Vraag & Antwoord

Beveiliging & privacy

proc + hd gebruik extreem hoog

19 antwoorden
  • Hallo, m'n laptop is onbruikbaar traag geworden doordat de HD constant bezig is en het processor gebruik rond de 80%. Na een half uur stopt het wel, maar dit heb ik toch nog nooit mee gemaakt. Ik heb 2 maanden geleden nog een nieuwe installatie gedaan van Windows 7 pro. Vorige week heb ik Google desktop search geinstalleerd en daarna is het begonnen, maar kan toeval zijn. Ik heb het intussen gedeinstalleerd. Specs: Dell Latitude E6500, P8600, 2048MB, Samsung SSD 64GB + Samsung HM640JJ Ik zal ook even een HJlogje plaatsen Wie heeft er een idee, aub ?
  • Ik ben benieuwd naar waar jouw klapkoffer last van heeft! [b:c9c3560f4c]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:c9c3560f4c] [color=#0000BF:c9c3560f4c][list:c9c3560f4c][*:c9c3560f4c]Lees alle instrukties goed door. [*:c9c3560f4c]Maak je fouten bij de uitvoering van tools tijdens de fix, kan dat serieuze problemen in Windows veroorzaken. [*:c9c3560f4c]Onthou je van het gebruik van tools cq. updates anders dan die ik jou adviseer te gebruiken. [*:c9c3560f4c]Gebruik altijd één scanner per keer, nooit meerdere tegelijk gebruiken. [*:c9c3560f4c]Hou mij op de hoogte hoe jou computer op de fix reageert - goed of slecht. [*:c9c3560f4c]De fix, eenmaal gestart, moet afgewerkt worden. Zelfs indien jij denkt dat alles in orde is, zijn er mogelijk nog steeds infecties.[/list:u:c9c3560f4c][/color:c9c3560f4c] [color=#FF0000:c9c3560f4c][b:c9c3560f4c]Stap •1•[/b:c9c3560f4c][/color:c9c3560f4c] [[b:c9c3560f4c]Welk programma[/b:c9c3560f4c]: Kaspersky [b:c9c3560f4c]TDSSKiller[/b:c9c3560f4c] [b:c9c3560f4c]Waarvoor/waarom[/b:c9c3560f4c]: Rootkitscanner [b:c9c3560f4c]Moeilijkheidsgraad[/b:c9c3560f4c]: geen [b:c9c3560f4c]Downloadlokatie[/b:c9c3560f4c]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:c9c3560f4c]Download[/b:c9c3560f4c] [b:c9c3560f4c]TDSSKiller[/b:c9c3560f4c] [url=http://support.kaspersky.com/downloads/utils/tdsskiller.zip][b:c9c3560f4c]hier[/b:c9c3560f4c][/url]. [b:c9c3560f4c]Installatie[/b:c9c3560f4c]: [list:c9c3560f4c][*:c9c3560f4c] pak het bestand uit op je bureaublad.[/list:u:c9c3560f4c] [b:c9c3560f4c]TDSSKiller gebruiken[/b:c9c3560f4c]: [list:c9c3560f4c][*:c9c3560f4c]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe. [*:c9c3560f4c]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:c9c3560f4c]Als Administrator uitvoeren[/b:c9c3560f4c]. [*:c9c3560f4c]Idien TDSSKiller met een bericht komt over een beschikbare update, dan voer je deze eerst uit.[/list:u:c9c3560f4c] [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4dc1d6438f791/4dc1d6438d897-TDSSKiller_2011-05-05_00-26-21.jpg[/img:c9c3560f4c] [list:c9c3560f4c][*:c9c3560f4c]Klik vervolgens op de knop [b:c9c3560f4c]"Start Scan"[/b:c9c3560f4c] en volg de instructies. [*:c9c3560f4c] Nadat de scan klaar is klik je op de knop [b:c9c3560f4c]"Report"[/b:c9c3560f4c]. [*:c9c3560f4c]Er opent een kladblokbestand. Post de inhoud van dit bestand. [list:c9c3560f4c][*:c9c3560f4c][b:c9c3560f4c]Herstart de pc indien TDSSKiller die optie aangeeft (Reboot now).[/b:c9c3560f4c] [*:c9c3560f4c]Wanneer het opnieuw opstarten noodzakelijk is, vind je de logfile in [b:c9c3560f4c]C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/b:c9c3560f4c][/list:u:c9c3560f4c][/list:u:c9c3560f4c] [color=#FF0000:c9c3560f4c][b:c9c3560f4c]Stap •2•[/b:c9c3560f4c][/color:c9c3560f4c] [b:c9c3560f4c]Welk programma[/b:c9c3560f4c]: "aswMBR.exe' [b:c9c3560f4c]Waarvoor/waarom[/b:c9c3560f4c]: MBR-Rootkitscanner [b:c9c3560f4c]Moeilijkheidsgraad[/b:c9c3560f4c]: geen [b:c9c3560f4c]Downloadlokatie[/b:c9c3560f4c]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen! [b:c9c3560f4c]Download[/b:c9c3560f4c] [b:c9c3560f4c]aswMBR.exe[/b:c9c3560f4c] [url=http://public.avast.com/~gmerek/aswMBR.exe][b:c9c3560f4c]hier[/b:c9c3560f4c][/url]. [b:c9c3560f4c]aswMBR.exe gebruiken[/b:c9c3560f4c]: [list:c9c3560f4c][*:c9c3560f4c]Windows 2000 en Windows XP: start "aswMBR.exe" middels dubbelklik op "aswMBR.exe". [*:c9c3560f4c]Windows Vista en Windows 7: start "aswMBR.exe" middels rechtsklik op "aswMBR.exe" en kies jij voor [b:c9c3560f4c]Als Administrator uitvoeren[/b:c9c3560f4c].[/list:u:c9c3560f4c] [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4db3f87694fe9/4db3f87693886-aswmbrscan.gif[/img:c9c3560f4c] [list:c9c3560f4c][*:c9c3560f4c] Klik nu in het zwarte scherm op de knop [b:c9c3560f4c]Scan[/b:c9c3560f4c] [*:c9c3560f4c] Als de melding "Scan finished successfully" komt, klik dan vervolgens op de knop [b:c9c3560f4c]Save log[/b:c9c3560f4c][/list:u:c9c3560f4c] [img:c9c3560f4c]http://www.imgdumper.nl/uploads4/4db3f8e71343a/4db3f8e71288d-aswmbrsavelog.gif[/img:c9c3560f4c] [list:c9c3560f4c][*:c9c3560f4c] Het makkelijkst is het, als opslaglokatie voor het log gewoon het bureaublad te kiezen. [*:c9c3560f4c] Tevens vindt je nu op het bureaublad ook het bestand [b:c9c3560f4c]MBR.dat[/b:c9c3560f4c]! [*:c9c3560f4c] [b:c9c3560f4c]MBR.dat[/b:c9c3560f4c] is een backupbestand, bewaar dat dus voorlopig. [*:c9c3560f4c] Ook op het bureaublad staat een kladbloktekst-document genaamd [b:c9c3560f4c]aswMBR.txt[/b:c9c3560f4c] [*:c9c3560f4c] Post de inhoud van [b:c9c3560f4c]aswMBR.txt[/b:c9c3560f4c] in jouw volgende bericht.[/list:u:c9c3560f4c] [color=#FF0000:c9c3560f4c][b:c9c3560f4c]Stap •3•[/b:c9c3560f4c][/color:c9c3560f4c] [b:c9c3560f4c]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:c9c3560f4c] [list:c9c3560f4c][*:c9c3560f4c] TDSSKiller-log [*:c9c3560f4c] aswMBR.txt-log [/list:u:c9c3560f4c]
  • Handig! TDSSKiller: 2011/08/31 21:08:05.0593 1456 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/31 21:08:05.0697 1456 ================================================================================ 2011/08/31 21:08:05.0697 1456 SystemInfo: 2011/08/31 21:08:05.0697 1456 2011/08/31 21:08:05.0697 1456 OS Version: 6.1.7601 ServicePack: 1.0 2011/08/31 21:08:05.0697 1456 Product type: Workstation 2011/08/31 21:08:05.0697 1456 ComputerName: DENNIS-PC 2011/08/31 21:08:05.0697 1456 UserName: dennis 2011/08/31 21:08:05.0697 1456 Windows directory: C:\Windows 2011/08/31 21:08:05.0697 1456 System windows directory: C:\Windows 2011/08/31 21:08:05.0697 1456 Processor architecture: Intel x86 2011/08/31 21:08:05.0697 1456 Number of processors: 2 2011/08/31 21:08:05.0697 1456 Page size: 0x1000 2011/08/31 21:08:05.0697 1456 Boot type: Normal boot 2011/08/31 21:08:05.0697 1456 ================================================================================ 2011/08/31 21:08:05.0912 1456 Initialize success 2011/08/31 21:08:07.0793 2976 ================================================================================ 2011/08/31 21:08:07.0793 2976 Scan started 2011/08/31 21:08:07.0793 2976 Mode: Manual; 2011/08/31 21:08:07.0793 2976 ================================================================================ 2011/08/31 21:08:08.0104 2976 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 2011/08/31 21:08:08.0127 2976 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 2011/08/31 21:08:08.0147 2976 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 2011/08/31 21:08:08.0180 2976 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/08/31 21:08:08.0209 2976 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/08/31 21:08:08.0233 2976 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/08/31 21:08:08.0267 2976 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 2011/08/31 21:08:08.0290 2976 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 2011/08/31 21:08:08.0313 2976 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/08/31 21:08:08.0337 2976 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 2011/08/31 21:08:08.0358 2976 