adobe AIR Adobe Community Help Adobe Community Help Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop Elements 9 Adobe Photoshop Lightroom 3.4.1 Adobe Reader X (10.1.0) - Nederlands Adobe Shockwave Player 11.5 Adult PDF Password Recovery v2.3.0 Advertising Center Akamai NetSession Interface Allway Sync version 11.3.11 Apple Application Support Apple Mobile Device Support Apple Software Update ArcSoft PhotoStudio 5.5 Audacity 1.3.12 (Unicode) Belgium e-ID middleware 3.5.4 (build 6535) BitDefender Internet Security 2011 BitDefender Internet Security 2011 Bonjour CCleaner CloneCD COMODO BackUp Core FTP LE 2.1 Corel Painter Photo Essentials 4 Corel Painter Photo Essentials 4 Corel PaintShop Photo Pro X3 Corel PaintShop Photo Pro X3 Cropper D3DX10 Definition update for Microsoft Office 2010 (KB982726) devolo dLAN Configuration Wizard devolo Informer Distortion Control Data DIYPhotoBits.com Camera Control 5.2 DVD-CLONER V7.20 Build 993 DVD-to-MPEG 4.50 Build 809 Elements 9 Organizer Elements STI Installer ENE CIR Receiver Driver ESET Online Scanner v3 Feedback Tool Feedback Tool Free Mp3 Wma Converter V 1.7.3 Freemake Video Converter version 2.1.3 GanttProject HiJackThis HP 3D DriveGuard ICA IntraOffice 5.3 Web Browser Plug-In Iomega Discovery Tool Home IPM_PSP_Pro iTunes IZArc 4.1.2 Java(TM) 6 Update 26 Java(TM) SE Runtime Environment 6 Update 1 JMicron Flash Media Controller Driver LAME v3.98.3 for Audacity LiveUpdate 3.2 (Symantec Corporation) Malwarebytes' Anti-Malware versie 1.51.1.1800 Maxtor MaxBlast Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Web Platform Installer 2.0 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 5.0 (x86 nl) MP3 Skype Recorder Mp3tag v2.48 MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Nero 9 Lite Nero ControlCenter Nero Installer Nero Online Upgrade Nero StartSmart neroxml Nikon File Uploader 2 Nikon Message Center Nikon Message Center 2 Nikon RAW Codec Nikon Transfer Nuance PDF Professional 6 OGA Notifier 2.0.0048.0 OpenMG Limited Patch 4.7-07-14-05-01 OpenMG Secure Module 4.7.00 PaintShop Photo Pro X3 Registration Incentive pdfforge Toolbar v1.1.2 Personal Ancestral File 5 Personal Ancestral File Companion 5.5 Picasa 3 Picture Control Utility PIXresizer 1.0.9 PSPPContent PSPPRO_DCRAW QuickTime Quintessential Media Player Realtek USB 2.0 Card Reader Samsung ML-1510_700 Series ScanSoft PaperPort 11 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Setup SiteUp Skype™ 5.3 SonicStage 4.3 Spector Photo Software Spybot - Search & Destroy Synaptics Pointing Device Driver TeamViewer 6 TMPGEnc DVD Author 1.6 TMPGEnc Plus 2.5 TomTom HOME 2.7.6.2056 TomTom HOME Visual Studio Merge Modules TouchFreeze Unlocker 1.8.9 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2010 (KB2494150) ViewNX 2 VirtualCloneDrive Visual C++ 8.0 ATL (x86) WinSXS MSM Visual C++ 8.0 CRT (x86) WinSXS MSM Vuze Vuze_Remote Toolbar Windows Driver Package - Fedict SmartCard (12/08/2009 4.0.0.2) Windows Live Communications Platform Windows Live Essentials Windows Live Essentials Windows Live Family Safety Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Messenger Windows Live Movie Maker Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Common Windows Live Photo Gallery Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Windows Live Writer Windows Live Writer Resources Windows Media Encoder 9 Series Windows Media Encoder 9 Series Windows Media Player Firefox Plugin XMind Youtube Downloader HD v. 2.2 **************************************************** Alvast bedankt voor je hulp!
  • Hoi Jan, je log ziet er ook goed. Maar we gaan door: [color=#FF0000:51a910de2f][b:51a910de2f]Stap •1•[/b:51a910de2f][/color:51a910de2f] [b:51a910de2f]Welk programma[/b:51a910de2f]: "aswMBR.exe' [b:51a910de2f]Waarvoor/waarom[/b:51a910de2f]: MBR-Rootkitscanner [b:51a910de2f]Moeilijkheidsgraad[/b:51a910de2f]: geen [b:51a910de2f]Downloadlokatie[/b:51a910de2f]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:51a910de2f]Download[/b:51a910de2f] [b:51a910de2f]aswMBR.exe[/b:51a910de2f] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:51a910de2f]hier[/b:51a910de2f][/url]. [b:51a910de2f]aswMBR.exe gebruiken[/b:51a910de2f]: [list:51a910de2f][*:51a910de2f]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:51a910de2f]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:51a910de2f]Als Administrator uitvoeren[/b:51a910de2f].[/list:u:51a910de2f] [img:51a910de2f]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:51a910de2f] [list:51a910de2f][*:51a910de2f] Klik nu in het zwarte scherm op de knop [b:51a910de2f]Scan[/b:51a910de2f] [*:51a910de2f] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:51a910de2f]Save log[/b:51a910de2f][/list:u:51a910de2f] [img:51a910de2f]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:51a910de2f] [list:51a910de2f][*:51a910de2f] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:51a910de2f] Tevens vindt je nu op het bureaublad ook het bestand [b:51a910de2f]MBR.dat[/b:51a910de2f]! [*:51a910de2f] [b:51a910de2f]MBR.dat[/b:51a910de2f] is een backupbestand, bewaar dat dus voorlopig. [*:51a910de2f] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:51a910de2f]aswMBR.txt[/b:51a910de2f] [*:51a910de2f] Post de inhoud van [b:51a910de2f]aswMBR.txt[/b:51a910de2f] in jouw volgende bericht.[/list:u:51a910de2f] [color=#FF0000:51a910de2f][b:51a910de2f]Stap •2•[/b:51a910de2f][/color:51a910de2f] [[b:51a910de2f]Welk programma[/b:51a910de2f]: Kaspersky [b:51a910de2f]TDSSKiller[/b:51a910de2f] [b:51a910de2f]Waarvoor/waarom[/b:51a910de2f]: Rootkitscanner [b:51a910de2f]Moeilijkheidsgraad[/b:51a910de2f]: geen [b:51a910de2f]Downloadlokatie[/b:51a910de2f]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:51a910de2f]Download[/b:51a910de2f] [b:51a910de2f]TDSSKiller[/b:51a910de2f] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:51a910de2f]hier[/b:51a910de2f][/url]. [b:51a910de2f]Installatie[/b:51a910de2f]: [list:51a910de2f][*:51a910de2f] pak het bestand uit op je bureaublad.[/list:u:51a910de2f] [b:51a910de2f]TDSSKiller gebruiken[/b:51a910de2f]: [list:51a910de2f][*:51a910de2f]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:51a910de2f]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:51a910de2f]Als Administrator uitvoeren[/b:51a910de2f]. [*:51a910de2f]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:51a910de2f] [img:51a910de2f]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:51a910de2f] [list:51a910de2f][*:51a910de2f]Klik vervolgens op de knop [b:51a910de2f]"Start Scan"[/b:51a910de2f] en volg de instructies. [*:51a910de2f] Nadat de scan klaar is klik je op de knop [b:51a910de2f]"Report"[/b:51a910de2f]. [*:51a910de2f]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:51a910de2f][*:51a910de2f][b:51a910de2f]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:51a910de2f] [*:51a910de2f]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:51a910de2f]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:51a910de2f][/list:u:51a910de2f][/list:u:51a910de2f] [color=#FF0000:51a910de2f][b:51a910de2f]Stap •3•[/b:51a910de2f][/color:51a910de2f] [b:51a910de2f]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:51a910de2f] [list:51a910de2f][*:51a910de2f] aswMBR.txt-log [*:51a910de2f] TDSSKiller-log [/list:u:51a910de2f]
