Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

proc + hd gebruik extreem hoog

Bockempiep
19 antwoorden
  • Hallo,

    m'n laptop is onbruikbaar traag geworden doordat de HD constant bezig is en het processor gebruik rond de 80%. Na een half uur stopt het wel, maar dit heb ik toch nog nooit mee gemaakt.

    Ik heb 2 maanden geleden nog een nieuwe installatie gedaan van Windows 7 pro.
    Vorige week heb ik Google desktop search geinstalleerd en daarna is het begonnen, maar kan toeval zijn. Ik heb het intussen gedeinstalleerd.

    Specs: Dell Latitude E6500, P8600, 2048MB, Samsung SSD 64GB + Samsung HM640JJ

    Ik zal ook even een HJlogje plaatsen

    Wie heeft er een idee, aub ?
  • Ik ben benieuwd naar waar jouw klapkoffer last van heeft!

    [b:c9c3560f4c]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:c9c3560f4c]
    [list:c9c3560f4c][*:c9c3560f4c]Lees alle instrukties goed door.
    [*:c9c3560f4c]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken.
    [*:c9c3560f4c]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken.
    [*:c9c3560f4c]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken.
    [*:c9c3560f4c]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht.
    [*:c9c3560f4c]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:c9c3560f4c][/color:c9c3560f4c]

    [b:c9c3560f4c]Stap •1•[/b:c9c3560f4c][/color:c9c3560f4c]
    [[b:c9c3560f4c]Welk programma[/b:c9c3560f4c]: Kaspersky [b:c9c3560f4c]TDSSKiller[/b:c9c3560f4c]
    [b:c9c3560f4c]Waarvoor/waarom[/b:c9c3560f4c]: Rootkitscanner
    [b:c9c3560f4c]Moeilijkheidsgraad[/b:c9c3560f4c]: geen
    [b:c9c3560f4c]Downloadlokatie[/b:c9c3560f4c]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:c9c3560f4c]Download[/b:c9c3560f4c] [b:c9c3560f4c]TDSSKiller[/b:c9c3560f4c] [b:c9c3560f4c]hier[/b:c9c3560f4c].

    [b:c9c3560f4c]Installatie[/b:c9c3560f4c]:
    [list:c9c3560f4c][*:c9c3560f4c] pak het bestand uit op je bureaublad.[/list:u:c9c3560f4c]

    [b:c9c3560f4c]TDSSKiller gebruiken[/b:c9c3560f4c]:
    [list:c9c3560f4c][*:c9c3560f4c]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
    [*:c9c3560f4c]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:c9c3560f4c]Als Administrator uitvoeren[/b:c9c3560f4c].
    [*:c9c3560f4c]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:c9c3560f4c]
    [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:c9c3560f4c]

    [list:c9c3560f4c][*:c9c3560f4c]Klik vervolgens op de knop [b:c9c3560f4c]"Start Scan"[/b:c9c3560f4c] en volg de instructies.
    [*:c9c3560f4c] Nadat de scan klaar is klik je op de knop [b:c9c3560f4c]"Report"[/b:c9c3560f4c].
    [*:c9c3560f4c]Er opent een kladblokbestand. Post de inhoud van dit bestand.
    [list:c9c3560f4c][*:c9c3560f4c][b:c9c3560f4c]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:c9c3560f4c]
    [*:c9c3560f4c]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:c9c3560f4c]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:c9c3560f4c][/list:u:c9c3560f4c][/list:u:c9c3560f4c]


    [b:c9c3560f4c]Stap •2•[/b:c9c3560f4c][/color:c9c3560f4c]
    [b:c9c3560f4c]Welk programma[/b:c9c3560f4c]: "aswMBR.exe'
    [b:c9c3560f4c]Waarvoor/waarom[/b:c9c3560f4c]: MBR-Rootkitscanner
    [b:c9c3560f4c]Moeilijkheidsgraad[/b:c9c3560f4c]: geen
    [b:c9c3560f4c]Downloadlokatie[/b:c9c3560f4c]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:c9c3560f4c]Download[/b:c9c3560f4c] [b:c9c3560f4c]aswMBR.exe[/b:c9c3560f4c] [b:c9c3560f4c]hier[/b:c9c3560f4c].


    [b:c9c3560f4c]aswMBR.exe gebruiken[/b:c9c3560f4c]:
    [list:c9c3560f4c][*:c9c3560f4c]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe".
    [*:c9c3560f4c]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:c9c3560f4c]Als Administrator uitvoeren[/b:c9c3560f4c].[/list:u:c9c3560f4c]

    [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:c9c3560f4c]
    [list:c9c3560f4c][*:c9c3560f4c] Klik nu in het zwarte scherm op de knop [b:c9c3560f4c]Scan[/b:c9c3560f4c]
    [*:c9c3560f4c] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:c9c3560f4c]Save log[/b:c9c3560f4c][/list:u:c9c3560f4c]
    [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:c9c3560f4c]
    [list:c9c3560f4c][*:c9c3560f4c] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen.
    [*:c9c3560f4c] Tevens vindt je nu op het bureaublad ook het bestand [b:c9c3560f4c]MBR.dat[/b:c9c3560f4c]!
    [*:c9c3560f4c] [b:c9c3560f4c]MBR.dat[/b:c9c3560f4c] is een backupbestand, bewaar dat dus voorlopig.
    [*:c9c3560f4c] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:c9c3560f4c]aswMBR.txt[/b:c9c3560f4c]
    [*:c9c3560f4c] Post de inhoud van [b:c9c3560f4c]aswMBR.txt[/b:c9c3560f4c] in jouw volgende bericht.[/list:u:c9c3560f4c]

    [b:c9c3560f4c]Stap •3•[/b:c9c3560f4c][/color:c9c3560f4c]
    [b:c9c3560f4c]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:c9c3560f4c]
    [list:c9c3560f4c][*:c9c3560f4c] TDSSKiller-log
    [*:c9c3560f4c] aswMBR.txt-log
    [/list:u:c9c3560f4c]
  • Handig!