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 2011/08/31 21:08:08.0377 2976 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 2011/08/31 21:08:08.0399 2976 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/08/31 21:08:08.0419 2976 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/08/31 21:08:08.0443 2976 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 2011/08/31 21:08:08.0465 2976 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/08/31 21:08:08.0484 2976 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 2011/08/31 21:08:08.0508 2976 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 2011/08/31 21:08:08.0545 2976 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/08/31 21:08:08.0566 2976 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/08/31 21:08:08.0587 2976 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/08/31 21:08:08.0607 2976 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 2011/08/31 21:08:08.0646 2976 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/08/31 21:08:08.0675 2976 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/08/31 21:08:08.0703 2976 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/08/31 21:08:08.0735 2976 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/08/31 21:08:08.0757 2976 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 2011/08/31 21:08:08.0777 2976 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/08/31 21:08:08.0797 2976 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/08/31 21:08:08.0816 2976 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/08/31 21:08:08.0848 2976 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/08/31 21:08:08.0863 2976 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/08/31 21:08:08.0879 2976 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/08/31 21:08:08.0910 2976 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/08/31 21:08:08.0941 2976 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/08/31 21:08:08.0957 2976 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys 2011/08/31 21:08:08.0988 2976 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/08/31 21:08:09.0004 2976 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/08/31 21:08:09.0035 2976 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/08/31 21:08:09.0050 2976 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 2011/08/31 21:08:09.0082 2976 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/08/31 21:08:09.0097 2976 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/08/31 21:08:09.0128 2976 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 2011/08/31 21:08:09.0144 2976 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/08/31 21:08:09.0191 2976 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 2011/08/31 21:08:09.0222 2976 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 2011/08/31 21:08:09.0253 2976 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/08/31 21:08:09.0269 2976 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/08/31 21:08:09.0300 2976 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/08/31 21:08:09.0331 2976 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/08/31 21:08:09.0381 2976 e1yexpress (8eef52ad831471e323ee7364a8656d35) C:\Windows\system32\DRIVERS\e1y6032.sys 2011/08/31 21:08:09.0460 2976 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/08/31 21:08:09.0543 2976 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/08/31 21:08:09.0570 2976 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 2011/08/31 21:08:09.0605 2976 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/08/31 21:08:09.0634 2976 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/08/31 21:08:09.0662 2976 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/08/31 21:08:09.0692 2976 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/08/31 21:08:09.0714 2976 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/08/31 21:08:09.0734 2976 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/08/31 21:08:09.0758 2976 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/08/31 21:08:09.0786 2976 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/08/31 21:08:09.0805 2976 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/08/31 21:08:09.0831 2976 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 2011/08/31 21:08:09.0851 2976 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/08/31 21:08:09.0880 2976 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/08/31 21:08:09.0905 2976 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 2011/08/31 21:08:09.0929 2976 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 2011/08/31 21:08:09.0948 2976 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/08/31 21:08:09.0969 2976 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/08/31 21:08:09.0989 2976 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/08/31 21:08:10.0016 2976 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys 2011/08/31 21:08:10.0048 2976 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 2011/08/31 21:08:10.0076 2976 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 2011/08/31 21:08:10.0102 2976 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 2011/08/31 21:08:10.0136 2976 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 2011/08/31 21:08:10.0160 2976 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 2011/08/31 21:08:10.0193 2976 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/08/31 21:08:10.0235 2976 INO_FLPY (4eb3cd8cd2210807ada276542eb99b06) C:\Windows\system32\Drivers\ino_flpy.sys 2011/08/31 21:08:10.0258 2976 INO_FLTR (ebfb9e788557aded04aef87247ae56dd) C:\Windows\system32\Drivers\ino_fltr.sys 2011/08/31 21:08:10.0278 2976 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 2011/08/31 21:08:10.0303 2976 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/08/31 21:08:10.0605 2976 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/08/31 21:08:10.0636 2976 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 2011/08/31 21:08:10.0652 2976 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/08/31 21:08:10.0683 2976 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/08/31 21:08:10.0699 2976 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 2011/08/31 21:08:10.0730 2976 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 2011/08/31 21:08:10.0746 2976 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 2011/08/31 21:08:10.0777 2976 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 2011/08/31 21:08:10.0792 2976 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 2011/08/31 21:08:10.0824 2976 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 2011/08/31 21:08:10.0855 2976 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/08/31 21:08:10.0886 2976 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/08/31 21:08:10.0902 2976 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/08/31 21:08:10.0936 2976 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/08/31 21:08:10.0958 2976 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/08/31 21:08:10.0980 2976 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/08/31 21:08:11.0000 2976 massfilter (59a2783aba6019bed0c843c706e10a6a) C:\Windows\system32\drivers\massfilter.sys 2011/08/31 21:08:11.0022 2976 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\Windows\system32\drivers\mbam.sys 2011/08/31 21:08:11.0050 2976 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/08/31 21:08:11.0074 2976 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/08/31 21:08:11.0102 2976 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/08/31 21:08:11.0122 2976 