  • Dag Abraham, Hier komen de twee logjes: ******************************************* aswMBR version 0.9.8.978 Copyright(c) 2011 AVAST Software Run date: 2011-08-14 10:11:43 ----------------------------- 10:11:43.997 OS Version: Windows 6.1.7601 Service Pack 1 10:11:43.997 Number of processors: 2 586 0x301 10:11:43.997 ComputerName: JAN-PC UserName: Jan 10:11:46.540 Initialize success 10:12:14.029 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 10:12:14.045 Disk 0 Vendor: WDC_WD5000BEVT-60ZAT1 02.01A02 Size: 476940MB BusType: 11 10:12:16.088 Disk 0 MBR read successfully 10:12:16.088 Disk 0 MBR scan 10:12:16.104 Disk 0 unknown MBR code 10:12:16.104 Disk 0 scanning sectors +976768065 10:12:16.166 Disk 0 scanning C:\Windows\system32\drivers 10:12:34.700 Service scanning 10:12:36.978 Modules scanning 10:12:53.312 Disk 0 trace - called modules: 10:12:53.328 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys 10:12:53.328 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c07458] 10:12:53.328 3 CLASSPNP.SYS[8b99a59e] -> nt!IofCallDriver -> [0x86c0b020] 10:12:53.328 5 hpdskflt.sys[8bdeff92] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x86ab5030] 10:12:53.328 Scan finished successfully 10:13:32.190 Disk 0 MBR has been saved successfully to "C:\Users\Jan\Desktop\MBR.dat" 10:13:32.206 The log file has been saved successfully to "C:\Users\Jan\Desktop\aswMBR.txt" ********************************************************** 2011/08/14 10:15:08.0660 4316 TDSS rootkit removing tool 2.5.15.0 Aug 11 2011 16:32:13 2011/08/14 10:15:09.0456 4316 ================================================================================ 2011/08/14 10:15:09.0456 4316 SystemInfo: 2011/08/14 10:15:09.0456 4316 2011/08/14 10:15:09.0456 4316 OS Version: 6.1.7601 ServicePack: 1.0 2011/08/14 10:15:09.0456 4316 Product type: Workstation 2011/08/14 10:15:09.0456 4316 ComputerName: JAN-PC 2011/08/14 10:15:09.0456 4316 UserName: Jan 2011/08/14 10:15:09.0456 4316 Windows directory: C:\Windows 2011/08/14 10:15:09.0456 4316 System windows directory: C:\Windows 2011/08/14 10:15:09.0456 4316 Processor architecture: Intel x86 2011/08/14 10:15:09.0456 4316 Number of processors: 2 2011/08/14 10:15:09.0456 4316 Page size: 0x1000 2011/08/14 10:15:09.0456 4316 Boot type: Normal boot 2011/08/14 10:15:09.0456 4316 ================================================================================ 2011/08/14 10:15:10.0751 4316 Initialize success 2011/08/14 10:15:18.0566 3608 ================================================================================ 2011/08/14 10:15:18.0566 3608 Scan started 2011/08/14 10:15:18.0566 3608 Mode: Manual; 2011/08/14 10:15:18.0566 3608 ================================================================================ 2011/08/14 10:15:19.0705 3608 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 2011/08/14 10:15:19.0830 3608 Accelerometer (cc1f1d3d70dc13c2c281488d347d4415) C:\Windows\system32\DRIVERS\Accelerometer.sys 2011/08/14 10:15:19.0923 3608 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 2011/08/14 10:15:20.0001 3608 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 2011/08/14 10:15:20.0142 3608 ACSSCR (0ab32085b453d12991462a035bb92e92) C:\Windows\system32\DRIVERS\a38usb.sys 2011/08/14 10:15:20.0376 3608 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/08/14 10:15:20.0454 3608 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/08/14 10:15:20.0501 3608 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/08/14 10:15:20.0610 3608 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 2011/08/14 10:15:20.0688 3608 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 2011/08/14 10:15:20.0766 3608 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/08/14 10:15:20.0937 3608 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 2011/08/14 10:15:21.0062 3608 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 2011/08/14 10:15:21.0125 3608 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 2011/08/14 10:15:21.0187 3608 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/08/14 10:15:21.0218 3608 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/08/14 10:15:21.0296 3608 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 2011/08/14 10:15:21.0327 3608 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/08/14 10:15:21.0359 3608 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 2011/08/14 10:15:21.0421 3608 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 2011/08/14 10:15:21.0608 3608 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/08/14 10:15:21.0655 3608 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/08/14 10:15:21.0702 3608 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/14 10:15:21.0764 3608 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 2011/08/14 10:15:21.0842 3608 athr (8a6f60baa4660bcfa1919e29e89acf89) C:\Windows\system32\DRIVERS\athr.sys 2011/08/14 10:15:22.0029 3608 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/08/14 10:15:22.0482 3608 avc3 (d5fb1ab93fd6c42b0ea1929995e9de51) C:\Windows\system32\DRIVERS\avc3.sys 2011/08/14 10:15:22.0794 3608 avckf (04fe75e4ecbe2c964735f7f4503f40d2) C:\Windows\system32\DRIVERS\avckf.sys 2011/08/14 10:15:22.0919 3608 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/08/14 10:15:23.0012 3608 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/08/14 10:15:23.0184 3608 BDFM (8d4efc5c378bffe34c298c92f37d3b14) C:\Windows\system32\DRIVERS\bdfm.sys 2011/08/14 10:15:23.0387 3608 Bdfndisf (817fc12bc93a70b0449ebefaa4d6f4d2) c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys 2011/08/14 10:15:23.0558 3608 bdfsfltr (4c44d82e372a87b3cb439a7f14cfef03) C:\Windows\system32\DRIVERS\bdfsfltr.sys 2011/08/14 10:15:23.0745 3608 bdfwfpf (f16b1b98871a44192c0364a23b57ff35) C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys 2011/08/14 10:15:23.0933 3608 bdisk (1810f6e56b7f5df8f9834380f035bdb4) C:\Windows\system32\drivers\bdisk.sys 2011/08/14 10:15:24.0120 3608 bdselfpr (b6c3cb5978d91eabf405709fb0f0dbe9) C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys 2011/08/14 10:15:24.0261 3608 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/08/14 10:15:24.0355 3608 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/08/14 10:15:24.0433 3608 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/14 10:15:24.0464 3608 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/08/14 10:15:24.0511 3608 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/08/14 10:15:24.0589 3608 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/08/14 10:15:24.0651 3608 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/08/14 10:15:24.0682 3608 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/08/14 10:15:24.0714 3608 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/08/14 10:15:24.0745 3608 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/08/14 10:15:24.0838 3608 CBUfs (d05098f05c6fa5a28139c3dd68722417) C:\Windows\system32\drivers\CBUFS.sys 2011/08/14 10:15:24.0901 3608 cbvd (c07e95e6a73b3c8af024e6b8e4216d9d) C:\Windows\system32\DRIVERS\cbvd.sys 2011/08/14 10:15:24.0963 3608 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/14 10:15:25.0057 3608 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 2011/08/14 10:15:25.0166 3608 CDRPDACC (30b37c18e1725eb9f25039e9a1fb9b7e) C:\Program Files\Quintessential Media Player\cdrpdacc.sys 2011/08/14 10:15:25.0322 3608 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/08/14 10:15:25.0384 3608 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/08/14 10:15:25.0478 3608 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/14 10:15:25.0525 3608 