Vraag & Antwoord

Beveiliging & privacy

te trage Win 7

Anoniem
None
88 antwoorden
  • Via MSConfig kan je ook regelen dat je in Veilige modus wil opstarten.

    En anders kan je ook funktietoets F5 proberen.
  • Wat kan ik nu nog meer doen?
  • Via MSconfig regelen dat je in Safe mode opstart!
  • Heel erg bedankt voor al je moeite, maar ik geef het nu op; ik zal wel leren leven met dat tergend trage ding. :evil:
  • Ik heb een vraag aan jou, want wat je nu schrijft, dat vind ik wel erg armzalig.

    Indien jij naar Configuratiescherm\Software gaat, vindt jij daar de mogelijkheid om ServicePack 3 te verwijderen?

    Ik vraag dit niet zomaar; indien het mogelijk is kan je daarna XP beter voorbereiden op gebruik met die AMD-processor!
  • Sorry voor het misverstand. Ik onderhoud het contact met het forum met een XP computer, omdat die beter werkt dan de andere, meer geavanceerde PC met Win 7. Het is die laatste computer die problemen geeft. Het gaar dus NIET over de oudere XP computer.
  • Dan gaan we kijken of er wat meer tempo in die Win 7 machine te behalen valt.

  • Het ziet er allemaal anders uit, b.v. niets over dat Babylon. Kennelijk een nieuwe versie.
  • Oké, nuttige info.
    Laat je weten of de beide tools wat bereikt hebben.
  • Net klaar. Het lijkt of Win 7 "pittiger" reageert, maar dat heb ik nog nauwelijks kunnen uitzoeken. Wil je dat ik die eerdere scans nog eens probeer uit te voeren?
  • Hallo Baksteen, verwijder nu eerst de oude Combofix.exe naar de prullenbak en leeg deze vervolgens.
    Download daarna ComboFix opnieuw.

    [b:f5014cae8f]Bleepingcomputer[/b:f5014cae8f]