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/08/31 21:08:11.0144 2976 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/08/31 21:08:11.0166 2976 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/08/31 21:08:11.0187 2976 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 2011/08/31 21:08:11.0211 2976 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 2011/08/31 21:08:11.0234 2976 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/08/31 21:08:11.0263 2976 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 2011/08/31 21:08:11.0284 2976 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/08/31 21:08:11.0313 2976 mrxsmb10 (a70c828a93cce4c11617f6249f4d87fc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/08/31 21:08:11.0343 2976 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/08/31 21:08:11.0372 2976 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 2011/08/31 21:08:11.0401 2976 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 2011/08/31 21:08:11.0439 2976 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/08/31 21:08:11.0464 2976 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/08/31 21:08:11.0487 2976 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 2011/08/31 21:08:11.0525 2976 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/08/31 21:08:11.0552 2976 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/08/31 21:08:11.0579 2976 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/08/31 21:08:11.0608 2976 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/08/31 21:08:11.0643 2976 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 2011/08/31 21:08:11.0683 2976 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/08/31 21:08:11.0709 2976 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/08/31 21:08:11.0736 2976 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/08/31 21:08:11.0773 2976 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/08/31 21:08:11.0813 2976 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 2011/08/31 21:08:11.0856 2976 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/08/31 21:08:11.0884 2976 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/08/31 21:08:11.0911 2976 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/08/31 21:08:11.0930 2976 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/08/31 21:08:11.0961 2976 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 2011/08/31 21:08:12.0008 2976 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/08/31 21:08:12.0039 2976 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 2011/08/31 21:08:12.0148 2976 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys 2011/08/31 21:08:12.0257 2976 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/08/31 21:08:12.0289 2976 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/08/31 21:08:12.0320 2976 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/08/31 21:08:12.0661 2976 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 2011/08/31 21:08:12.0706 2976 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/08/31 21:08:12.0908 2976 nvlddmkm (8fe5350fa6a9f0b6633aee811c468954) C:\Windows\system32\DRIVERS\nvlddmkm.sys 2011/08/31 21:08:13.0087 2976 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 2011/08/31 21:08:13.0108 2976 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 2011/08/31 21:08:13.0133 2976 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 2011/08/31 21:08:13.0156 2976 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 2011/08/31 21:08:13.0194 2976 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/08/31 21:08:13.0215 2976 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 2011/08/31 21:08:13.0234 2976 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/08/31 21:08:13.0263 2976 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 2011/08/31 21:08:13.0284 2976 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 2011/08/31 21:08:13.0306 2976 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/08/31 21:08:13.0331 2976 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/08/31 21:08:13.0360 2976 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/08/31 21:08:13.0444 2976 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/08/31 21:08:13.0465 2976 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/08/31 21:08:13.0483 2976 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/08/31 21:08:13.0530 2976 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/08/31 21:08:13.0577 2976 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/08/31 21:08:13.0593 2976 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/08/31 21:08:13.0608 2976 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/08/31 21:08:13.0639 2976 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/08/31 21:08:13.0671 2976 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/08/31 21:08:13.0702 2976 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/08/31 21:08:13.0717 2976 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/08/31 21:08:13.0733 2976 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 2011/08/31 21:08:13.0764 2976 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/08/31 21:08:13.0780 2976 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/08/31 21:08:13.0811 2976 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 2011/08/31 21:08:13.0827 2976 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/08/31 21:08:13.0842 2976 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/08/31 21:08:13.0873 2976 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 2011/08/31 21:08:13.0905 2976 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 2011/08/31 21:08:13.0936 2976 RsFx0103 (fd692c6ffade58f7c4c3c3c9a0ec35bd) C:\Windows\system32\DRIVERS\RsFx0103.sys 2011/08/31 21:08:13.0967 2976 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/08/31 21:08:13.0983 2976 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 2011/08/31 21:08:14.0014 2976 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 2011/08/31 21:08:14.0029 2976 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 2011/08/31 21:08:14.0069 2976 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 2011/08/31 21:08:14.0093 2976 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/08/31 21:08:14.0126 2976 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/08/31 21:08:14.0148 2976 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/08/31 21:08:14.0168 2976 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/08/31 21:08:14.0205 2976 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 2011/08/31 21:08:14.0225 2976 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 2011/08/31 21:08:14.0246 2976 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 2011/08/31 21:08:14.0267 2976 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/08/31 21:08:14.0297 2976 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 2011/08/31 21:08:14.0320 2976 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/08/31 21:08:14.0341 2976 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/08/31 21:08:14.0363 2976 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/08/31 21:08:14.0394 2976 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/08/31 21:08:14.0444 2976 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 2011/08/31 21:08:14.0472 2976 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 2011/08/31 21:08:14.0496 2976 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 2011/08/31 21:08:14.0524 2976 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/08/31 21:08:14.0550 2976 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 2011/08/31 