    TDSSKiller:



    2011/08/31 21:08:05.0593 1456 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
    2011/08/31 21:08:05.0697 1456 ================================================================================
    2011/08/31 21:08:05.0697 1456 SystemInfo:
    2011/08/31 21:08:05.0697 1456
    2011/08/31 21:08:05.0697 1456 OS Version: 6.1.7601 ServicePack: 1.0
    2011/08/31 21:08:05.0697 1456 Product type: Workstation
    2011/08/31 21:08:05.0697 1456 ComputerName: DENNIS-PC
    2011/08/31 21:08:05.0697 1456 UserName: dennis
    2011/08/31 21:08:05.0697 1456 Windows directory: C:\Windows
    2011/08/31 21:08:05.0697 1456 System windows directory: C:\Windows
    2011/08/31 21:08:05.0697 1456 Processor architecture: Intel x86
    2011/08/31 21:08:05.0697 1456 Number of processors: 2
    2011/08/31 21:08:05.0697 1456 Page size: 0x1000
    2011/08/31 21:08:05.0697 1456 Boot type: Normal boot
    2011/08/31 21:08:05.0697 1456 ================================================================================
    2011/08/31 21:08:05.0912 1456 Initialize success
    2011/08/31 21:08:07.0793 2976 ================================================================================
    2011/08/31 21:08:07.0793 2976 Scan started
    2011/08/31 21:08:07.0793 2976 Mode: Manual;
    2011/08/31 21:08:07.0793 2976 ================================================================================
    2011/08/31 21:08:08.0104 2976 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
    2011/08/31 21:08:08.0127 2976 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
    2011/08/31 21:08:08.0147 2976 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
    2011/08/31 21:08:08.0180 2976 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
    2011/08/31 21:08:08.0209 2976 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
    2011/08/31 21:08:08.0233 2976 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
    2011/08/31 21:08:08.0267 2976 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
    2011/08/31 21:08:08.0290 2976 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
    2011/08/31 21:08:08.0313 2976 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
    2011/08/31 21:08:08.0337 2976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
    2011/08/31 21:08:08.0358 2976 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
    2011/08/31 21:08:08.0377 2976 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
    2011/08/31 21:08:08.0399 2976 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
    2011/08/31 21:08:08.0419 2976 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
    2011/08/31 21:08:08.0443 2976 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
    2011/08/31 21:08:08.0465 2976 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
    2011/08/31 21:08:08.0484 2976 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
    2011/08/31 21:08:08.0508 2976 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
    2011/08/31 21:08:08.0545 2976 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
    2011/08/31 21:08:08.0566 2976 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
    2011/08/31 21:08:08.0587 2976 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/08/31 21:08:08.0607 2976 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
    2011/08/31 21:08:08.0646 2976 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
    2011/08/31 21:08:08.0675 2976 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
    2011/08/31 21:08:08.0703 2976 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
    2011/08/31 21:08:08.0735 2976 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
    2011/08/31 21:08:08.0757 2976 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
    2011/08/31 21:08:08.0777 2976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    2011/08/31 21:08:08.0797 2976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    2011/08/31 21:08:08.0816 2976 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
    2011/08/31 21:08:08.0848 2976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
    2011/08/31 21:08:08.0863 2976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
    2011/08/31 21:08:08.0879 2976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
    2011/08/31 21:08:08.0910 2976 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
    2011/08/31 21:08:08.0941 2976 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/08/31 21:08:08.0957 2976 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/08/31 21:08:08.0988 2976 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
    2011/08/31 21:08:09.0004 2976 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
    2011/08/31 21:08:09.0035 2976 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/08/31 21:08:09.0050 2976 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
    2011/08/31 21:08:09.0082 2976 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
    2011/08/31 21:08:09.0097 2976 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/08/31 21:08:09.0128 2976 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
    2011/08/31 21:08:09.0144 2976 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
    2011/08/31 21:08:09.0191 2976 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
    2011/08/31 21:08:09.0222 2976 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
    2011/08/31 21:08:09.0253 2976 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
    2011/08/31 21:08:09.0269 2976 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
    2011/08/31 21:08:09.0300 2976 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
    2011/08/31 21:08:09.0331 2976 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/08/31 21:08:09.0381 2976 e1yexpress (8eef52ad831471e323ee7364a8656d35) C:\Windows\system32\DRIVERS\e1y6032.sys
    2011/08/31 21:08:09.0460 2976 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
    2011/08/31 21:08:09.0543 2976 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
    2011/08/31 21:08:09.0570 2976 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
    2011/08/31 21:08:09.0605 2976 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
    2011/08/31 21:08:09.0634 2976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
    2011/08/31 21:08:09.0662 2976 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
    2011/08/31 21:08:09.0692 2976 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
    2011/08/31 21:08:09.0714 2976 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
    2011/08/31 21:08:09.0734 2976 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/08/31 21:08:09.0758 2976 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
    2011/08/31 21:08:09.0786 2976 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
    2011/08/31 21:08:09.0805 2976 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/08/31 21:08:09.0831 2976 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
    2011/08/31 21:08:09.0851 2976 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
    2011/08/31 21:08:09.0880 2976 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
    2011/08/31 21:08:09.0905 2976 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
    2011/08/31 21:08:09.0929 2976 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
    2011/08/31 21:08:09.0948 2976 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
    2011/08/31 21:08:09.0969 2976 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
    2011/08/31 21:08:09.0989 2976 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
    2011/08/31 21:08:10.0016 2976 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/08/31 21:08:10.0048 2976 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
    2011/08/31 21:08:10.0076 2976 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
    2011/08/31 21:08:10.0102 2976 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
    2011/08/31 21:08:10.0136 2976 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
    2011/08/31 21:08:10.0160 2976 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
    2011/08/31 21:08:10.0193 2976 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
    2011/08/31 21:08:10.0235 2976 INO_FLPY (4eb3cd8cd2210807ada276542eb99b06) C:\Windows\system32\Drivers\ino_flpy.sys
    2011/08/31 21:08:10.0258 2976 INO_FLTR (ebfb9e788557aded04aef87247ae56dd) C:\Windows\system32\Drivers\ino_fltr.sys
    2011/08/31 21:08:10.0278 2976 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
    2011/08/31 21:08:10.0303 2976 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/08/31 21:08:10.0605 2976 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/08/31 21:08:10.0636 2976 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
    2011/08/31 21:08:10.0652 2976 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
    2011/08/31 21:08:10.0683 2976 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
    2011/08/31 21:08:10.0699 2976 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
    2011/08/31 21:08:10.0730 2976 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
    2011/08/31 21:08:10.0746 2976 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
    2011/08/31 21:08:10.0777 2976 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
    2011/08/31 21:08:10.0792 2976 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
    2011/08/31 21:08:10.0824 2976 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
    2011/08/31 21:08:10.0855 2976 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/08/31 21:08:10.0886 2976 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
    2011/08/31 21:08:10.0902 2976 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
    2011/08/31 21:08:10.0936 2976 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    2011/08/31 21:08:10.0958 2976 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    2011/08/31 21:08:10.0980 2976 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
    2011/08/31 21:08:11.0000 2976 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys
    2011/08/31 21:08:11.0022 2976 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\Windows\system32\drivers\mbam.sys
    2011/08/31 21:08:11.0050 2976 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
    2011/08/31 21:08:11.0074 2976 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
    2011/08/31 21:08:11.0102 2976 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
    2011/08/31 21:08:11.0122 2976 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
    2011/08/31 21:08:11.0144 2976 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/08/31 21:08:11.0166 2976 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/08/31 21:08:11.0187 2976 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
    2011/08/31 21:08:11.0211 2976 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
    2011/08/31 21:08:11.0234 2976 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
    2011/08/31 21:08:11.0263 2976 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
    2011/08/31 21:08:11.0284 2976 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/08/31 21:08:11.0313 2976 mrxsmb10 (a70c828a93cce4c11617f6249f4d87fc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/08/31 21:08:11.0343 2976 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/08/31 21:08:11.0372 2976 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
    2011/08/31 21:08:11.0401 2976 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
    2011/08/31 21:08:11.0439 2976 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
    2011/08/31 21:08:11.0464 2976 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
    2011/08/31 21:08:11.0487 2976 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
    2011/08/31 21:08:11.0525 2976 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/08/31 21:08:11.0552 2976 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/08/31 21:08:11.0579 2976 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
    2011/08/31 21:08:11.0608 2976 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