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 2011/08/14 10:15:25.0587 3608 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/08/14 10:15:25.0665 3608 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/14 10:15:25.0712 3608 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 2011/08/14 10:15:25.0790 3608 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/08/14 10:15:25.0837 3608 dc3d (33e7ab50f87f97abd9057205e27cb182) C:\Windows\system32\DRIVERS\dc3d.sys 2011/08/14 10:15:25.0930 3608 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 2011/08/14 10:15:25.0993 3608 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/08/14 10:15:26.0040 3608 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/08/14 10:15:26.0118 3608 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/08/14 10:15:26.0211 3608 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/14 10:15:26.0383 3608 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/08/14 10:15:26.0632 3608 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys 2011/08/14 10:15:26.0726 3608 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys 2011/08/14 10:15:26.0804 3608 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/08/14 10:15:26.0882 3608 enecir (f13c945115b8a8c7c4427d5925f88f23) C:\Windows\system32\DRIVERS\enecir.sys 2011/08/14 10:15:26.0960 3608 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 2011/08/14 10:15:27.0022 3608 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/08/14 10:15:27.0038 3608 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/08/14 10:15:27.0085 3608 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/14 10:15:27.0163 3608 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/08/14 10:15:27.0178 3608 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/08/14 10:15:27.0210 3608 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/14 10:15:27.0241 3608 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/08/14 10:15:27.0303 3608 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/08/14 10:15:27.0366 3608 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 2011/08/14 10:15:27.0412 3608 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/14 10:15:27.0475 3608 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 2011/08/14 10:15:27.0537 3608 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/08/14 10:15:27.0615 3608 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 2011/08/14 10:15:27.0740 3608 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/08/14 10:15:27.0912 3608 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 2011/08/14 10:15:27.0974 3608 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 2011/08/14 10:15:28.0005 3608 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/08/14 10:15:28.0036 3608 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/08/14 10:15:28.0083 3608 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/08/14 10:15:28.0146 3608 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 2011/08/14 10:15:28.0208 3608 hpdskflt (4ef10b866c62abbeaf7511cdd05a19be) C:\Windows\system32\DRIVERS\hpdskflt.sys 2011/08/14 10:15:28.0286 3608 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 2011/08/14 10:15:28.0348 3608 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 2011/08/14 10:15:28.0411 3608 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 2011/08/14 10:15:28.0473 3608 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 2011/08/14 10:15:28.0551 3608 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 2011/08/14 10:15:28.0598 3608 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/08/14 10:15:28.0676 3608 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 2011/08/14 10:15:28.0738 3608 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/14 10:15:28.0770 3608 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/14 10:15:28.0832 3608 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 2011/08/14 10:15:28.0863 3608 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/08/14 10:15:28.0926 3608 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/08/14 10:15:28.0972 3608 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 2011/08/14 10:15:29.0035 3608 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 2011/08/14 10:15:29.0097 3608 JMCR (65da9fa42c0972fe5b9b7d6047f06f4c) C:\Windows\system32\DRIVERS\jmcr.sys 2011/08/14 10:15:29.0191 3608 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 2011/08/14 10:15:29.0253 3608 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 2011/08/14 10:15:29.0316 3608 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/14 10:15:29.0378 3608 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 2011/08/14 10:15:29.0472 3608 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/14 10:15:29.0534 3608 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/08/14 10:15:29.0596 3608 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/08/14 10:15:29.0643 3608 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/08/14 10:15:29.0674 3608 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/08/14 10:15:29.0721 3608 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/08/14 10:15:29.0768 3608 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/08/14 10:15:29.0799 3608 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/08/14 10:15:29.0877 3608 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/08/14 10:15:29.0924 3608 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/14 10:15:30.0002 3608 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys 2011/08/14 10:15:30.0049 3608 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/14 10:15:30.0111 3608 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 2011/08/14 10:15:30.0174 3608 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 2011/08/14 10:15:30.0220 3608 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/14 10:15:30.0267 3608 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 2011/08/14 10:15:30.0345 3608 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/14 10:15:30.0423 3608 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/14 10:15:30.0470 3608 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/14 10:15:30.0517 3608 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 2011/08/14 10:15:30.0610 3608 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 2011/08/14 10:15:30.0704 3608 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/08/14 10:15:30.0735 3608 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/08/14 10:15:30.0751 3608 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 2011/08/14 10:15:30.0813 3608 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/14 10:15:30.0844 3608 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/14 10:15:30.0891 3608 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/08/14 10:15:30.0907 3608 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/08/14 10:15:30.0969 3608 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 2011/08/14 10:15:31.0047 3608 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/08/14 10:15:31.0094 3608 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/08/14 10:15:31.0125 3608 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/08/14 10:15:31.0172 3608 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/14 10:15:31.0234 3608 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 2011/08/14 10:15:31.0312 3608 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/08/14 