    En dan doe je het volgende: zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:f5014cae8f]Kladblok (of Notepad)[/b:f5014cae8f]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:f5014cae8f]
  • Wat is de kleurcodeerder?
  • ComboFix 12-02-13.01 - Walop 14/02/2012 16:10:04.2.4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2271 [GMT 1:00]
    Gestart vanuit: c:\users\Walop\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Walop\Desktop\CFScript.txt
    AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\program files\ConduitEngine"
    "c:\users\Walop\AppData\LocalLow\Conduit"
    "c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@apps.conduit[2].txt"
    "c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@conduit[3].txt"
    "c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@search.conduit[1].txt"
    "c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}"
    "c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\extensions\engine@conduit.com"
    "c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\extensions\engine@conduit.com\components"
    "c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\extensions\engine@conduit.com\searchplugin"
    "c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\searchplugins"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@apps.conduit[2].txt
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@conduit[3].txt
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Cookies\Low\walop@search.conduit[1].txt
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-01-14 to 2012-02-14 ))))))))))))))))))))))))))))))
    .
    .
    2012-02-14 15:35 . 2012-02-14 15:36 ——– d—–w- c:\users\Walop\AppData\Local\temp
    2012-02-14 15:35 . 2012-02-14 15:35 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-02-13 20:23 . 2011-04-08 15:06 233472 —-a-w- c:\windows\system32\PuranDefragS.exe
    2012-02-13 20:23 . 2011-04-08 15:06 229376 —-a-w- c:\windows\system32\PuranDC.exe
    2012-02-13 20:23 . 2011-04-08 15:06 1114112 —-a-w- c:\windows\system32\PuranFD.exe
    2012-02-13 20:23 . 2011-04-08 15:06 109056 —-a-w- c:\windows\system32\PuranDefragBT.exe
    2012-02-13 20:23 . 2009-12-31 13:02 212992 —-a-w- c:\windows\system32\PuranDefrag.dll
    2012-02-10 10:39 . 2012-02-10 10:39 ——– d—–w- c:\users\Walop\AppData\Roaming\Tific
    2012-02-10 10:39 . 2012-02-10 10:39 ——– d—–w- c:\users\Walop\AppData\Local\Symantec
    2012-02-07 12:54 . 2012-02-07 12:54 ——– d—–w- c:\users\Walop\AppData\Roaming\Gena01
    2012-02-05 14:58 . 2012-02-05 15:01 ——– d—–w- C:\TDSSStarter
    2012-02-04 13:03 . 2012-02-04 13:03 388096 —-a-r- c:\users\Walop\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-01-31 13:55 . 2012-02-10 10:23 ——– d—–w- c:\windows\system32\drivers\NAV\1207000.00D
    2012-01-31 13:44 . 2011-11-17 05:41 67440 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-01-31 13:44 . 2011-11-17 05:41 134000 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-01-31 13:44 . 2011-11-17 05:39 369352 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-01-31 13:44 . 2011-11-17 05:35 314880 —-a-w- c:\windows\system32\webio.dll
    2012-01-31 13:44 . 2011-11-17 05:34 100352 —-a-w- c:\windows\system32\sspicli.dll
    2012-01-31 13:44 . 2011-11-17 05:34 224768 —-a-w- c:\windows\system32\schannel.dll
    2012-01-31 13:44 . 2011-11-17 05:32 1038848 —-a-w- c:\windows\system32\lsasrv.dll
    2012-01-31 13:44 . 2011-11-17 05:29 22528 —-a-w- c:\windows\system32\lsass.exe
    2012-01-31 13:44 . 2011-11-17 05:34 15872 —-a-w- c:\windows\system32\sspisrv.dll
    2012-01-31 13:44 . 2011-11-17 05:34 22016 —-a-w- c:\windows\system32\secur32.dll
    2012-01-26 17:39 . 2012-01-26 17:43 ——– d—–w- c:\program files\SecondLifeViewer
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-10 13:23 . 2012-01-07 13:40 165232 —ha-w- c:\users\Walop\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
    2011-12-19 13:12 . 2011-12-19 13:12 104752 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
    2011-12-19 13:11 . 2012-01-10 12:47 158512 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