21:08:14.0574 2976 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 2011/08/31 21:08:14.0594 2976 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 2011/08/31 21:08:14.0658 2976 Tcpip (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\drivers\tcpip.sys 2011/08/31 21:08:14.0719 2976 TCPIP6 (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\DRIVERS\tcpip.sys 2011/08/31 21:08:14.0748 2976 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/08/31 21:08:14.0773 2976 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 2011/08/31 21:08:14.0793 2976 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 2011/08/31 21:08:14.0815 2976 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 2011/08/31 21:08:14.0835 2976 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 2011/08/31 21:08:14.0880 2976 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/08/31 21:08:14.0902 2976 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 2011/08/31 21:08:14.0925 2976 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 2011/08/31 21:08:14.0946 2976 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/08/31 21:08:14.0971 2976 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 2011/08/31 21:08:15.0009 2976 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 2011/08/31 21:08:15.0030 2976 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys 2011/08/31 21:08:15.0037 2976 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/08/31 21:08:15.0068 2976 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/08/31 21:08:15.0100 2976 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 2011/08/31 21:08:15.0115 2976 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/08/31 21:08:15.0146 2976 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 2011/08/31 21:08:15.0162 2976 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 2011/08/31 21:08:15.0178 2976 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/08/31 21:08:15.0209 2976 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/08/31 21:08:15.0224 2976 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/08/31 21:08:15.0256 2976 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 2011/08/31 21:08:15.0271 2976 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/08/31 21:08:15.0302 2976 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/08/31 21:08:15.0318 2976 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 2011/08/31 21:08:15.0334 2976 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 2011/08/31 21:08:15.0365 2976 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/08/31 21:08:15.0380 2976 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 2011/08/31 21:08:15.0412 2976 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 2011/08/31 21:08:15.0427 2976 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 2011/08/31 21:08:15.0443 2976 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 2011/08/31 21:08:15.0474 2976 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/08/31 21:08:15.0505 2976 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 2011/08/31 21:08:15.0521 2976 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/08/31 21:08:15.0552 2976 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 2011/08/31 21:08:15.0583 2976 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/08/31 21:08:15.0607 2976 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 21:08:15.0620 2976 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/08/31 21:08:15.0661 2976 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/08/31 21:08:15.0689 2976 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/08/31 21:08:15.0738 2976 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/08/31 21:08:15.0760 2976 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/08/31 21:08:15.0808 2976 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.sys 2011/08/31 21:08:15.0833 2976 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 2011/08/31 21:08:15.0875 2976 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/08/31 21:08:15.0914 2976 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 2011/08/31 21:08:15.0938 2976 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/08/31 21:08:15.0970 2976 ZTEusbmdm6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys 2011/08/31 21:08:15.0992 2976 ZTEusbnmea (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys 2011/08/31 21:08:16.0013 2976 ZTEusbser6k (3862318f85be7a91957ada5e814ed58c) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys 2011/08/31 21:08:16.0033 2976 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/08/31 21:08:16.0046 2976 Boot (0x1200) (d0645cf7d61ee834aee289cad856219c) \Device\Harddisk0\DR0\Partition0 2011/08/31 21:08:16.0059 2976 Boot (0x1200) (710f84d076ce877a058ed43430ce3b30) \Device\Harddisk0\DR0\Partition1 2011/08/31 21:08:16.0067 2976 ================================================================================ 2011/08/31 21:08:16.0067 2976 Scan finished 2011/08/31 21:08:16.0067 2976 ================================================================================ 2011/08/31 21:08:16.0077 3980 Detected object count: 0 2011/08/31 21:08:16.0077 3980 Actual detected object count: 0 2011/08/31 21:10:25.0660 3272 Deinitialize success aswMBR: aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software Run date: 2011-08-31 21:12:49 ----------------------------- 21:12:49.919 OS Version: Windows 6.1.7601 Service Pack 1 21:12:49.919 Number of processors: 2 586 0x170A 21:12:49.920 ComputerName: DENNIS-PC UserName: dennis 21:12:50.175 Initialize success 21:13:54.051 AVAST engine defs: 11083101 21:14:13.904 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 21:14:13.910 Disk 0 Vendor: SAMSUNG_SSD_RBX_Series_64GB_M VAM05D1Q Size: 61057MB BusType: 11 21:14:15.919 Disk 0 MBR read successfully 21:14:15.919 Disk 0 MBR scan 21:14:15.935 Disk 0 Windows 7 default MBR code 21:14:15.951 Disk 0 scanning sectors +125042688 21:14:15.982 Disk 0 scanning C:\Windows\system32\drivers 21:14:36.778 Service scanning 21:14:38.189 Modules scanning 21:14:39.908 Disk 0 trace - called modules: 21:14:39.915 21:14:43.999 AVAST engine scan C:\Windows 21:14:45.103 AVAST engine scan C:\Windows\system32 21:16:12.710 AVAST engine scan C:\Windows\system32\drivers 21:16:20.027 AVAST engine scan C:\Users\dennis.WERBRI 21:16:41.456 AVAST engine scan C:\ProgramData 21:16:48.400 Scan finished successfully 21:18:38.912 Disk 0 MBR has been saved successfully to "C:\Users\dennis.WERBRI\Desktop\MBR.dat" 21:18:38.912 The log file has been saved successfully to "C:\Users\dennis.WERBRI\Desktop\aswMBR.txt" aub!