10:15:31.0375 3608 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/14 10:15:31.0453 3608 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/14 10:15:31.0515 3608 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/14 10:15:31.0562 3608 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 2011/08/14 10:15:31.0640 3608 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/14 10:15:31.0718 3608 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/14 10:15:31.0796 3608 NETMDUSB (986acdece933131288f1957dc359865f) C:\Windows\system32\Drivers\NETMDUSB.sys 2011/08/14 10:15:31.0858 3608 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/08/14 10:15:31.0890 3608 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/08/14 10:15:31.0936 3608 NPF_devolo (75ac610a7481cb1f343dc971249bcb19) C:\Windows\system32\drivers\npf_devolo.sys 2011/08/14 10:15:31.0968 3608 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/14 10:15:32.0046 3608 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 2011/08/14 10:15:32.0108 3608 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys 2011/08/14 10:15:32.0155 3608 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/08/14 10:15:32.0217 3608 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 2011/08/14 10:15:32.0295 3608 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 2011/08/14 10:15:32.0342 3608 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 2011/08/14 10:15:32.0404 3608 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 2011/08/14 10:15:32.0498 3608 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/08/14 10:15:32.0592 3608 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 2011/08/14 10:15:32.0654 3608 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/08/14 10:15:32.0716 3608 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 2011/08/14 10:15:32.0748 3608 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 2011/08/14 10:15:32.0779 3608 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/08/14 10:15:32.0841 3608 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 2011/08/14 10:15:32.0982 3608 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/08/14 10:15:33.0153 3608 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/08/14 10:15:33.0418 3608 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/14 10:15:33.0481 3608 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/08/14 10:15:33.0543 3608 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/14 10:15:33.0637 3608 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys 2011/08/14 10:15:33.0730 3608 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/08/14 10:15:33.0808 3608 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/08/14 10:15:33.0871 3608 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/14 10:15:33.0886 3608 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/14 10:15:33.0933 3608 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/08/14 10:15:33.0980 3608 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/14 10:15:34.0027 3608 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/14 10:15:34.0058 3608 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/14 10:15:34.0120 3608 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/14 10:15:34.0152 3608 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/08/14 10:15:34.0183 3608 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/14 10:15:34.0230 3608 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/14 10:15:34.0261 3608 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/08/14 10:15:34.0323 3608 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 2011/08/14 10:15:34.0386 3608 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 2011/08/14 10:15:34.0479 3608 reparse (d7f332831df9455b9871769916783f88) C:\Windows\system32\DRIVERS\cbreparse.sys 2011/08/14 10:15:34.0588 3608 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys 2011/08/14 10:15:34.0682 3608 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/14 10:15:34.0744 3608 RTL8167 (3983cea05bb855351d75f5482b6c42ce) C:\Windows\system32\DRIVERS\Rt86win7.sys 2011/08/14 10:15:34.0822 3608 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 2011/08/14 10:15:34.0916 3608 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 2011/08/14 10:15:35.0025 3608 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/14 10:15:35.0072 3608 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/08/14 10:15:35.0119 3608 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/08/14 10:15:35.0166 3608 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/08/14 10:15:35.0259 3608 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 2011/08/14 10:15:35.0290 3608 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/14 10:15:35.0322 3608 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/14 10:15:35.0368 3608 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/08/14 10:15:35.0415 3608 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 2011/08/14 10:15:35.0462 3608 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/08/14 10:15:35.0493 3608 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/08/14 10:15:35.0524 3608 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/08/14 10:15:35.0680 3608 snapman380 (5ce1cf27620b144e212d407cdb14d339) C:\Windows\system32\DRIVERS\snman380.sys 2011/08/14 10:15:35.0758 3608 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/08/14 10:15:35.0852 3608 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 2011/08/14 10:15:35.0899 3608 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/14 10:15:35.0930 3608 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/14 10:15:35.0992 3608 SSPORT (ef3458337d7341a05169cefc73709264) C:\Windows\system32\Drivers\SSPORT.sys 2011/08/14 10:15:36.0055 3608 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/08/14 10:15:36.0102 3608 STHDA (dadb74bf26766757dbba9c5912969ebf) C:\Windows\system32\DRIVERS\stwrt.sys 2011/08/14 10:15:36.0164 3608 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 2011/08/14 10:15:36.0258 3608 symsnap (d3218867afdf74d7ab76a3911b4544a2) C:\Windows\system32\DRIVERS\symsnap.sys 2011/08/14 10:15:36.0336 3608 SynTP (067cb9d745407a8c1b26e89a6a2ce152) C:\Windows\system32\DRIVERS\SynTP.sys 2011/08/14 10:15:36.0476 3608 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\drivers\tcpip.sys 2011/08/14 10:15:36.0648 3608 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/14 10:15:36.0741 3608 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/14 10:15:36.0804 3608 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 2011/08/14 10:15:36.0897 3608 tdrpman174 (d953f161177dab3c8440844a9ab6e5a2) C:\Windows\system32\DRIVERS\tdrpm174.sys 2011/08/14 10:15:36.0991 3608 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 2011/08/14 10:15:37.0053 3608 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/14 10:15:37.0116 3608 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 2011/08/14 10:15:37.0178 3608 tifsfilter (6dcb8ddb481cd3c40fa68593723b4d89) C:\Windows\system32\DRIVERS\tifsfilt.sys 2011/08/14 10:15:37.0225 3608 timounter (394fc70b88b7958fa85798bbc76d140a) C:\Windows\system32\DRIVERS\timntr.sys 2011/08/14 10:15:37.0459 3608 Trufos (29c497fc09c655b7bafcfafb6e76b8eb) C:\Windows\system32\DRIVERS\Trufos.sys 2011/08/14 10:15:37.0537 3608 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/14 10:15:37.0646 3608 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 