    2011-12-19 13:11 . 2012-01-10 12:46 91440 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2011-12-19 13:11 . 2011-12-19 13:11 116016 —-a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
    2011-12-19 13:11 . 2011-12-19 13:11 135472 —-a-w- c:\windows\system32\VBoxNetFltNobj.dll
    2011-12-10 14:24 . 2011-05-09 23:00 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-24 04:25 . 2011-12-14 14:14 2342912 —-a-w- c:\windows\system32\win32k.sys
    2011-11-19 15:56 . 2011-05-14 10:48 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-19 14:01 . 2012-01-11 21:52 67072 —-a-w- c:\windows\system32\packager.dll
    2011-11-17 05:38 . 2012-01-11 21:52 1288472 —-a-w- c:\windows\system32\ntdll.dll
    2012-02-12 13:36 . 2011-04-30 16:50 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Gadwin PrintScreen Pro"="c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2010-10-14 507904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
    "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
    "Desktop Disc Tool"="c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
    "CPMonitor"="c:\program files\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    .
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MiniReminder.lnk - c:\users\Walop\MiniReminder\MiniReminder.exe [2008-3-17 142336]
    OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1343400]
    R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-04-08 233472]
    S0 DiskSec;Magix Volume Filter Driver; [x]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1207000.00D\SYMDS.SYS [2011-01-27 340088]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1207000.00D\SYMEFA.SYS [2011-03-15 744568]
    S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 98928]
    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20120207.003\BHDrvx86.sys [2011-12-01 820344]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20120211.002\IDSvix86.sys [2011-12-15 368248]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1207000.00D\Ironx86.SYS [2011-01-27 136312]
    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAV\1207000.00D\SYMNETS.SYS [2011-04-21 299640]
    S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
    S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008]
    S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-29 665200]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-19 243712]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 106104]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
    S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
    S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-21 1102848]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *Deregistered* - cpuz132
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-02-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000Core.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000UA.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-02-14 c:\windows\Tasks\PCCT - MAGIX AG.job
    - c:\program files\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe [2010-10-31 12:35]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.foozir.com/
    LSP: %SystemRoot%\system32\vsocklib.dll
    TCP: DhcpNameServer = 213.46.228.196 62.179.104.196
    FF - ProfilePath - c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.search.selectedEngine - uTorrentBar_NL Customized Web Search
    FF - user.js: yahoo.homepage.dontask - true
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    HKCU-Run-uTorrent - c:\users\Walop\Downloads\utorrent.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.7.0.13\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-02-14 16:40:01
    ComboFix-quarantined-files.txt 2012-02-14 15:40
    ComboFix2.txt 2012-02-07 01:00
    .
    Pre-Run: 326,879,694,848 bytes free
    Post-Run: 326,826,754,048 bytes free
    .
    - - End Of File - - B3EB9A73BDE348857B532668BDE1955D
  • Hoi, die kleurcodeerder was een vergissing mijnerzijds!