  • Mooi geen rootkit en een gezonde MBR. [color=#FF0000:6f42bc316d][b:6f42bc316d]Stap •1•[/b:6f42bc316d][/color:6f42bc316d] [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Trend Micro [b:6f42bc316d]Hijack This Versie 2.0.4[/b:6f42bc316d] [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: maakt een duidelijk overzicht van Windows door middel van een scan. [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen, enkel Vista- en Win 7 gebruikers dienen even extra aandacht te geven. [b:6f42bc316d]Download[/b:6f42bc316d] de [url=http://www.trendmicro.com/ftp/products/hijackthis/HiJackThis.msi][b:6f42bc316d]HijackThis Installer[/b:6f42bc316d][/url] [b:6f42bc316d]Installatie[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d]Installeer HijackThis op de aangegeven lokatie - daarmee wordt voorkomen dat eventuele back-ups niet terugvindbaar zijn![/list:u:6f42bc316d] Gebruikers van [b:6f42bc316d]Windows Vista[/b:6f42bc316d] en [b:6f42bc316d]Windows 7[/b:6f42bc316d] gaan daarna naar de installatielokatie van HijackThis. [list:6f42bc316d][*:6f42bc316d]Vervolgens met rechts "hijackthis.exe" aanklikken en dan "Eigenschappen" kiezen. [*:6f42bc316d]Klik nu op de tab "Comptabiliteit" en zet dan een vinkje bij "Als Administrator uitvoeren". [*:6f42bc316d]Als laatste wordt dan nog op [b:6f42bc316d]Toepassen[/b:6f42bc316d] en [b:6f42bc316d]OK[/b:6f42bc316d] geklikt[/list:u:6f42bc316d] [b:6f42bc316d]Hijack This gebruiken[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d]Sluit eerst alle openstaande programma's en de webbrowsers. [*:6f42bc316d]Start nu 'Hijack This' en klik vervolgens op de knop 'Do a system scan and save a logfile' [list:6f42bc316d][*:6f42bc316d]Start HijackThis op met het scanvenster, klik dan eerst op de knop 'Main Menu'[/list:u:6f42bc316d] [*:6f42bc316d]Sluit nu alle openstaande vensters en start vervolgens 'HijackThis' en kies voor 'Do a system scan and save a logfile'. [*:6f42bc316d]Ga naar [url=http://ncf.ddrmmr.nl/hjt.html]DDRMMR's kleurcodeerder (Klik)[/url] [*:6f42bc316d]Kopieer en plak de inhoud van het Hijack This-logfile in het webvenster en klik op de knop 'Converteer'. [*:6f42bc316d]Kopieer en plak de inhoud van de kleurcodeerder in je aansluitende bericht. [*:6f42bc316d]Hierna mag je Hijack This weer sluiten[/list:u:6f42bc316d] [color=#FF0000:6f42bc316d][b:6f42bc316d]Stap •2•[/b:6f42bc316d][/color:6f42bc316d] [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Microsoft Safety Scanner [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: specialistische scanner van Microsoft om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen. [quote:6f42bc316d]Opmerking: Microsoft Safety Scanner verloopt 10 dagen nadat het is gedownload. Als u opnieuw een scan wilt uitvoeren met de nieuwste definities ter voorkoming van schadelijke software, downloadt u Microsoft Safety Scanner opnieuw en voert u het opnieuw uit.[/quote:6f42bc316d] Dowload de [b:6f42bc316d]Microsoft Safety Scanner [/b:6f42bc316d][url=http://www.microsoft.com/security/scanner/nl-nl/default.aspx]hier[/url]. Windows 2000 en Windows XP: start Microsoft's Safety Scanner middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start Microsoft's Safety Scanner middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. Zet vervolgens een vinkje bij "Ik accepteer de voorwaarden van de bovenstaande gebruiksovereenkomst". [b:6f42bc316d]Scannen[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d] Bij het starten van 'Microsoft's Safety Scanner', klik op de knop "Volgende", vervolgens kies je voor 'Snelle Scan'. [*:6f42bc316d]Het scannen duurt wel even, dus wees geduldig.[/list:u:6f42bc316d] [color=#FF0000:6f42bc316d][b:6f42bc316d]Stap •3•[/b:6f42bc316d][/color:6f42bc316d] [b:6f42bc316d]Welk programma[/b:6f42bc316d]: Malwarebytes MBAM [b:6f42bc316d]Waarvoor/waarom[/b:6f42bc316d]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:6f42bc316d]Moeilijkheidsgraad[/b:6f42bc316d]: geen. [b:6f42bc316d]Download Malwarebytes MBAM via één van deze locaties[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d][url=http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?][b:6f42bc316d]Download.com[/b:6f42bc316d][/url] [*:6f42bc316d][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:6f42bc316d]Softpedia.com[/b:6f42bc316d][/url][*:6f42bc316d][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:6f42bc316d]Majorgeeks.com[/b:6f42bc316d][/url][/list:u:6f42bc316d] [b:6f42bc316d]Allereerst[/b:6f42bc316d]:[list:6f42bc316d][*:6f42bc316d] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:6f42bc316d] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'! [/list:u:6f42bc316d] [b:6f42bc316d]Malwarebytes MBAM opstarten[/b:6f42bc316d]: Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling. Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren. [list:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Let op:[/b:6f42bc316d] [list:6f42bc316d][*:6f42bc316d]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:6f42bc316d]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie. [*:6f42bc316d]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:6f42bc316d]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:6f42bc316d][/list:u:6f42bc316d] [img:6f42bc316d]http://img30.imageshack.us/img30/3928/mbam2.png[/img:6f42bc316d] [list:6f42bc316d][*:6f42bc316d][b:6f42bc316d]Doe ook nog het volgende:[/b:6f42bc316d] [list:6f42bc316d][*:6f42bc316d]Zodra het programma gestart is, ga dan naar het tabblad "[b:6f42bc316d]Instellingen[/b:6f42bc316d]". [*:6f42bc316d]Vink hier aan: "[b:6f42bc316d]Sluit Internet Explorer tijdens verwijdering van malware[/b:6f42bc316d]".[/list:u:6f42bc316d][/list:u:6f42bc316d] [b:6f42bc316d]Scannen[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:6f42bc316d]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:6f42bc316d]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:6f42bc316d] [b:6f42bc316d]Infecties gevonden[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d]Klik nu eerst op OK om de melding weg te klikken [*:6f42bc316d]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:6f42bc316d]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:6f42bc316d]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:6f42bc316d]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:6f42bc316d]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:6f42bc316d] [b:6f42bc316d]MBAM-Log[/b:6f42bc316d]: [list:6f42bc316d][*:6f42bc316d] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:6f42bc316d] [b:6f42bc316d]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:6f42bc316d] [color=#FF0000:6f42bc316d][b:6f42bc316d]Stap •4•[/b:6f42bc316d][/color:6f42bc316d] [b:6f42bc316d]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:6f42bc316d] [list:6f42bc316d][*:6f42bc316d] een nieuw Hijackthis-log [*:6f42bc316d] MBAM scanlog[/list:u:6f42bc316d] Tevens een Uninstall-lijst posten: [list:6f42bc316d][*:6f42bc316d] start HijackThis, [*:6f42bc316d] klik op de knop Open the Misc Tools section, [*:6f42bc316d] klik op de knop Open Uninstall Manager, [*:6f42bc316d] Klik op de knop Save.[/list:u:6f42bc316d]
  • HJTlog: [hjt] Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:19:58, on 31-8-2011 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.17514) Boot mode: Normal [b:4a186f35d2]Running processes:[/b:4a186f35d2] [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]taskhost.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]dwm.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\windows\[/color:4a186f35d2][color=blue:4a186f35d2]explorer.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]rundll32.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\microsoft office\office12\[/color:4a186f35d2][color=blue:4a186f35d2]groovemonitor.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2][color=blue:4a186f35d2]mbamgui.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\ca\etrustitm\[/color:4a186f35d2][color=blue:4a186f35d2]realmon.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\common files\spigot\search settings\[/color:4a186f35d2][color=blue:4a186f35d2]searchsettings.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\mobile partner manager\[/color:4a186f35d2][color=blue:4a186f35d2]uiexec.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\google\google desktop search\[/color:4a186f35d2][color=blue:4a186f35d2]googledesktop.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\users\dennis.werbri\appdata\local\google\update\[/color:4a186f35d2][color=blue:4a186f35d2]googleupdate.