2011/08/14 10:15:37.0724 3608 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/14 10:15:37.0786 3608 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/08/14 10:15:37.0849 3608 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/14 10:15:37.0942 3608 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/14 10:15:37.0989 3608 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 2011/08/14 10:15:38.0052 3608 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/08/14 10:15:38.0286 3608 UnlockerDriver5 (d0cb75386d9e89c864d808d64ec9160f) C:\Program Files\Unlocker\UnlockerDriver5.sys 2011/08/14 10:15:38.0521 3608 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys 2011/08/14 10:15:38.0614 3608 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/14 10:15:38.0661 3608 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 2011/08/14 10:15:38.0677 3608 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/14 10:15:38.0739 3608 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/14 10:15:38.0786 3608 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys 2011/08/14 10:15:38.0833 3608 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/14 10:15:39.0067 3608 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 2011/08/14 10:15:39.0129 3608 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/14 10:15:39.0176 3608 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/14 10:15:39.0254 3608 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 2011/08/14 10:15:39.0316 3608 v2imount (1747e022b76bc248795b0aedecccf96f) C:\Windows\system32\DRIVERS\v2imount.sys 2011/08/14 10:15:39.0410 3608 VBoxNetAdp (3d4b1f1f81ef8813348c01081f8b2a17) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 2011/08/14 10:15:39.0519 3608 VBoxUSB (de4297ddcaf4b37a7f2e0a6002796e50) C:\Windows\system32\Drivers\VBoxUSB.sys 2011/08/14 10:15:39.0597 3608 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys 2011/08/14 10:15:39.0722 3608 vdbus (1e6af66da5f4949abcba77a0f19cf7af) C:\Windows\system32\DRIVERS\vdbus.sys 2011/08/14 10:15:39.0831 3608 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 2011/08/14 10:15:39.0878 3608 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/14 10:15:39.0909 3608 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/08/14 10:15:39.0956 3608 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 2011/08/14 10:15:39.0987 3608 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 2011/08/14 10:15:40.0018 3608 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/08/14 10:15:40.0049 3608 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 2011/08/14 10:15:40.0096 3608 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 2011/08/14 10:15:40.0127 3608 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/08/14 10:15:40.0159 3608 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 2011/08/14 10:15:40.0205 3608 VProEventMonitor (e78781b2c86c92a0a738df566460f716) C:\Windows\system32\DRIVERS\vproeventmonitor.sys 2011/08/14 10:15:40.0268 3608 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/08/14 10:15:40.0361 3608 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/08/14 10:15:40.0408 3608 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/08/14 10:15:40.0455 3608 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys 2011/08/14 10:15:40.0517 3608 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/08/14 10:15:40.0595 3608 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/14 10:15:40.0627 3608 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/14 10:15:40.0689 3608 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/08/14 10:15:40.0736 3608 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/14 10:15:40.0829 3608 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/08/14 10:15:40.0876 3608 WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/08/14 10:15:40.0923 3608 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/08/14 10:15:41.0048 3608 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys 2011/08/14 10:15:41.0126 3608 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/14 10:15:41.0188 3608 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/14 10:15:41.0266 3608 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 2011/08/14 10:15:41.0344 3608 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/14 10:15:41.0453 3608 MBR (0x1B8) (d1ad4c53eadd115593e05fa56d6b9dea) \Device\Harddisk0\DR0 2011/08/14 10:15:41.0531 3608 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1 2011/08/14 10:15:41.0578 3608 Boot (0x1200) (57d6ad305588c31995e2321a6de74cc4) \Device\Harddisk0\DR0\Partition0 2011/08/14 10:15:41.0594 3608 Boot (0x1200) (74fd31337dbb347ed36a0a5e3a98b193) \Device\Harddisk0\DR0\Partition1 2011/08/14 10:15:41.0609 3608 Boot (0x1200) (825d8114d8c860e52384312aa5959c38) \Device\Harddisk1\DR1\Partition0 2011/08/14 10:15:41.0625 3608 ================================================================================ 2011/08/14 10:15:41.0625 3608 Scan finished 2011/08/14 10:15:41.0625 3608 ================================================================================ 2011/08/14 10:15:41.0641 5344 Detected object count: 0 2011/08/14 10:15:41.0641 5344 Actual detected object count: 0 ****************************************** Ik ben ondertussen ook op de webpagina van P aan het zoeken. Daar schrijft men dat als de laptop traag en lawaaierig wordt, dit ook aan stof kan liggen. Deze zou met perslucht verwijderd kunnen worden. Ik ga dit dinsdag een proberen; Wie weet. Ik hoor graag van je
  • Hoi Jan - hoe oud is jouw notebook dan al? Stof vertraagd Windows normaal gesproken niet, eerder zal dat kenbaar worden door het plotseling afsluiten en weer opstarten van Windows - vanwege een thermisch conflict. Maar een perslucht behandeling kan geen geen kwaad - vergeet dan niet de de ventilatieopeningen aan de onderzijde van je notebook - daar wordt de lucht aangezogen. En jij mag ondertussen ook het volgende doen: [b:ea6a143c3c]Welk programma[/b:ea6a143c3c]: ComboFix [b:ea6a143c3c]Waarvoor/waarom[/b:ea6a143c3c]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en zo mogelijk op te schonen. [b:ea6a143c3c]Moeilijkheidsgraad[/b:ea6a143c3c]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed. [b:ea6a143c3c]Downloadlokatie[/b:ea6a143c3c]: Dit programma absoluut naar het bureaublad downloaden! [b:ea6a143c3c]Download ComboFix via één van deze locaties[/b:ea6a143c3c]: [list:ea6a143c3c][*:ea6a143c3c][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:ea6a143c3c]Bleepingcomputer[/b:ea6a143c3c][/url] [*:ea6a143c3c][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:ea6a143c3c]ForoSpyware[/b:ea6a143c3c][/url] [*:ea6a143c3c][url=http://subs.geekstogo.com/ComboFix.exe][b:ea6a143c3c]Geekstogo[/b:ea6a143c3c][/url][/list:u:ea6a143c3c] [url=http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden][b:ea6a143c3c]Hier[/b:ea6a143c3c][/url] zie je hoe je ComboFix moet gebruiken. Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn! [url=http://www.bleepingcomputer.com/forums/topic114351.html][b:ea6a143c3c]Hier[/b:ea6a143c3c][/url] en [url=http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html][b:ea6a143c3c]hier[/b:ea6a143c3c][/url] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren. [b:ea6a143c3c]Voor alle duidelijkheid nogmaals[/b:ea6a143c3c]: ComboFix dient vanaf het bureaublad gestart te worden. [b:ea6a143c3c]Opmerkingen[/b:ea6a143c3c]: [list:ea6a143c3c][*:ea6a143c3c] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist). [*:ea6a143c3c]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten. [*:ea6a143c3c]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:ea6a143c3c] [b:ea6a143c3c]ComboFix is opgestart[/b:ea6a143c3c]: [list:ea6a143c3c][*:ea6a143c3c]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"! [*:ea6a143c3c]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen! [*:ea6a143c3c]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal. [*:ea6a143c3c]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken. [*:ea6a143c3c]Post de inhoud van dit logbestand in je volgende bericht. [*:ea6a143c3c]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:ea6a143c3c] [b:ea6a143c3c]Belangrijke opmerking[/b:ea6a143c3c]: [list:ea6a143c3c][*:ea6a143c3c][b:ea6a143c3c][color=Red:ea6a143c3c]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:ea6a143c3c][/b:ea6a143c3c] [*:ea6a143c3c][b:ea6a143c3c][color=blue:ea6a143c3c]Illegal operation attempted on a registery key that has been marked for deletion.[/color:ea6a143c3c][/b:ea6a143c3c] [*:ea6a143c3c][b:ea6a143c3c][color=Red:ea6a143c3c]Start dan de computer opnieuw op.[/color:ea6a143c3c][/b:ea6a143c3c][/list:u:ea6a143c3c]
  • Nou Abraham, dat was een "zware bevalling". Mijn laptop is zo'n 2 jaar oud. hier komt het logje: *********************** ComboFix 11-08-14.02 - Jan 14-08-2011 11:28:12.4.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1033.18.3070.1719 [GMT 2:00] Gestart vanuit: c:\users\Jan\Desktop\ComboFix.exe AV: BitDefender Antivirus *Disabled/Updated* {50909708-FF80-02AF-F814-B28405891E92} FW: BitDefender Firewall *Enabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9} SP: BitDefender Antispyware *Disabled/Updated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Jan\AppData\Roaming\inst.exe c:\windows\system32\spool\prtprocs\w32x86\BiCProNT.dll c:\windows\system32\spool\prtprocs\w32x86\BiMProNT.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2011-07-14 to 2011-08-14 )))))))))))))))))))))))))))))) . . 2011-08-14 11:18 . 2011-08-14 11:27 -------- d-----w- c:\users\Jan\AppData\Local\temp 2011-08-14 11:18 . 2011-08-14 11:18 -------- d-----w- c:\users\Public\AppData\Local\temp 2011-08-14 11:18 . 2011-08-14 11:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-13 20:47 . 2011-08-13 20:47 388096 ----a-r- c:\users\Jan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-13 13:31 . 2011-07-22 03:00 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll 2011-08-13 13:31 . 2011-07-22 02:46 194048 ----a-w- c:\program files\Internet Explorer\IEShims.dll 2011-08-13 13:31 . 2011-07-22 02:54 1797632 ----a-w- c:\windows\system32\jscript9.dll 2011-08-13 12:24 . 2011-06-21 05:34 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-08-09 16:12 . 2011-07-19 11:18 158000 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2011-08-09 16:10 . 2011-07-19 11:18 93488 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2011-08-09 16:10 . 2011-08-09 16:10 -------- d-----w- c:\program files\Oracle 2011-08-09 11:58 . 2011-08-09 11:58 -------- d-----w- c:\program files\ESET 2011-08-09 11:43 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-08-09 11:43 . 2011-08-09 11:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-08-09 11:43 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-06 16:47 . 2011-08-06 16:47 -------- d-----w- c:\users\Jan\dwhelper 2011-08-04 07:24 . 2011-08-04 07:24 -------- d-----w- c:\users\Jan\AppData\Roaming\Comodo 2011-08-03 14:35 . 2011-08-03 14:35 -------- d-----w- c:\users\Jan\Backups 2011-07-23 10:51 . 2011-07-23 10:51 -------- d-----w- c:\program files\COMODO 2011-07-20 16:18 . 2011-07-20 16:18 -------- d-----w- c:\program files\Quintessential Player 2011-07-20 16:18 . 2011-07-20 16:46 -------- d-----w- c:\program files\Quintessential Media Player 2011-07-19 11:18 . 2011-07-19 11:18 104752 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2011-07-19 11:18 . 2011-07-19 11:18 82736 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-13 12:53 . 2011-06-13 17:55 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-22 02:48 . 2011-08-13 13:31 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-07-22 02:44 . 2011-08-13 13:31 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-06-24 04:27 . 2011-08-13 12:23 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-06-23 04:33 . 2011-08-13 12:24 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-06-23 04:33 . 2011-08-13 12:24 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-06-15 08:55 . 2011-08-13 12:23 86016 ----a-w- c:\windows\system32\odbccu32.dll 2011-06-15 08:55 . 2011-08-13 12:23 81920 ----a-w- c:\windows\system32\odbccr32.dll 2011-06-15 08:55 . 2011-08-13 12:23 319488 ----a-w- c:\windows\system32\odbcjt32.dll 2011-06-15 08:55 . 2011-08-13 12:23 122880 ----a-w- c:\windows\system32\odbccp32.dll 2011-06-15 08:55 . 2011-08-13 12:23 163840 ----a-w- c:\windows\system32\odbctrac.dll 2011-06-11 10:05 . 2011-06-11 10:05 2069272 ----a-w- c:\windows\system32\AutoPartNt.exe 2011-06-11 02:29 . 2011-07-13 16:10 2334208 ----a-w- c:\windows\system32\win32k.sys 2011-06-02 08:07 . 2011-06-02 08:07 75160 ----a-w- c:\windows\system32\drivers\bdisk.sys 2011-06-02 08:06 . 2011-06-02 08:06 125624 ----a-w- c:\windows\system32\drivers\cbufs.sys 2011-06-02 08:06 . 2011-06-02 08:06 430528 ----a-w- c:\windows\system32\drivers\CBVD.sys 2011-06-02 08:06 . 2011-06-02 08:06 570584 ----a-w- c:\windows\system32\drivers\vdbus.sys 2011-06-02 08:06 . 2011-06-02 08:06 429480 ----a-w- c:\windows\system32\drivers\cbreparse.sys 2011-05-29 11:27 . 2011-05-29 11:27 971552 ----a-w- c:\windows\system32\drivers\tdrpm174.sys 2011-05-29 11:27 . 2011-05-29 10:54 540000 ----a-w- c:\windows\system32\drivers\timntr.sys 2011-05-29 11:27 . 2011-05-29 11:27 134272 ----a-w- c:\windows\system32\drivers\snman380.sys 2011-05-29 11:20 . 2011-05-29 10:54 44704 ----a-w- c:\windows\system32\drivers\tifsfilt.sys 2011-05-29 08:01 . 2011-05-29 07:28 1869061 ----a-w- c:\programdata\bdinstall.bin 2011-05-24 17:14 . 2009-12-13 18:52 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-24 10:44 . 2011-06-29 16:04 293376 ----a-w- c:\windows\system32\umpnpmgr.dll 2010-07-08 07:37 . 2010-07-08 07:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe 2010-06-27 01:49 . 2010-07-10 07:37 330400 ----a-w- c:\program files\Common Files\MediaOrganizer.dll 2010-06-27 01:45 . 2010-07-10 07:37 31392 ----a-w- c:\program files\Common Files\FlickrProvider.dll 2010-06-27 01:45 . 2010-07-10 07:37 401056 ----a-w- c:\program files\Common Files\facebook.dll 2010-06-27 01:45 . 2010-07-10 07:37 128672 ----a-w- c:\program files\Common Files\PluginCommon.dll 2010-06-27 01:44 . 2010-07-10 07:37 463520 ----a-w- c:\program files\Common Files\AppFramework.dll 2011-06-25 08:03 . 2011-06-13 16:28 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\COSDriveOverlayIcon] @="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}" [HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}] 2011-06-02 08:04 626480 ----a-w- c:\program files\COMODO\COMODO BackUp\ShellExtension_3.0.171317.133.