    2011/08/31 21:08:11.0643 2976 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
    2011/08/31 21:08:11.0683 2976 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
    2011/08/31 21:08:11.0709 2976 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
    2011/08/31 21:08:11.0736 2976 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
    2011/08/31 21:08:11.0773 2976 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS
    wifi.sys
    2011/08/31 21:08:11.0813 2976 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers
    dis.sys
    2011/08/31 21:08:11.0856 2976 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS
    discap.sys
    2011/08/31 21:08:11.0884 2976 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS
    distapi.sys
    2011/08/31 21:08:11.0911 2976 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS
    disuio.sys
    2011/08/31 21:08:11.0930 2976 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS
    diswan.sys
    2011/08/31 21:08:11.0961 2976 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
    2011/08/31 21:08:12.0008 2976 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS
    etbios.sys
    2011/08/31 21:08:12.0039 2976 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS
    etbt.sys
    2011/08/31 21:08:12.0148 2976 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS
    etw5v32.sys
    2011/08/31 21:08:12.0257 2976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS
    frd960.sys
    2011/08/31 21:08:12.0289 2976 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
    2011/08/31 21:08:12.0320 2976 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers
    siproxy.sys
    2011/08/31 21:08:12.0661 2976 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
    2011/08/31 21:08:12.0706 2976 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
    2011/08/31 21:08:12.0908 2976 nvlddmkm (8fe5350fa6a9f0b6633aee811c468954) C:\Windows\system32\DRIVERS
    vlddmkm.sys
    2011/08/31 21:08:13.0087 2976 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers
    vraid.sys
    2011/08/31 21:08:13.0108 2976 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers
    vstor.sys
    2011/08/31 21:08:13.0133 2976 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers
    v_agp.sys
    2011/08/31 21:08:13.0156 2976 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
    2011/08/31 21:08:13.0194 2976 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
    2011/08/31 21:08:13.0215 2976 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
    2011/08/31 21:08:13.0234 2976 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
    2011/08/31 21:08:13.0263 2976 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
    2011/08/31 21:08:13.0284 2976 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
    2011/08/31 21:08:13.0306 2976 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
    2011/08/31 21:08:13.0331 2976 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
    2011/08/31 21:08:13.0360 2976 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
    2011/08/31 21:08:13.0444 2976 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/08/31 21:08:13.0465 2976 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
    2011/08/31 21:08:13.0483 2976 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
    2011/08/31 21:08:13.0530 2976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
    2011/08/31 21:08:13.0577 2976 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
    2011/08/31 21:08:13.0593 2976 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
    2011/08/31 21:08:13.0608 2976 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/08/31 21:08:13.0639 2976 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
    2011/08/31 21:08:13.0671 2976 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/08/31 21:08:13.0702 2976 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/08/31 21:08:13.0717 2976 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/08/31 21:08:13.0733 2976 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/08/31 21:08:13.0764 2976 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
    2011/08/31 21:08:13.0780 2976 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/08/31 21:08:13.0811 2976 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
    2011/08/31 21:08:13.0827 2976 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
    2011/08/31 21:08:13.0842 2976 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
    2011/08/31 21:08:13.0873 2976 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
    2011/08/31 21:08:13.0905 2976 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
    2011/08/31 21:08:13.0936 2976 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys
    2011/08/31 21:08:13.0967 2976 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/08/31 21:08:13.0983 2976 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
    2011/08/31 21:08:14.0014 2976 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
    2011/08/31 21:08:14.0029 2976 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
    2011/08/31 21:08:14.0069 2976 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
    2011/08/31 21:08:14.0093 2976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/08/31 21:08:14.0126 2976 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
    2011/08/31 21:08:14.0148 2976 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
    2011/08/31 21:08:14.0168 2976 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
    2011/08/31 21:08:14.0205 2976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
    2011/08/31 21:08:14.0225 2976 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/08/31 21:08:14.0246 2976 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
    2011/08/31 21:08:14.0267 2976 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
    2011/08/31 21:08:14.0297 2976 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
    2011/08/31 21:08:14.0320 2976 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    2011/08/31 21:08:14.0341 2976 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
    2011/08/31 21:08:14.0363 2976 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
    2011/08/31 21:08:14.0394 2976 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
    2011/08/31 21:08:14.0444 2976 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
    2011/08/31 21:08:14.0472 2976 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
    2011/08/31 21:08:14.0496 2976 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/08/31 21:08:14.0524 2976 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
    2011/08/31 21:08:14.0550 2976 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
    2011/08/31 21:08:14.0574 2976 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
    2011/08/31 21:08:14.0594 2976 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
    2011/08/31 21:08:14.0658 2976 Tcpip (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\drivers\tcpip.sys
    2011/08/31 21:08:14.0719 2976 TCPIP6 (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/08/31 21:08:14.0748 2976 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
    2011/08/31 21:08:14.0773 2976 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
    2011/08/31 21:08:14.0793 2976 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
    2011/08/31 21:08:14.0815 2976 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
    2011/08/31 21:08:14.0835 2976 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
    2011/08/31 21:08:14.0880 2976 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/08/31 21:08:14.0902 2976 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
    2011/08/31 21:08:14.0925 2976 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/08/31 21:08:14.0946 2976 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
    2011/08/31 21:08:14.0971 2976 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
    2011/08/31 21:08:15.0009 2976 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
    2011/08/31 21:08:15.0030 2976 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
    2011/08/31 21:08:15.0037 2976 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
    2011/08/31 21:08:15.0068 2976 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/08/31 21:08:15.0100 2976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
    2011/08/31 21:08:15.0115 2976 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/08/31 21:08:15.0146 2976 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/08/31 21:08:15.0162 2976 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
    2011/08/31 21:08:15.0178 2976 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/08/31 21:08:15.0209 2976 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/08/31 21:08:15.0224 2976 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/08/31 21:08:15.0256 2976 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
    2011/08/31 21:08:15.0271 2976 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/08/31 21:08:15.0302 2976 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
    2011/08/31 21:08:15.0318 2976 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
    2011/08/31 21:08:15.0334 2976 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
    2011/08/31 21:08:15.0365 2976 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
    2011/08/31 21:08:15.0380 2976 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
    2011/08/31 21:08:15.0412 2976 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
    2011/08/31 21:08:15.0427 2976 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
    2011/08/31 21:08:15.0443 2976 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
    2011/08/31 21:08:15.0474 2976 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
    2011/08/31 21:08:15.0505 2976 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
    2011/08/31 21:08:15.0521 2976 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
    2011/08/31 21:08:15.0552 2976 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
    2011/08/31 21:08:15.0583 2976 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
    2011/08/31 21:08:15.0607 2976 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 21:08:15.0620 2976 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/08/31 21:08:15.0661 2976 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
    2011/08/31 21:08:15.0689 2976 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
    2011/08/31 21:08:15.0738 2976 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
    2011/08/31 21:08:15.0760 2976 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
    2011/08/31 21:08:15.0808 2976 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.sys
    2011/08/31 21:08:15.0833 2976 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
    2011/08/31 21:08:15.0875 2976 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/08/31 21:08:15.0914 2976 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
    2011/08/31 21:08:15.0938 2976 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/08/31 21:08:15.0970 2976 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
    2011/08/31 21:08:15.0992 2976 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
    2011/08/31 21:08:16.0013 2976 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
    2011/08/31 21:08:16.0033 2976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    2011/08/31 21:08:16.0046 2976 Boot (0x1200) (d0645cf7d61ee834aee289cad856219c) \Device\Harddisk0\DR0\Partition0
    2011/08/31 21:08:16.0059 2976 Boot (0x1200) (710f84d076ce877a058ed43430ce3b30) \Device\Harddisk0\DR0\Partition1
    2011/08/31 21:08:16.0067 2976 ================================================================================
    2011/08/31 21:08:16.0067 2976 Scan finished
    2011/08/31 21:08:16.0067 2976 ================================================================================
    2011/08/31 21:08:16.0077 3980 Detected object count: 0
    2011/08/31 21:08:16.0077 3980 Actual detected object count: 0
    2011/08/31 21:10:25.0660 3272 Deinitialize success