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\google\google desktop search\[/color:4a186f35d2][color=blue:4a186f35d2]googledesktop.exe[/color:4a186f35d2] [color=teal:4a186f35d2]c:\program files\trend micro\hijackthis\[/color:4a186f35d2][color=blue:4a186f35d2]hijackthis.exe[/color:4a186f35d2] [color=silver:4a186f35d2]r1 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],default_page_url = [u:4a186f35d2][noparse]http://companyweb[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r1 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],search page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r0 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\software\microsoft\internet explorer\main[/color:4a186f35d2],start page = [u:4a186f35d2][noparse]http://companyweb[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r1 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],default_page_url = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r1 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],default_search_url = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r1 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],search page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r0 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\main[/color:4a186f35d2],start page = [u:4a186f35d2][noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse][/u:4a186f35d2] [color=silver:4a186f35d2]r0 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\search[/color:4a186f35d2],searchassistant = [color=silver:4a186f35d2]r0 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\microsoft\internet explorer\search[/color:4a186f35d2],customizesearch = [color=silver:4a186f35d2]r0 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\software\microsoft\internet explorer\toolbar[/color:4a186f35d2],linksfoldername = [color=silver:4a186f35d2]r3 -[/color:4a186f35d2] [color=brown:4a186f35d2]urlsearchhook[/color:4a186f35d2]: pdfforge toolbar - [color=orange:4a186f35d2]{b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2][color=blue:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: acroiehelperstub - [color=orange:4a186f35d2]{18df081c-e8ad-4283-a596-fa578c2ebdc3}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\common files\adobe\acrobat\activex\[/color:4a186f35d2][color=blue:4a186f35d2]acroiehelpershim.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: (no name) - [color=orange:4a186f35d2]{5c255c8a-e604-49b4-9d64-90988571cecb}[/color:4a186f35d2] - (no file) [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: groove gfs browser helper - [color=orange:4a186f35d2]{72853161-30c5-4d22-b7f9-0bbc1d38a37e}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\microsoft office\office12\[/color:4a186f35d2][color=blue:4a186f35d2]grooveshellextensions.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: windows live aanmelden - help - [color=orange:4a186f35d2]{9030d464-4c02-4abf-8ecc-5164760863c6}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\common files\microsoft shared\windows live\[/color:4a186f35d2][color=blue:4a186f35d2]windowslivelogin.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: pdfforge toolbar - [color=orange:4a186f35d2]{b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2][color=blue:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o2 -[/color:4a186f35d2] [color=brown:4a186f35d2]bho[/color:4a186f35d2]: java(tm) plug-in 2 ssv helper - [color=orange:4a186f35d2]{dbc80044-a445-435b-bc74-9c25c1c588a9}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\java\jre6\bin\[/color:4a186f35d2][color=blue:4a186f35d2]jp2ssv.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o3 -[/color:4a186f35d2] [color=brown:4a186f35d2]toolbar[/color:4a186f35d2]: pdfforge toolbar - [color=orange:4a186f35d2]{b922d405-6d13-4a2b-ae89-08a030da4402}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\pdfforge toolbar\ie\4.5\[/color:4a186f35d2][color=blue:4a186f35d2]pdfforgetoolbarie.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nwiz][/b:4a186f35d2] nwiz.exe /install [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nvcpldaemon][/b:4a186f35d2] rundll32.exe [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]nvcpl.dll[/color:4a186f35d2],nvstartup [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][nvhotkey][/b:4a186f35d2] rundll32.exe [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]nvhotkey.dll[/color:4a186f35d2],start [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][groovemonitor][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\microsoft office\office12\[/color:4a186f35d2][color=blue:4a186f35d2]groovemonitor.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][malwarebytes' anti-malware][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2][color=blue:4a186f35d2]mbamgui.exe[/color:4a186f35d2] /starttray [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][realtime monitor][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\ca\etrustitm\[/color:4a186f35d2][color=blue:4a186f35d2]realmon.exe[/color:4a186f35d2] -s [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][adobe arm][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\common files\adobe\arm\1.0\[/color:4a186f35d2][color=blue:4a186f35d2]adobearm.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][searchsettings][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\common files\spigot\search settings\[/color:4a186f35d2][color=blue:4a186f35d2]searchsettings.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][uiexec][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\mobile partner manager\[/color:4a186f35d2][color=blue:4a186f35d2]uiexec.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\..\run[/color:4a186f35d2]: [b:4a186f35d2][google desktop search][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\google\google desktop search\[/color:4a186f35d2][color=blue:4a186f35d2]googledesktop.exe[/color:4a186f35d2] /startup [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\..\run[/color:4a186f35d2]: [b:4a186f35d2][google update][/b:4a186f35d2] [color=teal:4a186f35d2]c:\users\dennis.werbri\appdata\local\google\update\[/color:4a186f35d2][color=blue:4a186f35d2]googleupdate.exe[/color:4a186f35d2] /c [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkcu\..\run[/color:4a186f35d2]: [b:4a186f35d2][msnmsgr][/b:4a186f35d2] [color=teal:4a186f35d2]c:\program files\windows live\messenger\[/color:4a186f35d2][color=blue:4a186f35d2]msnmsgr.exe[/color:4a186f35d2] /background [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkus\s-1-5-19\..\run[/color:4a186f35d2]: [b:4a186f35d2][sidebar][/b:4a186f35d2] [color=teal:4a186f35d2]%programfiles%\windows sidebar\[/color:4a186f35d2][color=blue:4a186f35d2]sidebar.exe[/color:4a186f35d2] /autorun (user 'local service') [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkus\s-1-5-19\..\runonce[/color:4a186f35d2]: [b:4a186f35d2][mctadmin][/b:4a186f35d2] [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]mctadmin.exe[/color:4a186f35d2] (user 'local service') [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkus\s-1-5-20\..\run[/color:4a186f35d2]: [b:4a186f35d2][sidebar][/b:4a186f35d2] [color=teal:4a186f35d2]%programfiles%\windows sidebar\[/color:4a186f35d2][color=blue:4a186f35d2]sidebar.exe[/color:4a186f35d2] /autorun (user 'network service') [color=silver:4a186f35d2]o4 -[/color:4a186f35d2] [color=brown:4a186f35d2]hkus\s-1-5-20\..\runonce[/color:4a186f35d2]: [b:4a186f35d2][mctadmin][/b:4a186f35d2] [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]mctadmin.exe[/color:4a186f35d2] (user 'network service') [color=silver:4a186f35d2]o8 -[/color:4a186f35d2] [color=brown:4a186f35d2]extra context menu item[/color:4a186f35d2]: e&xporteren naar microsoft excel - res://[color=teal:4a186f35d2]c:\progra~1\micros~1\office12\[/color:4a186f35d2][color=blue:4a186f35d2]excel.exe[/color:4a186f35d2]/3000 [color=silver:4a186f35d2]o9 -[/color:4a186f35d2] [color=brown:4a186f35d2]extra button[/color:4a186f35d2]: verzenden naar onenote - [color=orange:4a186f35d2]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\progra~1\micros~1\office12\[/color:4a186f35d2][color=blue:4a186f35d2]onbttnie.