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2011-07-25 2585408] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708] "Nuance PDF Professional 6-reminder"="c:\program files\Nuance\PDF Professional 6\Ereg\Ereg.exe" [2008-11-03 54560] "PDFHook"="c:\program files\Nuance\PDF Professional 6\pdfpro6hook.exe" [2009-08-25 1275168] "PDF6 Registry Controller"="c:\program files\Nuance\PDF Professional 6\RegistryController.exe" [2009-08-25 110880] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2010-08-12 2060288] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2011-01-11 71216] "BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2011-05-29 1449368] "MaxBlastMonitor.exe"="c:\program files\Maxtor\MaxBlast\MaxBlastMonitor.exe" [2007-09-03 1191752] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2008-11-21 960528] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2008-11-21 4352832] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2008-11-21 165144] "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-28 497648] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2006-05-05 40960] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2006-05-05 36864] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "ConsentPromptBehaviorAdmin"= 0 (0x0) "EnableLUA"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) "DisableCAD"= 1 (0x1) "UseOEMBackground"= 0 (0x0) "DisplayLastLogonInfo"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Nikon Monitor.lnk backup=c:\windows\pss\Nikon Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM] -scheduler [X] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] 2009-01-29 22:20 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader] 2010-06-27 00:02 526992 ----a-w- c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2] 2010-05-25 18:16 619008 ----a-w- c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteUp] 2009-07-03 09:48 671000 ----a-w- c:\program files\SiteUp\SiteUp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe] 2010-08-24 09:38 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 XAMPP;XAMPP Service;c:\xampp\service.exe [x] R3 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2010-11-29 535824] R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2010-11-29 1066232] R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [2009-11-04 17408] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-07-20 116136] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 reparse;reparse;c:\windows\system32\DRIVERS\cbreparse.sys [2011-06-02 429480] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-11-30 307544] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-07-19 104752] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2011-07-19 82736] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-19 1343400] S0 bdisk;COMODO Disk Raw Access Filter;c:\windows\system32\drivers\bdisk.sys [2011-06-02 75160] S0 CBUfs;CBUfs;c:\windows\system32\drivers\CBUFS.sys [2011-06-02 125624] S0 cbvd;Comodo Encrypted Virtual Disk;c:\windows\system32\DRIVERS\cbvd.sys [2011-06-02 430528] S1 Bdfndisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2010-08-20 72784] S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-08-20 88144] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 COSService.exe;Comodo Online Storage Service;c:\program files\COMODO\COMODO BackUp\COSService.exe [2011-06-02 579888] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168] S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\system32\drivers\npf_devolo.sys [2009-07-13 35840] S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-08-25 134944] S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-03-02 5120] S2 Symantec SymSnap VSS Provider;Symantec SymSnap VSS Provider;c:\windows\system32\dllhost.exe [2009-07-14 7168] S2 SynchronizationService.exe;Comodo BackUp Service;c:\program files\COMODO\COMODO BackUp\SynchronizationService.exe [2011-06-02 1359664] S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008] S2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [2011-02-11 43936] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\DRIVERS\a38usb.sys [2009-12-15 37632] S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-05-13 152528] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776] S3 vdbus;Virtual Disk Bus Enumerator;c:\windows\system32\DRIVERS\vdbus.sys [2011-06-02 570584] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - BDVEDISK . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000 IE: Inhoud van geselecteerde koppelingen toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML IE: Koppelingsinhoud toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML IE: Openen in PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm IE: Openen met Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_dut.dll /100 IE: PDF-bestand maken - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestand maken van koppelingsinhoud - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML IE: PDF-bestanden maken van geselecteerde koppelingen - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML IE: Toevoegen aan bestaand PDF-bestand - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\3aoxtd86.default\ FF - prefs.js: browser.startup.homepage - hxxps://encrypted.google.com FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) SafeBoot-SolutoService MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-Corel File Shell Monitor - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe MSConfigStartUp-KeePass 2 PreLoad - c:\program files\KeePass Password Safe 2\KeePass.exe MSConfigStartUp-SearchSettings - c:\program files\pdfforge Toolbar\SearchSettings.exe MSConfigStartUp-Standby - c:\program files\Common Files\Corel\Standby\Standby.exe AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE} . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3422550676-2524859254-278450169-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Microsoft\AudioCompressionManager\DriverCache] @DACL=(02 0000) . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(4568) c:\windows\system32\POWRPROF.dll c:\windows\system32\slc.dll c:\program files\Unlocker\UnlockerHook.dll c:\program files\COMODO\COMODO BackUp\ShellExtension_3.0.171317.133.dll c:\windows\system32\IconCodecService.dll c:\windows\system32\SndVolSSO.DLL c:\windows\system32\timedate.cpl c:\windows\system32\ATL.DLL c:\windows\System32\shacct.dll c:\windows\system32\MsftEdit.dll c:\windows\system32\LINKINFO.dll c:\windows\system32\msiltcfg.dll c:\windows\system32\stobject.dll c:\windows\system32\es.dll c:\windows\system32\AUDIOSES.DLL c:\windows\system32\Syncreg.dll c:\windows\ehome\ehSSO.dll c:\windows\System32\nlaapi.dll c:\windows\System32\AltTab.dll c:\windows\system32\wwapi.dll c:\windows\System32\OLEACC.dll c:\windows\System32\netprofm.dll c:\windows\System32\wscinterop.dll c:\windows\System32\wercplsupport.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe c:\windows\system32\atieclxx.exe c:\program files\Common Files\Acronis\Schedule2\schedul2.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\taskhost.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\BitDefender\BitDefender 2011\pchooklaunch32.exe c:\windows\system32\conhost.exe c:\windows\System32\msdtc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Nuance\PDF Professional 6\bin\PDFDirect.exe c:\program files\Synaptics\SynTP\SynTPHelper.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Voltooingstijd: 2011-08-14 13:41:41 - machine werd herstart ComboFix-quarantined-files.txt 2011-08-14 11:41 ComboFix2.txt 2010-02-25 20:04 . Pre-Run: 362.502.656.000 bytes free Post-Run: 360.997.965.824 bytes free . - - End Of File - - A8E8834C31C5A6216F276E308DAA842C *********************** Alvast bedankt
  • Heb je al verbetering kunnen constateren?