    aswMBR:




    aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
    Run date: 2011-08-31 21:12:49
    —————————–
    21:12:49.919 OS Version: Windows 6.1.7601 Service Pack 1
    21:12:49.919 Number of processors: 2 586 0x170A
    21:12:49.920 ComputerName: DENNIS-PC UserName: dennis
    21:12:50.175 Initialize success
    21:13:54.051 AVAST engine defs: 11083101
    21:14:13.904 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    21:14:13.910 Disk 0 Vendor: SAMSUNG_SSD_RBX_Series_64GB_M VAM05D1Q Size: 61057MB BusType: 11
    21:14:15.919 Disk 0 MBR read successfully
    21:14:15.919 Disk 0 MBR scan
    21:14:15.935 Disk 0 Windows 7 default MBR code
    21:14:15.951 Disk 0 scanning sectors +125042688
    21:14:15.982 Disk 0 scanning C:\Windows\system32\drivers
    21:14:36.778 Service scanning
    21:14:38.189 Modules scanning
    21:14:39.908 Disk 0 trace - called modules:
    21:14:39.915
    21:14:43.999 AVAST engine scan C:\Windows
    21:14:45.103 AVAST engine scan C:\Windows\system32
    21:16:12.710 AVAST engine scan C:\Windows\system32\drivers
    21:16:20.027 AVAST engine scan C:\Users\dennis.WERBRI
    21:16:41.456 AVAST engine scan C:\ProgramData
    21:16:48.400 Scan finished successfully
    21:18:38.912 Disk 0 MBR has been saved successfully to "C:\Users\dennis.WERBRI\Desktop\MBR.dat"
    21:18:38.912 The log file has been saved successfully to "C:\Users\dennis.WERBRI\Desktop\aswMBR.txt"


    aub!
  • Mooi geen rootkit en een gezonde MBR.

    [b:6f42bc316d]Stap •1•[/b:6f42bc316d][/color:6f42bc316d]
    [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Trend Micro [b:6f42bc316d]Hijack This Versie 2.0.4[/b:6f42bc316d]
    [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: maakt een duidelijk overzicht van Windows door middel van een scan.
    [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven.

    [b:6f42bc316d]Download[/b:6f42bc316d] de [b:6f42bc316d]HijackThis Installer[/b:6f42bc316d]

    [b:6f42bc316d]Installatie[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:6f42bc316d]
    Gebruikers van [b:6f42bc316d]Windows Vista[/b:6f42bc316d] en [b:6f42bc316d]Windows 7[/b:6f42bc316d] gaan daarna naar de installatielokatie van HijackThis.
    [list:6f42bc316d][*:6f42bc316d]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen.
    [*:6f42bc316d]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren".
    [*:6f42bc316d]Als laatste wordt dan nog op [b:6f42bc316d]Toepassen[/b:6f42bc316d] en [b:6f42bc316d]OK[/b:6f42bc316d] geklikt[/list:u:6f42bc316d]

    [b:6f42bc316d]Hijack This gebruiken[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d]Sluit eerst alle openstaande programma's en de webbrowsers.
    [*:6f42bc316d]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile'
    [list:6f42bc316d][*:6f42bc316d]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:6f42bc316d]
    [*:6f42bc316d]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'.
    [*:6f42bc316d]Ga naar DDRMMR's kleurcodeerder (Klik)
    [*:6f42bc316d]Kopieer en plak de inhoud van het Hijack This-logfile in het webvenster en klik op de knop 'Converteer'.
    [*:6f42bc316d]Kopieer en plak de inhoud van de kleurcodeerder in je aansluitende bericht.
    [*:6f42bc316d]Hierna mag je Hijack This weer sluiten[/list:u:6f42bc316d]
    [b:6f42bc316d]Stap •2•[/b:6f42bc316d][/color:6f42bc316d]
    [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Microsoft Safety Scanner
    [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen.
    [quote:6f42bc316d]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload.
    Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software,
    downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:6f42bc316d]
    Dowload de [b:6f42bc316d]Microsoft Safety Scanner [/b:6f42bc316d]hier.

    Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst".

    [b:6f42bc316d]Scannen[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'.
    [*:6f42bc316d]Het scannen duurt wel even, dus wees geduldig.[/list:u:6f42bc316d]

    [b:6f42bc316d]Stap •3•[/b:6f42bc316d][/color:6f42bc316d]
    [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Malwarebytes MBAM
    [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen.

    [b:6f42bc316d]Download Malwarebytes MBAM via één van deze locaties[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Download.com[/b:6f42bc316d]
    [*:6f42bc316d][b:6f42bc316d]Softpedia.com[/b:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Majorgeeks.com[/b:6f42bc316d][/list:u:6f42bc316d]
    [b:6f42bc316d]Allereerst[/b:6f42bc316d]:[list:6f42bc316d][*:6f42bc316d] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:6f42bc316d] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
    [/list:u:6f42bc316d]
    [b:6f42bc316d]Malwarebytes MBAM opstarten[/b:6f42bc316d]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.
    [list:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Let op:[/b:6f42bc316d]
    [list:6f42bc316d][*:6f42bc316d]Malwarebytes verstrekt nu de volledige versie van MBAM.
    [*:6f42bc316d]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    [*:6f42bc316d]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    [*:6f42bc316d]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:6f42bc316d][/list:u:6f42bc316d]
    [img:6f42bc316d]http://img30.imageshack.us/img30/3928/mbam2.png[/img:6f42bc316d]

    [list:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Doe ook nog het volgende:[/b:6f42bc316d]
    [list:6f42bc316d][*:6f42bc316d]Zodra het programma gestart is, ga dan naar het tabblad "[b:6f42bc316d]Instellingen[/b:6f42bc316d]".
    [*:6f42bc316d]Vink hier aan: "[b:6f42bc316d]Sluit Internet Explorer tijdens verwijdering van malware[/b:6f42bc316d]".[/list:u:6f42bc316d][/list:u:6f42bc316d]

    [b:6f42bc316d]Scannen[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:6f42bc316d]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:6f42bc316d]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:6f42bc316d]
    [b:6f42bc316d]Infecties gevonden[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d]Klik nu eerst op OK om de melding weg te klikken
    [*:6f42bc316d]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:6f42bc316d]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:6f42bc316d]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:6f42bc316d]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:6f42bc316d]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:6f42bc316d]
    [b:6f42bc316d]MBAM-Log[/b:6f42bc316d]:
    [list:6f42bc316d][*:6f42bc316d] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:6f42bc316d]
    [b:6f42bc316d]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:6f42bc316d]


    [b:6f42bc316d]Stap •4•[/b:6f42bc316d][/color:6f42bc316d]
    [b:6f42bc316d]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:6f42bc316d]
    [list:6f42bc316d][*:6f42bc316d] een nieuw Hijackthis-log
    [*:6f42bc316d] MBAM scanlog[/list:u:6f42bc316d]
    Tevens een Uninstall-lijst posten:
    [list:6f42bc316d][*:6f42bc316d] start HijackThis,
    [*:6f42bc316d] klik op de knop Open the Misc Tools section,
    [*:6f42bc316d] klik op de knop Open Uninstall Manager,
    [*:6f42bc316d] Klik op de knop Save.[/list:u:6f42bc316d]
  • HJTlog:

    [hjt]
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:19:58, on 31-8-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    [b:4a186f35d2]Running processes:[/b:4a186f35d2]
    c:\windows\system32\[/color:4a186f35d2]taskhost.exe[/color:4a186f35d2]
    c:\windows\system32\[/color:4a186f35d2]dwm.exe[/color:4a186f35d2]
    c:\windows\[/color:4a186f35d2]explorer.exe[/color:4a186f35d2]
    c:\windows\system32\[/color:4a186f35d2]rundll32.exe[/color:4a186f35d2]
    c:\program files\microsoft office\office12\[/color:4a186f35d2]groovemonitor.exe[/color:4a186f35d2]
    c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2]mbamgui.exe[/color:4a186f35d2]
    c:\program files\ca\etrustitm\[/color:4a186f35d2]realmon.exe[/color:4a186f35d2]
    c:\program files\common files\spigot\search settings\[/color:4a186f35d2]searchsettings.exe[/color:4a186f35d2]
    c:\program files\mobile partner manager\[/color:4a186f35d2]uiexec.exe[/color:4a186f35d2]
    c:\program files\google\google desktop search\[/color:4a186f35d2]googledesktop.exe[/color:4a186f35d2]
    c:\users\dennis.werbri\appdata\local\google\update\[/color:4a186f35d2]googleupdate.exe[/color:4a186f35d2]
    c:\program files\google\google desktop search\[/color:4a186f35d2]googledesktop.exe[/color:4a186f35d2]
    c:\program files\trend micro\hijackthis\[/color:4a186f35d2]hijackthis.exe[/color:4a186f35d2]