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o9 -[/color:4a186f35d2] [color=brown:4a186f35d2]extra 'tools' menuitem[/color:4a186f35d2]: verz&enden naar onenote - [color=orange:4a186f35d2]{2670000a-7350-4f3c-8081-5663ee0c6c49}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\progra~1\micros~1\office12\[/color:4a186f35d2][color=blue:4a186f35d2]onbttnie.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o9 -[/color:4a186f35d2] [color=brown:4a186f35d2]extra button[/color:4a186f35d2]: research - [color=orange:4a186f35d2]{92780b25-18cc-41c8-b9be-3c9c571a8263}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\progra~1\micros~1\office12\[/color:4a186f35d2][color=blue:4a186f35d2]refiebar.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o17 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\system\ccs\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local [color=silver:4a186f35d2]o17 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\software\..\telephony[/color:4a186f35d2]: domainname = werbri.local [color=silver:4a186f35d2]o17 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\system\cs1\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local [color=silver:4a186f35d2]o17 -[/color:4a186f35d2] [color=brown:4a186f35d2]hklm\system\cs2\services\tcpip\parameters[/color:4a186f35d2]: domain = werbri.local [color=silver:4a186f35d2]o18 -[/color:4a186f35d2] [color=brown:4a186f35d2]protocol[/color:4a186f35d2]: groovelocalgws - [color=orange:4a186f35d2]{88fed34c-f0ca-4636-a375-3cb6248b04cd}[/color:4a186f35d2] - [color=teal:4a186f35d2]c:\program files\microsoft office\office12\[/color:4a186f35d2][color=blue:4a186f35d2]groovesystemservices.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o20 -[/color:4a186f35d2] [color=brown:4a186f35d2]appinit_dlls[/color:4a186f35d2]: [color=teal:4a186f35d2]c:\progra~1\google\google~1\[/color:4a186f35d2][color=blue:4a186f35d2]go36f4~1.dll[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: adobe acrobat update service (adobearmservice) - adobe systems incorporated - [color=teal:4a186f35d2]c:\program files\common files\adobe\arm\1.0\[/color:4a186f35d2][color=blue:4a186f35d2]armsvc.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: application updater - spigot, inc. - [color=teal:4a186f35d2]c:\program files\application updater\[/color:4a186f35d2][color=blue:4a186f35d2]applicationupdater.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: google desktop manager 5.9.1005.12335 (googledesktopmanager-051210-111108) - google - [color=teal:4a186f35d2]c:\program files\google\google desktop search\[/color:4a186f35d2][color=blue:4a186f35d2]googledesktop.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: itechnology igateway 4.2 (igateway) - ca, inc. - [color=teal:4a186f35d2]c:\program files\ca\sharedcomponents\itechnology\[/color:4a186f35d2][color=blue:4a186f35d2]igateway.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: etrust itm rpc service (inorpc) - ca - [color=teal:4a186f35d2]c:\program files\ca\etrustitm\[/color:4a186f35d2][color=blue:4a186f35d2]inorpc.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: etrust antivirus realtime service (inort) - ca - [color=teal:4a186f35d2]c:\program files\ca\etrustitm\[/color:4a186f35d2][color=blue:4a186f35d2]inort.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: etrust itm job service (inotask) - ca - [color=teal:4a186f35d2]c:\program files\ca\etrustitm\[/color:4a186f35d2][color=blue:4a186f35d2]inotask.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: ca pest patrol realtime protection service (itmrtsvc) - ca, inc. - [color=teal:4a186f35d2]c:\program files\ca\sharedcomponents\pprealtime\bin\[/color:4a186f35d2][color=blue:4a186f35d2]itmrtsvc.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: mbamservice - malwarebytes corporation - [color=teal:4a186f35d2]c:\program files\malwarebytes' anti-malware\[/color:4a186f35d2][color=blue:4a186f35d2]mbamservice.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: nvidia display driver service (nvsvc) - nvidia corporation - [color=teal:4a186f35d2]c:\windows\system32\[/color:4a186f35d2][color=blue:4a186f35d2]nvvsvc.exe[/color:4a186f35d2] [color=silver:4a186f35d2]o23 -[/color:4a186f35d2] [color=brown:4a186f35d2]service[/color:4a186f35d2]: ui assistant service - unknown owner - [color=teal:4a186f35d2]c:\program files\mobile partner manager\[/color:4a186f35d2][color=blue:4a186f35d2]assistantservices.exe[/color:4a186f35d2] -- end of file - 6821 bytes [/hjt] MBAM Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7623 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 1-9-2011 9:25:30 mbam-log-2011-09-01 (09-25-30).txt Scan type: Quick scan Objects scanned: 172725 Time elapsed: 2 minute(s), 29 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  • Hoi, je hebt spyware vermomd als zoeksoftware in je PC! Daardoor ratelt de HD ook zo. Hoe oud is deze HD eigenlijk al? [color=#FF0000:3ddb6cd6b8][b:3ddb6cd6b8]Stap •1•[/b:3ddb6cd6b8][/color:3ddb6cd6b8] Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:3ddb6cd6b8]Fix checked[/b:3ddb6cd6b8] klikt! Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:3ddb6cd6b8]Do a Scan only, r3 - urlsearchhook: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll o2 - bho: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll o3 - toolbar: pdfforge toolbar - {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.5\pdfforgetoolbarie.dll o4 - hklm\..\run: [searchsettings] c:\program files\common files\spigot\search settings\searchsettings.exe o20 - appinit_dlls: c:\progra~1\google\google~1\go36f4~1.dll[/b:3ddb6cd6b8] [list:3ddb6cd6b8][*:3ddb6cd6b8] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen [*:3ddb6cd6b8] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:3ddb6cd6b8]Fix checked[/b:3ddb6cd6b8] [*:3ddb6cd6b8] Klik hierna HijackThis op uit.[/list:u:3ddb6cd6b8] [b:3ddb6cd6b8] Start de computer na de fix opnieuw op[/b:3ddb6cd6b8] [color=#FF0000:3ddb6cd6b8][b:3ddb6cd6b8]Stap •2•[/b:3ddb6cd6b8][/color:3ddb6cd6b8] [b:3ddb6cd6b8]Download ComboFix via één van deze locaties[/b:3ddb6cd6b8]: [list:3ddb6cd6b8][*:3ddb6cd6b8][url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:3ddb6cd6b8]Bleepingcomputer[/b:3ddb6cd6b8][/url] [*:3ddb6cd6b8][url=http://www.forospyware.com/sUBs/ComboFix.exe][b:3ddb6cd6b8]ForoSpyware[/b:3ddb6cd6b8][/url] [*:3ddb6cd6b8][url=http://subs.geekstogo.com/ComboFix.exe][b:3ddb6cd6b8]Geekstogo[/b:3ddb6cd6b8][/url][/list:u:3ddb6cd6b8] N.B.: ComboFix.exe absoluut op het bureaublad plaatsen! Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:3ddb6cd6b8]Kladblok[/b:3ddb6cd6b8]". Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster [b:3ddb6cd6b8][color=Blue:3ddb6cd6b8]Folder:: c:\program files\common files\spigot[/color:3ddb6cd6b8][/COLOR][/b:3ddb6cd6b8] Sla dit kladblokbestand op je bureaublad op als [b:3ddb6cd6b8]CFScript.txt[/b:3ddb6cd6b8]. [b:3ddb6cd6b8][color=Red:3ddb6cd6b8]Nu eerst de antivirus deaktiveren![/color:3ddb6cd6b8][/b:3ddb6cd6b8] Sleep CFScript.txt in ComboFix.exe [img:3ddb6cd6b8]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/img:3ddb6cd6b8] Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt. Post het Combofix log dat na het opnieuw starten wordt getoond!
  • De Samsung SSD is van juni 2009 De regels die ik moet verwijderen met HJT waren vreemd genoeg al weg Vanavond ga ik aan de slag met combofix bedankt alvast!
  • Hoe gezond is die SSD nog?
  • Wil het lukken?