  • Ja inderdaad. Hij is sneller, internet (firefox) reageert sneller en blijft niet meer eventjes hangen. In iedergeval bedankt voor je hulp! Heb je een idee wat de oorzaak was?
  • Ik vermoed dat Windows eerder continu op zoek was bepaalde bestanden! [b:ab726d395c][color=blue:ab726d395c]- - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) SafeBoot-SolutoService MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-Corel File Shell Monitor - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe MSConfigStartUp-KeePass 2 PreLoad - c:\program files\KeePass Password Safe 2\KeePass.exe MSConfigStartUp-SearchSettings - c:\program files\pdfforge Toolbar\SearchSettings.exe MSConfigStartUp-Standby - c:\program files\Common Files\Corel\Standby\Standby.exe AddRemove-_{707EB912-C597-49D8-9460-46CC9AB03EBE} - c:\program files\Corel\Corel Painter Photo Essentials 4\MSILauncher {707EB912-C597-49D8-9460-46CC9AB03EBE} [/color:ab726d395c][/b:ab726d395c] Bovenstaande "wezen" heeft ComboFix dus definitief verwijderd. We gaan opruimen: ComboFix mag nu verwijderd worden: [list:ab726d395c][*:ab726d395c] ga daarvoor naar Start - Uitvoeren [*:ab726d395c] kopieer en plak hierin het volgende: [b:ab726d395c]Combofix /Uninstall[/b:ab726d395c] [*:ab726d395c] klik daarna op [b:ab726d395c]OK[/b:ab726d395c]. [*:ab726d395c] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:ab726d395c] Voorbeeld: [img:ab726d395c]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:ab726d395c] Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken. [i:ab726d395c]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en reset je Systeemherstel opnieuw.[/i:ab726d395c] Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is. Download naar je bureaublad [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:ab726d395c][COLOR="Navy"]Security Check[/COLOR][/b:ab726d395c][/url]. [list:ab726d395c][*:ab726d395c] Klik/dubbelklik op [b:ab726d395c]SecurityCheck.exe[/b:ab726d395c] en let op de instrukties in het zwarte venster. [*:ab726d395c] Een Kladblok document genaamd [b:ab726d395c]checkup.txt[/b:ab726d395c] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:ab726d395c] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:ab726d395c] Post de inhoud van [b:ab726d395c]checkup.txt [/b:ab726d395c]in je volgende post.
  • Combofix is verwijderd en ik heb de security Check uitgevoerd. Hieronder het logje: ******** Results of screen317's Security Check version 0.99.18 Windows 7 Service Pack 1 [color=red:2e25aa3a2e][b:2e25aa3a2e](UAC is disabled!)[/b:2e25aa3a2e][/color:2e25aa3a2e] Internet Explorer 8 [b:2e25aa3a2e]`````````````````````````````` [u:2e25aa3a2e]Antivirus/Firewall Check:[/u:2e25aa3a2e][/b:2e25aa3a2e] Windows Firewall Disabled! ESET Online Scanner v3 BitDefender Internet Security 2011 [size=1:2e25aa3a2e]WMI entry may not exist for antivirus; attempting automatic update.[/size:2e25aa3a2e] [b:2e25aa3a2e]``````````````````````````````` [u:2e25aa3a2e]Anti-malware/Other Utilities Check:[/u:2e25aa3a2e][/b:2e25aa3a2e] Malwarebytes' Anti-Malware CCleaner Java(TM) 6 Update 26 Java(TM) SE Runtime Environment 6 Update 1 Adobe Flash Player 10.3.183.5 Adobe Reader X (10.1.0) [b:2e25aa3a2e]```````````````````````````````` Process Check: [u:2e25aa3a2e]objlist.exe by Laurent[/u:2e25aa3a2e][/b:2e25aa3a2e] BitDefender BitDefender 2011 vsserv.exe BitDefender BitDefender 2011 bdagent.exe BitDefender BitDefender 2011 updatesrv.exe BitDefender BitDefender 2011 pchooklaunch32.exe [b:2e25aa3a2e]``````````End of Log````````````[/b:2e25aa3a2e] *************** Ben benieuwd.
  • Hoi Jan, het enigste punt van kritiek dat ik heb, is het gegeven dat jij de UAC op uitgeschakeld heb staan. Het is juist de UAC die Vista en Windows 7 zoveel veiliger maken dan Windows XP! Beste setting - ook in windows 7 is de hoogste instelling, waarbij de UAC! Instellen via Configuratiescherm/Gebruikersaccaunts.
  • Hoi Abraham, ik heb deze meteen op de hoogste instelling gezet. Bedankt voor de tijd en je advies :)
  • Goed zo en graag gedaan. Een laatste tip: ga een paar keer per jaar naar [b:50b510020f][url=http://secunia.com/vulnerability_scanning/online/]Secunia PSI[/b:50b510020f] (klik)[/url][/b] om te controleren of ook alles binnen Windows uptodate is. Want alleen dan is Windows op zijn veiligst! Klik op de Secunia site eerst op de knop [b:50b510020f]Start Scanner[/b:50b510020f] en zet vervolgens op de nieuwe pagina eerst een vinkje bij [b:50b510020f]Enable thorough system inspection[/b:50b510020f] aleer op [b:50b510020f]Start[/b:50b510020f] te klikken! Gebruik je geen Java, dan zal de site niet werken. Dan kan je de [b:50b510020f]Secunia Personal Software Inspector (PSI)[/b:50b510020f] downloaden en installeren. N.B.: na installatie start dit tool automatisch met Windows, maar dat is echt niet nodig en kan uitgescakeld worden! [url]http://secunia.com/vulnerability_scanning/personal/[/url]

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.