    r1 -[/color:4a186f35d2] hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],default_page_url = [u:4a186f35d2][noparse]http://companyweb[/noparse][/u:4a186f35d2]
    r1 -[/color:4a186f35d2] hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],search page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2]
    r0 -[/color:4a186f35d2] hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],start page = [u:4a186f35d2][noparse]http://companyweb[/noparse][/u:4a186f35d2]
    r1 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],default_page_url = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:4a186f35d2]
    r1 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],default_search_url = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2]
    r1 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],search page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2]
    r0 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],start page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:4a186f35d2]
    r0 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\search[/color:4a186f35d2],searchassistant =
    r0 -[/color:4a186f35d2] hklm\software\microsoft\internet explorer\search[/color:4a186f35d2],customizesearch =
    r0 -[/color:4a186f35d2] hkcu\software\microsoft\internet explorer\toolbar[/color:4a186f35d2],linksfoldername =
    r3 -[/color:4a186f35d2] urlsearchhook[/color:4a186f35d2]: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2]
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:4a186f35d2] - c:\program files\common files\adobe\acrobat\activex\[/color:4a186f35d2]acroiehelpershim.dll[/color:4a186f35d2]
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: (no name) - {5c255c8a-e604-49b4-9d64-90988571cecb}[/color:4a186f35d2] - (no file)
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e}[/color:4a186f35d2] - c:\program files\microsoft office\office12\[/color:4a186f35d2]grooveshellextensions.dll[/color:4a186f35d2]
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6}[/color:4a186f35d2] - c:\program files\common files\microsoft shared\windows live\[/color:4a186f35d2]windowslivelogin.dll[/color:4a186f35d2]
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2]
    o2 -[/color:4a186f35d2] bho[/color:4a186f35d2]: java™ plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:4a186f35d2] - c:\program files\java\jre6\bin\[/color:4a186f35d2]jp2ssv.dll[/color:4a186f35d2]
    o3 -[/color:4a186f35d2] toolbar[/color:4a186f35d2]: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2]
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nwiz][/b:4a186f35d2] nwiz.exe /install
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nvcpldaemon][/b:4a186f35d2] rundll32.exe c:\windows\system32\[/color:4a186f35d2]nvcpl.dll[/color:4a186f35d2],nvstartup
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nvhotkey][/b:4a186f35d2] rundll32.exe c:\windows\system32\[/color:4a186f35d2]nvhotkey.dll[/color:4a186f35d2],start
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][groovemonitor][/b:4a186f35d2] c:\program files\microsoft office\office12\[/color:4a186f35d2]groovemonitor.exe[/color:4a186f35d2]
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][malwarebytes' anti-malware][/b:4a186f35d2] c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2]mbamgui.exe[/color:4a186f35d2] /starttray
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][realtime monitor][/b:4a186f35d2] c:\program files\ca\etrustitm\[/color:4a186f35d2]realmon.exe[/color:4a186f35d2] -s
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][adobe arm][/b:4a186f35d2] c:\program files\common files\adobe\arm\1.0\[/color:4a186f35d2]adobearm.exe[/color:4a186f35d2]
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][searchsettings][/b:4a186f35d2] c:\program files\common files\spigot\search settings\[/color:4a186f35d2]searchsettings.exe[/color:4a186f35d2]
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][uiexec][/b:4a186f35d2] c:\program files\mobile partner manager\[/color:4a186f35d2]uiexec.exe[/color:4a186f35d2]
    o4 -[/color:4a186f35d2] hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][google desktop search][/b:4a186f35d2] c:\program files\google\google desktop search\[/color:4a186f35d2]googledesktop.exe[/color:4a186f35d2] /startup
    o4 -[/color:4a186f35d2] hkcu\..\run[/color:4a186f35d2]: [b:4a186f35d2][google update][/b:4a186f35d2] c:\users\dennis.werbri\appdata\local\google\update\[/color:4a186f35d2]googleupdate.exe[/color:4a186f35d2] /c
    o4 -[/color:4a186f35d2] hkcu\..\run[/color:4a186f35d2]: [b:4a186f35d2][msnmsgr][/b:4a186f35d2] c:\program files\windows live\messenger\[/color:4a186f35d2]msnmsgr.exe[/color:4a186f35d2] /background
    o4 -[/color:4a186f35d2] hkus\s-1-5-19\..\run[/color:4a186f35d2]: [b:4a186f35d2][sidebar][/b:4a186f35d2] %programfiles%\windows sidebar\[/color:4a186f35d2]sidebar.exe[/color:4a186f35d2] /autorun (user 'local service')
    o4 -[/color:4a186f35d2] hkus\s-1-5-19\..\runonce[/color:4a186f35d2]: [b:4a186f35d2][mctadmin][/b:4a186f35d2] c:\windows\system32\[/color:4a186f35d2]mctadmin.exe[/color:4a186f35d2] (user 'local service')
    o4 -[/color:4a186f35d2] hkus\s-1-5-20\..\run[/color:4a186f35d2]: [b:4a186f35d2][sidebar][/b:4a186f35d2] %programfiles%\windows sidebar\[/color:4a186f35d2]sidebar.exe[/color:4a186f35d2] /autorun (user 'network service')
    o4 -[/color:4a186f35d2] hkus\s-1-5-20\..\runonce[/color:4a186f35d2]: [b:4a186f35d2][mctadmin][/b:4a186f35d2] c:\windows\system32\[/color:4a186f35d2]mctadmin.exe[/color:4a186f35d2] (user 'network service')
    o8 -[/color:4a186f35d2] extra context menu item[/color:4a186f35d2]: e&xporteren naar microsoft excel - res://c:\progra~1\micros~1\office12\[/color:4a186f35d2]excel.exe[/color:4a186f35d2]/3000
    o9 -[/color:4a186f35d2] extra button[/color:4a186f35d2]: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:4a186f35d2] - c:\progra~1\micros~1\office12\[/color:4a186f35d2]onbttnie.dll[/color:4a186f35d2]
    o9 -[/color:4a186f35d2] extra 'tools' menuitem[/color:4a186f35d2]: verz&enden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:4a186f35d2] - c:\progra~1\micros~1\office12\[/color:4a186f35d2]onbttnie.dll[/color:4a186f35d2]
    o9 -[/color:4a186f35d2] extra button[/color:4a186f35d2]: research - {92780b25-18cc-41c8-b9be-3c9c571a8263}[/color:4a186f35d2] - c:\progra~1\micros~1\office12\[/color:4a186f35d2]refiebar.dll[/color:4a186f35d2]
    o17 -[/color:4a186f35d2] hklm\system\ccs\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local
    o17 -[/color:4a186f35d2] hklm\software\..\telephony[/color:4a186f35d2]: domainname = werbri.local
    o17 -[/color:4a186f35d2] hklm\system\cs1\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local
    o17 -[/color:4a186f35d2] hklm\system\cs2\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local
    o18 -[/color:4a186f35d2] protocol[/color:4a186f35d2]: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd}[/color:4a186f35d2] - c:\program files\microsoft office\office12\[/color:4a186f35d2]groovesystemservices.dll[/color:4a186f35d2]
    o20 -[/color:4a186f35d2] appinit_dlls[/color:4a186f35d2]: c:\progra~1\google\google~1\[/color:4a186f35d2]go36f4~1.dll[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files\common files\adobe\arm\1.0\[/color:4a186f35d2]armsvc.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: application updater - spigot, inc. - c:\program files\application updater\[/color:4a186f35d2]applicationupdater.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: google desktop manager 5.9.1005.12335 (googledesktopmanager-051210-111108) - google - c:\program files\google\google desktop search\[/color:4a186f35d2]googledesktop.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: itechnology igateway 4.2 (igateway) - ca, inc. - c:\program files\ca\sharedcomponents\itechnology\[/color:4a186f35d2]igateway.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: etrust itm rpc service (inorpc) - ca - c:\program files\ca\etrustitm\[/color:4a186f35d2]inorpc.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: etrust antivirus realtime service (inort) - ca - c:\program files\ca\etrustitm\[/color:4a186f35d2]inort.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: etrust itm job service (inotask) - ca - c:\program files\ca\etrustitm\[/color:4a186f35d2]inotask.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: ca pest patrol realtime protection service (itmrtsvc) - ca, inc. - c:\program files\ca\sharedcomponents\pprealtime\bin\[/color:4a186f35d2]itmrtsvc.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: mbamservice - malwarebytes corporation - c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2]mbamservice.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\[/color:4a186f35d2]nvvsvc.exe[/color:4a186f35d2]
    o23 -[/color:4a186f35d2] service[/color:4a186f35d2]: ui assistant service - unknown owner - c:\program files\mobile partner manager\[/color:4a186f35d2]assistantservices.exe[/color:4a186f35d2]

    end of file - 6821 bytes

    [/hjt]



    MBAM



    Malwarebytes' Anti-Malware 1.51.1.1800
    www.malwarebytes.org

    Database version: 7623

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514

    1-9-2011 9:25:30
    mbam-log-2011-09-01 (09-25-30).txt

    Scan type: Quick scan
    Objects scanned: 172725
    Time elapsed: 2 minute(s), 29 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)
  • Hoi, je hebt spyware vermomd als zoeksoftware in je PC!
    Daardoor ratelt de HD ook zo.
    Hoe oud is deze HD eigenlijk al?