  • Samsung SSD RBX series 64GB Health: 95% Performance: 100% Total working time: 162 dagen, 10 uur ComboFix 11-09-02.04 - Dennis 03-09-2011 12:06:04.3.2 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1043.18.2036.1219 [GMT 2:00] Gestart vanuit: c:\users\dennis.WERBRI\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\dennis.WERBRI\Desktop\CFScript.txt.txt AV: eTrust ITM *Disabled/Updated* {57B5C44D-AAB5-DBC9-741B-542BE5A132EA} SP: eTrust ITM *Disabled/Updated* {ECD425A9-8C8F-D447-4EAB-6F599E267857} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2011-08-03 to 2011-09-03 )))))))))))))))))))))))))))))) . . 2011-09-03 10:10 . 2011-09-03 10:10 -------- d-----w- c:\users\Dennis\AppData\Local\temp 2011-09-03 10:10 . 2011-09-03 10:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-09-01 15:33 . 2011-09-01 15:33 -------- d-----w- c:\program files\7-Zip 2011-08-31 14:44 . 2011-08-31 14:44 388096 ----a-r- c:\users\dennis.WERBRI\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-08-31 14:44 . 2011-08-31 14:44 -------- d-----w- c:\program files\Trend Micro 2011-08-24 12:11 . 2011-08-31 20:52 -------- d-----w- c:\program files\Google 2011-08-24 11:22 . 2010-05-01 15:54 302080 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp104.dll 2011-08-23 12:04 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3608486-C6FB-4CCF-A83B-E98D501AA433}\mpengine.dll 2011-08-19 09:38 . 2011-08-19 09:41 -------- d-----w- c:\users\dennis.WERBRI\AppData\Roaming\Daoisoft 2011-08-19 09:38 . 2011-08-31 20:59 -------- d-----w- c:\program files\7Tweak 2011-08-11 14:03 . 2011-09-03 09:55 -------- d-----w- c:\users\dennis.WERBRI\Tracing 2011-08-10 15:03 . 2010-07-16 07:50 136544 ----a-w- c:\windows\system32\GPEapSim.dll 2011-08-10 15:02 . 2010-01-18 09:20 9216 ----a-w- c:\windows\system32\drivers\massfilter.sys 2011-08-10 15:02 . 2010-01-18 09:20 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys 2011-08-10 15:02 . 2010-01-18 09:20 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys 2011-08-10 15:02 . 2010-01-18 09:20 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys 2011-08-10 15:02 . 2009-11-09 07:51 13824 ----a-w- c:\windows\system32\drivers\ZTEusbccid.sys 2011-08-10 15:02 . 2011-08-31 14:52 -------- d-----w- c:\windows\system32\SupportAppCB 2011-08-10 15:02 . 2011-08-31 14:50 -------- d-----w- c:\program files\Mobile Partner Manager 2011-08-08 11:42 . 2004-03-08 23:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX 2011-08-08 11:42 . 2001-10-28 15:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll 2011-08-08 11:42 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX 2011-08-08 11:42 . 2011-08-31 14:50 -------- d-----w- c:\program files\PDFCreator 2011-08-08 11:42 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL 2011-08-08 08:16 . 2011-08-26 13:59 -------- d-----w- C:\ASMMobileDoc 2011-08-07 21:02 . 2009-12-19 09:18 2395648 ----a-w- c:\windows\system32\SYNSOEMU.DLL 2011-08-07 20:59 . 2011-08-07 20:59 -------- d-----w- c:\program files\Steinberg 2011-08-04 14:38 . 2011-08-04 14:38 -------- d-----w- c:\users\dennis.WERBRI\AppData\Local\Adobe 2011-08-04 14:36 . 2011-08-04 14:37 -------- d-----w- c:\program files\Common Files\Adobe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-03 08:10 . 2011-08-03 08:10 411368 ----a-w- c:\windows\system32\deploytk.dll 2011-08-02 11:14 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-07-06 17:52 . 2011-08-01 12:41 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-06 17:52 . 2011-08-01 12:41 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-11 02:29 . 2011-08-01 08:34 2334208 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="nwiz.exe" [2009-06-10 1657376] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-16 13793824] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-16 92704] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Realtime Monitor"="c:\program files\CA\eTrustITM\realmon.exe" [2008-02-08 407368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "UIExec"="c:\program files\Mobile Partner Manager\UIExec.exe" [2010-07-16 138584] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . R3 acpials;ALS-sensorfilter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680] R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-18 9216] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-01 1343400] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-08-15 47128] R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-03-03 370024] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640] S2 UI Assistant Service;UI Assistant Service;c:\program files\Mobile Partner Manager\AssistantServices.exe [2010-07-16 252784] S3 e1yexpress;Stuurprogramma voor Intel(R) Gigabit-netwerkverbindingen;c:\windows\system32\DRIVERS\e1y6032.sys [2009-07-13 214016] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-06 22712] S3 netw5v32;Stuurprogramma voor Intel(R) Wireless WiFi Link 5000 Series-adapter 32-bits Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Inhoud van de 'Gedeelde Taken' map . 2011-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000942056-3156942287-3273839466-1000Core.job - c:\users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01 08:56] . 2011-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1000942056-3156942287-3273839466-1000UA.job - c:\users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01 08:56] . 2011-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1365252884-1034019958-4036850939-1155Core1cc55c17ecd993b.job - c:\users\dennis.WERBRI\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-02 07:53] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://companyweb IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(1228) c:\program files\CA\SharedComponents\PPRealtime\bin\CACheck.dll c:\program files\CA\SharedComponents\PPRealtime\bin\CAHook.dll c:\program files\CA\SharedComponents\PPRealtime\bin\CAServer.dll . Voltooingstijd: 2011-09-03 12:12:08 ComboFix-quarantined-files.txt 2011-09-03 10:12 ComboFix2.txt 2011-09-03 09:44 . Pre-Run: 40.782.151.680 bytes beschikbaar Post-Run: 40.728.850.432 bytes beschikbaar . - - End Of File - - 4006B54213F8C75A618CB4E2EB3C8129
  • Je SSD is aan het degraderen! 95% gezondheid geeft dat aan! Had je wel alle processen in Windows uitgezet die nadelig zijn voor de SSD?
  • Nee ik denk dat ik dat na de vorige herinstallatie vergeten ben. Wat was dat ook al weer? Iets met indexeren, defragmenteren en nog iets..?
  • Een SSD mag al helemaal niet gedefragmenteerd worden! Meer info hier: http://nl.hardware.info/reviews/1635/workshop-tune-je-ssd!
  • Ja ik bedoel dat moet ik uitschakelen.. Bedankt voor je hulp en de handige SSD link !! Ik heb nog wel problemen met m'n data schijf, die zit in zo'n extra HDD caddy ipv de DVD-brander. Met verkenner er doorheen navigeren duurt uren. Kan ik de verbinding ergens mee testen ?
  • Hoe is die "HDD caddy" dan aan je PC aangesloten? En hou de gezondheid van je SSD middels CrystalDiskInfo nauwlettend in de gaten!
  • Op dezelfde manier als de slimDVDdrive. [url=http://newmodeus.com/shop/index.php?main_page=product_info&products_id=224]Hier een plaatje [/url] Bedankt voor de link ! Volgens Crystaldiskinfo is m'n SSD nog maar 49% :( M'n data schijf heb ik intussen aan een andere pc gehangen en doet het goed dus dat word een nieuw hddcaddy mvg!
  • Aha, jij hebt een notebook uit de zaklelijke reeks van Dell. Wat betreft je SSD, dat gaat dan snel achteruit. Wil je deze op (korte) termijn vervangen voor een nieuwe SSD? Of ga je dan liever voor een grotere conventionele HD?
  • Dan kies ik toch voor een conventionele HD met de kortste reactietijd, want om de 2 jaar een dure SSD vind is het voor mij niet waard
  • Hoi ik heb in mijn Dell Studio XPS ook een SSSD gehad. Maar alleen al het feit dat je dan altijd een extra HD moet meenemen waarop je documenten enz. staan, ben ik daarvan weer afgestapt. Ik zelf had daarnaast goede ervaring opgedaan met de eerst hybride notebook HD van Seagate. Waarom hybride: deze HD's hebben 4GB 1cellig Nandflasgeheugen erbij. Daarin komen opstartbestanden van de boot en veel gebruikte programma's. Ik heb nu de 500GB daarvan in mijn notebook en velen zijn jaloers op de snelheid van mijn Windows 7! Voorbeelden: http://www.alternate.nl/html/product/Harddisks_2,5_inch_SATA/Seagate/ST92505610AS/435412/?tn=HARDWARE&l1=Harddisks&l2=Serial-ATA&l3=2%2C5+inch http://www.alternate.nl/html/product/Harddisks_2,5_inch_SATA/Seagate/ST95005620AS/435416/?tn=HARDWARE&l1=Harddisks&l2=Serial-ATA&l3=2%2C5+inch

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.