    We gaan nogmaals ComboFix gebruiken:

    zorg ervoor dat alle openstaande webbrowservensters gesloten zijn.
    Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:6f984e219a]Kladblok (of Notepad)[/b:6f984e219a]". .

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:6f984e219a]
  • Het gaat hier steeds beroerder … de machine gaat steed vaker "bevriezen" … dit berichtje heb ik twee keer opniuew moeten intypen, het is haast niet meer te doen ….. een log (hoop ik)
    Ik heb hier zo'n drie uur over gedaan, omdat telkens de log onvindbaar bleek, of helemaal niet verscheen.

    ComboFix 12-02-15.01 - Walop 16/02/2012 0:31.5.4 - x86
    Microsoft Windows 7 Professional 6.1.7601.1.1252.31.1033.18.3327.2358 [GMT 1:00]
    Gestart vanuit: c:\users\Walop\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Walop\Desktop\CFScript.txt.txt
    AV: Norton AntiVirus *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Norton AntiVirus *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-01-15 to 2012-02-15 ))))))))))))))))))))))))))))))
    .
    .
    2012-02-05 14:58 . 2012-02-05 15:01 ——– d—–w- C:\TDSSStarter
    2012-02-04 13:03 . 2012-02-04 13:03 388096 —-a-r- c:\users\Walop\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-01-31 13:55 . 2012-02-10 10:23 ——– d—–w- c:\windows\system32\drivers\NAV\1207000.00D
    2012-01-31 13:44 . 2011-11-17 05:41 67440 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-01-31 13:44 . 2011-11-17 05:41 134000 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-01-31 13:44 . 2011-11-17 05:39 369352 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-01-31 13:44 . 2011-11-17 05:35 314880 —-a-w- c:\windows\system32\webio.dll
    2012-01-31 13:44 . 2011-11-17 05:34 100352 —-a-w- c:\windows\system32\sspicli.dll
    2012-01-31 13:44 . 2011-11-17 05:34 224768 —-a-w- c:\windows\system32\schannel.dll
    2012-01-31 13:44 . 2011-11-17 05:32 1038848 —-a-w- c:\windows\system32\lsasrv.dll
    2012-01-31 13:44 . 2011-11-17 05:29 22528 —-a-w- c:\windows\system32\lsass.exe
    2012-01-31 13:44 . 2011-11-17 05:34 15872 —-a-w- c:\windows\system32\sspisrv.dll
    2012-01-31 13:44 . 2011-11-17 05:34 22016 —-a-w- c:\windows\system32\secur32.dll
    2012-01-26 17:39 . 2012-01-26 17:43 ——– d—–w- c:\program files\SecondLifeViewer
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-10 13:23 . 2012-01-07 13:40 165232 —ha-w- c:\users\Walop\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
    2011-12-19 13:12 . 2011-12-19 13:12 104752 —-a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
    2011-12-19 13:11 . 2012-01-10 12:47 158512 —-a-w- c:\windows\system32\drivers\VBoxDrv.sys
    2011-12-19 13:11 . 2012-01-10 12:46 91440 —-a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
    2011-12-19 13:11 . 2011-12-19 13:11 116016 —-a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
    2011-12-19 13:11 . 2011-12-19 13:11 135472 —-a-w- c:\windows\system32\VBoxNetFltNobj.dll
    2011-12-10 14:24 . 2011-05-09 23:00 20464 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-24 04:25 . 2011-12-14 14:14 2342912 —-a-w- c:\windows\system32\win32k.sys
    2011-11-19 15:56 . 2011-05-14 10:48 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2011-11-19 14:01 . 2012-01-11 21:52 67072 —-a-w- c:\windows\system32\packager.dll
    2012-02-12 13:36 . 2011-04-30 16:50 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Gadwin PrintScreen Pro"="c:\program files\Gadwin Systems\PrintScreenPro\PrintScreenPro.exe" [2010-10-14 507904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
    "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
    "Desktop Disc Tool"="c:\program files\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
    "CPMonitor"="c:\program files\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    .
    c:\users\Walop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MiniReminder.lnk - c:\users\Walop\MiniReminder\MiniReminder.exe [2008-3-17 142336]
    OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "aux1"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 RoxMediaDB12;RoxMediaDB12;c:\program files\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1343400]
    R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe [2011-04-08 233472]
    S0 DiskSec;Magix Volume Filter Driver; [x]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1207000.00D\SYMDS.SYS [2011-01-27 340088]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1207000.00D\SYMEFA.SYS [2011-03-15 744568]
    S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 98928]
    S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20120207.003\BHDrvx86.sys [2011-12-01 820344]
    S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20120214.003\IDSvix86.sys [2011-12-15 368248]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1207000.00D\Ironx86.SYS [2011-01-27 136312]
    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NAV\1207000.00D\SYMNETS.SYS [2011-04-21 299640]
    S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512]
    S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008]
    S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-29 665200]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-19 243712]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-04 106104]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
    S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
    S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
    S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
    S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752]
    S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016]
    S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-10-21 1102848]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000Core.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1690226732-1544728178-401627873-1000UA.job
    - c:\users\Walop\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-21 12:51]
    .
    2012-02-15 c:\windows\Tasks\PCCT - MAGIX AG.job
    - c:\program files\MAGIX\PC_Check_Tuning_2010_Download-versie\MxTray.exe [2010-10-31 12:35]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.foozir.com/
    LSP: %SystemRoot%\system32\vsocklib.dll
    TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
    FF - ProfilePath - c:\users\Walop\AppData\Roaming\Mozilla\Firefox\Profiles\fyygn3jj.default\
    FF - user.js: yahoo.homepage.dontask - true
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NAV]
    "ImagePath"="\"c:\program files\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\18.7.0.13\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-02-16 00:42:52
    ComboFix-quarantined-files.txt 2012-02-15 23:42
    ComboFix2.txt 2012-02-15 23:01
    ComboFix3.txt 2012-02-15 22:03
    ComboFix4.txt 2012-02-14 15:40
    ComboFix5.txt 2012-02-15 23:26
    .
    Pre-Run: 340,267,143,168 bytes free
    Post-Run: 340,210,913,280 bytes free
    .
    - - End Of File - - F9D298AD402D6C67CEF50BD4E35F471F
  • Een lijst met 49 processen, meest zonder zichtbare activiteit