    [b:3ddb6cd6b8]Stap •1•[/b:3ddb6cd6b8][/color:3ddb6cd6b8]
    Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:3ddb6cd6b8]Fix checked[/b:3ddb6cd6b8] klikt!

    Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:3ddb6cd6b8]Do a Scan only,

    r3 - urlsearchhook: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll
    o2 - bho: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll
    o3 - toolbar: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll
    o4 - hklm\..\run: [searchsettings] c:\program files\common files\spigot\search settings\searchsettings.exe
    o20 - appinit_dlls: c:\progra~1\google\google~1\go36f4~1.dll[/b:3ddb6cd6b8]
    [list:3ddb6cd6b8][*:3ddb6cd6b8] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:3ddb6cd6b8] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:3ddb6cd6b8]Fix checked[/b:3ddb6cd6b8]
    [*:3ddb6cd6b8] Klik hierna HijackThis op uit.[/list:u:3ddb6cd6b8]
    [b:3ddb6cd6b8] Start de computer na de fix opnieuw op[/b:3ddb6cd6b8]


    [b:3ddb6cd6b8]Stap •2•[/b:3ddb6cd6b8][/color:3ddb6cd6b8]
    [b:3ddb6cd6b8]Download ComboFix via één van deze locaties[/b:3ddb6cd6b8]:
    [list:3ddb6cd6b8][*:3ddb6cd6b8][b:3ddb6cd6b8]Bleepingcomputer[/b:3ddb6cd6b8]
    [*:3ddb6cd6b8][b:3ddb6cd6b8]ForoSpyware[/b:3ddb6cd6b8]
    [*:3ddb6cd6b8][b:3ddb6cd6b8]Geekstogo[/b:3ddb6cd6b8][/list:u:3ddb6cd6b8]

    N.B.: ComboFix.exe absoluut op het bureaublad plaatsen!


    Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:3ddb6cd6b8]Kladblok[/b:3ddb6cd6b8]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:3ddb6cd6b8]Folder::
    c:\program files\common files\spigot[/color:3ddb6cd6b8]
    [/b:3ddb6cd6b8]


    Sla dit kladblokbestand op je bureaublad op als [b:3ddb6cd6b8]CFScript.txt[/b:3ddb6cd6b8].

    [b:3ddb6cd6b8]Nu eerst de antivirus deaktiveren![/color:3ddb6cd6b8][/b:3ddb6cd6b8]


    Sleep CFScript.txt in ComboFix.exe


    [img:3ddb6cd6b8]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:3ddb6cd6b8]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix log dat na het opnieuw starten wordt getoond!
  • De Samsung SSD is van juni 2009

    De regels die ik moet verwijderen met HJT waren vreemd genoeg al weg

    Vanavond ga ik aan de slag met combofix

    bedankt alvast!
  • Hoe gezond is die SSD nog?
  • Wil het lukken?
  • Samsung SSD RBX series 64GB
    Health: 95%
    Performance: 100%
    Total working time: 162 dagen, 10 uur