    System Idle Processes 99.6% - System 0.02% - svchost.exe < 0.01% - vmware < 0.01% - explorer.exe 0.02 - procexp.exe 0.24
    en dan nog enkele andere die sporadisch aanfloepen, met 0.01 of 0.02

    Een momentopname:

    Process PID CPU Private Bytes Working Set Description Company Name
    System Idle Process 0 98.01 0 K 24 K
    System 4 0.06 44 K 1,344 K
    csrss.exe 400 < 0.01 1,908 K 3,872 K
    wininit.exe 480 1,092 K 3,508 K
    services.exe 528 < 0.01 4,168 K 7,120 K
    svchost.exe 692 3,060 K 7,032 K Host Process for Windows Services Microsoft Corporation
    dllhost.exe 4552 1,576 K 4,856 K
    WmiPrvSE.exe 3780 1,868 K 4,704 K
    svchost.exe 784 2,940 K 5,888 K Host Process for Windows Services Microsoft Corporation
    atiesrxx.exe 844 996 K 3,276 K AMD External Events Service Module AMD
    atieclxx.exe 1252 1,616 K 5,236 K
    svchost.exe 904 16,252 K 16,568 K Host Process for Windows Services Microsoft Corporation
    audiodg.exe 5180 14,384 K 14,420 K
    svchost.exe 948 55,576 K 62,880 K Host Process for Windows Services Microsoft Corporation
    dwm.exe 1960 0.17 31,656 K 29,308 K Desktop Window Manager Microsoft Corporation
    svchost.exe 996 < 0.01 21,116 K 32,348 K Host Process for Windows Services Microsoft Corporation
    taskeng.exe 1984 1,484 K 5,008 K
    MxTray.exe 1456 14,276 K 1,756 K
    svchost.exe 1164 < 0.01 6,912 K 12,060 K Host Process for Windows Services Microsoft Corporation
    svchost.exe 1328 < 0.01 10,428 K 13,012 K Host Process for Windows Services Microsoft Corporation
    spoolsv.exe 1504 4,928 K 9,372 K Spooler SubSystem App Microsoft Corporation
    svchost.exe 1532 14,256 K 16,808 K Host Process for Windows Services Microsoft Corporation
    ccsvchst.exe 1656 0.02 20,208 K 11,556 K Symantec Service Framework Symantec Corporation
    ccsvchst.exe 408 4,348 K 10,236 K
    taskhost.exe 1948 2,644 K 6,296 K Host Process for Windows Tasks Microsoft Corporation
    svchost.exe 2972 1,156 K 4,176 K Host Process for Windows Services Microsoft Corporation
    vmware-usbarbitrator.exe 3044 < 0.01 2,468 K 5,116 K VMware USB Arbitration Service VMware, Inc.
    vmnat.exe 3076 < 0.01 1,240 K 3,608 K VMware NAT Service VMware, Inc.
    WLIDSVC.EXE 3116 < 0.01 4,876 K 11,196 K
    WLIDSVCM.EXE 3308 716 K 2,412 K
    vmware-authd.exe 3172 0.04 5,128 K 8,828 K VMware Authorization Service VMware, Inc.
    vmnetdhcp.exe 3444 1,032 K 3,164 K VMware VMnet DHCP service VMware, Inc.
    SearchIndexer.exe 3632 < 0.01 33,168 K 11,968 K Microsoft Windows Search Indexer Microsoft Corporation
    svchost.exe 2864 1,824 K 4,596 K Host Process for Windows Services Microsoft Corporation
    wmpnetwk.exe 2764 < 0.01 9,556 K 8,124 K Windows Media Player Network Sharing Service Microsoft Corporation
    svchost.exe 3420 < 0.01 6,092 K 28,808 K Host Process for Windows Services Microsoft Corporation
    svchost.exe 2872 < 0.01 10,508 K 12,464 K Host Process for Windows Services Microsoft Corporation
    lsass.exe 548 3,664 K 8,968 K Local Security Authority Process Microsoft Corporation
    lsm.exe 556 < 0.01 1,256 K 2,984 K
    csrss.exe 488 0.13 2,340 K 6,460 K
    winlogon.exe 676 2,520 K 5,456 K
    explorer.exe 124 0.02 30,604 K 46,744 K Windows Explorer Microsoft Corporation
    RoxioBurnLauncher.exe 2216 0.17 2,600 K 7,684 K Roxio Burn Launcher
    CPMonitor.exe 2248 1,896 K 6,200 K CPMonitor Application
    PrintScreenPro.exe 2292 2,424 K 7,720 K Gadwin PrintScreen Professional Gadwin Systems, Inc
    MiniReminder.exe 4720 1,236 K 4,956 K MiniReminder: A simple personal reminder. www.minireminder.com
    uTorrent.exe 4856 0.12 28,796 K 35,112 K µTorrent BitTorrent, Inc.
    procexp.exe 2988 0.71 14,244 K 27,408 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
    MOM.exe 2232 < 0.01 24,376 K 5,260 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
    CCC.exe 2688 0.01 44,264 K 6,060 K Catalyst Control Centre: Host application ATI Technologies Inc.
    soffice.exe 4740 824 K 2,496 K OpenOffice.org 3.3 OpenOffice.org
    soffice.bin 4748 15,148 K 43,228 K OpenOffice.org 3.3 OpenOffice.org
    WinRAR.exe 4020 9,312 K 12,576 K WinRAR archiver Alexander Roshal
  • Je gebruikt ook virtualiseringssoftware.

    Doe het volgende:

    [b:849eb521c1]Welk programma[/b:849eb521c1]: Speccy van Piriform
    [b:849eb521c1]Waarvoor/waarom[/b:849eb521c1]: specialistisch tool om een grondige analyse van jouw Windows PC te geven.
    [b:849eb521c1]Moeilijkheidsgraad[/b:849eb521c1]: geen.
    [b:849eb521c1]Download: Speccy[/b:849eb521c1]

    Bij de installatie van "Speccy" wordt gevraagd om de Google Chrome webbrowser mee te installeren.
    Indien je dit niet wenst, verwijder dan de vinkjes.

    [b:849eb521c1]Speccy van Piriform opstarten[/b:849eb521c1]:
    [list:849eb521c1][*:849eb521c1]
  • Dit ging tenminste vlot.

    http://speccy.piriform.com/results/aGPpNUXiRxZkG3rIVtYYdBU
  • Vreemd: Speccy was niet in staat om bijvoorbeeld het moederbord te herkennen.

    Een ander punt is de HD.
    Niet echt een prestatiewonder.

    Weliswaar een 64MB cache, maar 5400 t.p.m.

    Tevens wil ik dat je naar http://www.dns-ok.de/ gaat en laat weten wat daar de uitkomst voor jou is.
  • Dit vond ik op de Duitse site:

    Your system is not affected by the DNSChanger trojan malware. For more information on this topic please visit the FBI website.

    Een andere HD dan? En welke? De huidige kan erin blijven b.v. voor data.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.