    ComboFix 11-09-02.04 - Dennis 03-09-2011 12:06:04.3.2 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.2036.1219 [GMT 2:00]
    Gestart vanuit: c:\users\dennis.WERBRI\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\dennis.WERBRI\Desktop\CFScript.txt.txt
    AV: eTrust ITM *Disabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA}
    SP: eTrust ITM *Disabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-08-03 to 2011-09-03 ))))))))))))))))))))))))))))))
    .
    .
    2011-09-03 10:10 . 2011-09-03 10:10 ——– d—–w- c:\users\Dennis\AppData\Local\temp
    2011-09-03 10:10 . 2011-09-03 10:10 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-09-01 15:33 . 2011-09-01 15:33 ——– d—–w- c:\program files\7-Zip
    2011-08-31 14:44 . 2011-08-31 14:44 388096 —-a-r- c:\users\dennis.WERBRI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-08-31 14:44 . 2011-08-31 14:44 ——– d—–w- c:\program files\Trend Micro
    2011-08-24 12:11 . 2011-08-31 20:52 ——– d—–w- c:\program files\Google
    2011-08-24 11:22 . 2010-05-01 15:54 302080 —-a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp104.dll
    2011-08-23 12:04 . 2011-08-12 02:44 7152464 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3608486-C6FB-4CCF-A83B-E98D501AA433}\mpengine.dll
    2011-08-19 09:38 . 2011-08-19 09:41 ——– d—–w- c:\users\dennis.WERBRI\AppData\Roaming\Daoisoft
    2011-08-19 09:38 . 2011-08-31 20:59 ——– d—–w- c:\program files\7Tweak
    2011-08-11 14:03 . 2011-09-03 09:55 ——– d—–w- c:\users\dennis.WERBRI\Tracing
    2011-08-10 15:03 . 2010-07-16 07:50 136544 —-a-w- c:\windows\system32\GPEapSim.dll
    2011-08-10 15:02 . 2010-01-18 09:20 9216 —-a-w- c:\windows\system32\drivers\massfilter.sys
    2011-08-10 15:02 . 2010-01-18 09:20 105088 —-a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
    2011-08-10 15:02 . 2010-01-18 09:20 105088 —-a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
    2011-08-10 15:02 . 2010-01-18 09:20 105088 —-a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
    2011-08-10 15:02 . 2009-11-09 07:51 13824 —-a-w- c:\windows\system32\drivers\ZTEusbccid.sys
    2011-08-10 15:02 . 2011-08-31 14:52 ——– d—–w- c:\windows\system32\SupportAppCB
    2011-08-10 15:02 . 2011-08-31 14:50 ——– d—–w- c:\program files\Mobile Partner Manager
    2011-08-08 11:42 . 2004-03-08 23:00 662288 —-a-w- c:\windows\system32\MSCOMCT2.OCX
    2011-08-08 11:42 . 2001-10-28 15:42 116224 —-a-w- c:\windows\system32\pdfcmnnt.dll
    2011-08-08 11:42 . 1998-06-23 23:00 137000 —-a-w- c:\windows\system32\MSMAPI32.OCX
    2011-08-08 11:42 . 2011-08-31 14:50 ——– d—–w- c:\program files\PDFCreator
    2011-08-08 11:42 . 1998-07-05 23:00 23552 —-a-w- c:\windows\system32\MSMPIDE.DLL
    2011-08-08 08:16 . 2011-08-26 13:59 ——– d—–w- C:\ASMMobileDoc
    2011-08-07 21:02 . 2009-12-19 09:18 2395648 —-a-w- c:\windows\system32\SYNSOEMU.DLL
    2011-08-07 20:59 . 2011-08-07 20:59 ——– d—–w- c:\program files\Steinberg
    2011-08-04 14:38 . 2011-08-04 14:38 ——– d—–w- c:\users\dennis.WERBRI\AppData\Local\Adobe
    2011-08-04 14:36 . 2011-08-04 14:37 ——– d—–w- c:\program files\Common Files\Adobe
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-03 08:10 . 2011-08-03 08:10 411368 —-a-w- c:\windows\system32\deploytk.dll
    2011-08-02 11:14 . 2009-07-14 02:05 152576 —-a-w- c:\windows\system32\msclmd.dll
    2011-07-06 17:52 . 2011-08-01 12:41 41272 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-07-06 17:52 . 2011-08-01 12:41 22712 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-06-11 02:29 . 2011-08-01 08:34 2334208 —-a-w- c:\windows\system32\win32k.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "nwiz"="nwiz.exe" [2009-06-10 1657376]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824]
    "NVHotkey"="c:\windows\system32
    vHotkey.dll" [2009-06-16 92704]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
    "Realtime Monitor"="c:\program files\CA\eTrustITM\realmon.exe" [2008-02-08 407368]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
    "UIExec"="c:\program files\Mobile Partner Manager\UIExec.exe" [2010-07-16 138584]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R3 acpials;ALS-sensorfilter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
    R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-18 9216]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-01 1343400]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-08-15 47128]
    R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-03-03 370024]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
    S2 UI Assistant Service;UI Assistant Service;c:\program files\Mobile Partner Manager\AssistantServices.exe [2010-07-16 252784]
    S3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712]
    S3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS
    etw5v32.sys [2009-07-13 4231168]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    GPSvcGroup REG_MULTI_SZ GPSvc
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000942056-3156942287-3273839466-1000Core.job
    - c:\users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01 08:56]
    .
    2011-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000942056-3156942287-3273839466-1000UA.job
    - c:\users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01 08:56]
    .
    2011-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1365252884-1034019958-4036850939-1155Core1cc55c17ecd993b.job
    - c:\users\dennis.WERBRI\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 07:53]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://companyweb
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'winlogon.exe'(1228)
    c:\program files\CA\SharedComponents\PPRealtime\bin\CACheck.dll
    c:\program files\CA\SharedComponents\PPRealtime\bin\CAHook.dll
    c:\program files\CA\SharedComponents\PPRealtime\bin\CAServer.dll
    .
    Voltooingstijd: 2011-09-03 12:12:08
    ComboFix-quarantined-files.txt 2011-09-03 10:12
    ComboFix2.txt 2011-09-03 09:44
    .
    Pre-Run: 40.782.151.680 bytes beschikbaar
    Post-Run: 40.728.850.432 bytes beschikbaar
    .
    - - End Of File - - 4006B54213F8C75A618CB4E2EB3C8129
  • Je SSD is aan het degraderen!

    95% gezondheid geeft dat aan!

    Had je wel alle processen in Windows uitgezet die nadelig zijn voor de SSD?
  • Nee ik denk dat ik dat na de vorige herinstallatie vergeten ben. Wat was dat ook al weer? Iets met indexeren, defragmenteren en nog iets..?
  • Een SSD mag al helemaal niet gedefragmenteerd worden!

    Meer info hier: http://nl.hardware.info
    eviews/1635/workshop-tune-je-ssd!
  • Ja ik bedoel dat moet ik uitschakelen..

    Bedankt voor je hulp en de handige SSD link !!

    Ik heb nog wel problemen met m'n data schijf, die zit in zo'n extra HDD caddy ipv de DVD-brander. Met verkenner er doorheen navigeren duurt uren. Kan ik de verbinding ergens mee testen ?
  • Hoe is die "HDD caddy" dan aan je PC aangesloten?

    En hou de gezondheid van je SSD middels CrystalDiskInfo nauwlettend in de gaten!
  • Op dezelfde manier als de slimDVDdrive. Hier een plaatje

    Bedankt voor de link !

    Volgens Crystaldiskinfo is m'n SSD nog maar 49% :(

    M'n data schijf heb ik intussen aan een andere pc gehangen en doet het goed dus dat word een nieuw hddcaddy

    mvg!
  • Aha, jij hebt een notebook uit de zaklelijke reeks van Dell.

    Wat betreft je SSD, dat gaat dan snel achteruit.

    Wil je deze op (korte) termijn vervangen voor een nieuwe SSD?
    Of ga je dan liever voor een grotere conventionele HD?
  • Dan kies ik toch voor een conventionele HD met de kortste reactietijd, want om de 2 jaar een dure SSD vind is het voor mij niet waard
  • Hoi ik heb in mijn Dell Studio XPS ook een SSSD gehad.
    Maar alleen al het feit dat je dan altijd een extra HD moet meenemen waarop je documenten enz. staan, ben ik daarvan weer afgestapt.

    Ik zelf had daarnaast goede ervaring opgedaan met de eerst hybride notebook HD van Seagate.

    Waarom hybride: deze HD's hebben 4GB 1cellig Nandflasgeheugen erbij.
    Daarin komen opstartbestanden van de boot en veel gebruikte programma's.

    Ik heb nu de 500GB daarvan in mijn notebook en velen zijn jaloers op de snelheid van mijn Windows 7!

    Voorbeelden:

    http://www.alternate.nl/html/product/Harddisks_2,5_inch_SATA/Seagate/ST92505610AS/435412/?tn=HARDWARE&l1=Harddisks&l2=Serial-ATA&l3=2%2C5+inch


    http://www.alternate.nl/html/product/Harddisks_2,5_inch_SATA/Seagate/ST95005620AS/435416/?tn=HARDWARE&l1=Harddisks&l2=Serial-ATA&l3=2%2C5+inch

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.