Spring naar inhoud

Guest's Foto
Welkom,
Guest
Wenst u zich te registreren?


Foto
- - - - -

Help!!! krijg steeds meldingen en scannen levert haast niets op


  • Dit onderwerp is gesloten Dit onderwerp is gesloten
20 reacties op dit onderwerp

#1 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 04 mei 2012 - 19:26


SPOED SPOED SPOED


Avira Free Antivirus
Datum rapportbestand: vrijdag 4 mei 2012 19:29
Bezig met scannen op 3742446 virusstammen en ongewenste programma's.
Het programma wordt uitgevoerd als een onbeperkte volledig versie.
Online services zijn beschikbaar:
Licentiegebruiker : Avira AntiVir Personal - Free Antivirus
Serienummer : 0000149996-ADJIE-0000001
Platform : Windows 7 x64
Windows-versie : (Service Pack 1) [6.1.7601]
Opstartmodus : Normaal opgestart
Gebruikersnaam : SYSTEM
Computernaam : TAARTVANOMA
Versie-informatie:
BUILD.DAT : 12.0.0.97 41961 Bytes 4-2-2012 01:06:00
AVSCAN.EXE : 12.1.0.20 492496 Bytes 3-2-2012 13:28:13
AVSCAN.DLL : 12.1.0.18 62416 Bytes 3-2-2012 13:28:36
LUKE.DLL : 12.1.0.19 68304 Bytes 3-2-2012 13:28:20
AVSCPLR.DLL : 12.1.0.22 100048 Bytes 3-2-2012 13:28:13
AVREG.DLL : 12.1.0.36 229128 Bytes 18-4-2012 08:26:42
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6-11-2009 17:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14-12-2010 08:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20-12-2011 13:28:30
VBASE003.VDF : 7.11.21.238 4472832 Bytes 1-2-2012 08:26:38
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28-3-2012 08:26:39
VBASE005.VDF : 7.11.26.45 2048 Bytes 28-3-2012 08:26:39
VBASE006.VDF : 7.11.26.46 2048 Bytes 28-3-2012 08:26:39
VBASE007.VDF : 7.11.26.47 2048 Bytes 28-3-2012 08:26:39
VBASE008.VDF : 7.11.26.48 2048 Bytes 28-3-2012 08:26:39
VBASE009.VDF : 7.11.26.49 2048 Bytes 28-3-2012 08:26:39
VBASE010.VDF : 7.11.26.50 2048 Bytes 28-3-2012 08:26:39
VBASE011.VDF : 7.11.26.51 2048 Bytes 28-3-2012 08:26:39
VBASE012.VDF : 7.11.26.52 2048 Bytes 28-3-2012 08:26:39
VBASE013.VDF : 7.11.26.53 2048 Bytes 28-3-2012 08:26:39
VBASE014.VDF : 7.11.26.107 221696 Bytes 30-3-2012 08:26:39
VBASE015.VDF : 7.11.26.179 224768 Bytes 2-4-2012 08:26:40
VBASE016.VDF : 7.11.26.241 142336 Bytes 4-4-2012 08:26:40
VBASE017.VDF : 7.11.27.41 247808 Bytes 8-4-2012 08:26:40
VBASE018.VDF : 7.11.27.107 161280 Bytes 12-4-2012 08:26:40
VBASE019.VDF : 7.11.27.159 148992 Bytes 13-4-2012 08:26:40
VBASE020.VDF : 7.11.27.201 207360 Bytes 17-4-2012 08:26:40
VBASE021.VDF : 7.11.28.3 237568 Bytes 19-4-2012 08:38:02
VBASE022.VDF : 7.11.28.49 193536 Bytes 20-4-2012 13:26:23
VBASE023.VDF : 7.11.28.99 195072 Bytes 23-4-2012 08:50:53
VBASE024.VDF : 7.11.28.133 247808 Bytes 24-4-2012 16:13:43
VBASE025.VDF : 7.11.28.183 186880 Bytes 26-4-2012 16:13:29
VBASE026.VDF : 7.11.28.235 166400 Bytes 30-4-2012 17:06:28
VBASE027.VDF : 7.11.29.37 290816 Bytes 3-5-2012 17:42:24
VBASE028.VDF : 7.11.29.38 2048 Bytes 3-5-2012 17:42:24
VBASE029.VDF : 7.11.29.39 2048 Bytes 3-5-2012 17:42:24
VBASE030.VDF : 7.11.29.40 2048 Bytes 3-5-2012 17:42:24
VBASE031.VDF : 7.11.29.42 2048 Bytes 3-5-2012 17:42:24
Programmaversie : 8.2.10.58
AEVDF.DLL : 8.1.2.2 106868 Bytes 3-2-2012 13:28:11
AESCRIPT.DLL : 8.1.4.18 455034 Bytes 27-4-2012 16:14:32
AESCN.DLL : 8.1.8.2 131444 Bytes 18-4-2012 08:26:42
AESBX.DLL : 8.2.5.5 606579 Bytes 18-4-2012 08:26:42
AERDL.DLL : 8.1.9.15 639348 Bytes 20-1-2012 22:29:19
AEPACK.DLL : 8.2.16.9 807287 Bytes 18-4-2012 08:26:41
AEOFFICE.DLL : 8.1.2.28 201082 Bytes 27-4-2012 16:14:28
AEHEUR.DLL : 8.1.4.21 4682102 Bytes 27-4-2012 16:14:26
AEHELP.DLL : 8.1.20.0 254326 Bytes 27-4-2012 16:14:01
AEGEN.DLL : 8.1.5.28 422260 Bytes 27-4-2012 16:13:57
AEEXP.DLL : 8.1.0.33 82293 Bytes 27-4-2012 16:14:32
AEEMU.DLL : 8.1.3.0 393589 Bytes 1-9-2011 20:46:01
AECORE.DLL : 8.1.25.6 201078 Bytes 18-4-2012 08:26:40
AEBB.DLL : 8.1.1.0 53618 Bytes 1-9-2011 20:46:01
AVWINLL.DLL : 12.1.0.17 27344 Bytes 3-2-2012 13:28:15
AVPREF.DLL : 12.1.0.17 51920 Bytes 3-2-2012 13:28:13
AVREP.DLL : 12.1.0.17 179408 Bytes 3-2-2012 13:28:13
AVARKT.DLL : 12.1.0.23 209360 Bytes 3-2-2012 13:28:11
AVEVTLOG.DLL : 12.1.0.17 169168 Bytes 3-2-2012 13:28:12
SQLITE3.DLL : 3.7.0.0 398288 Bytes 3-2-2012 13:28:24
AVSMTP.DLL : 12.1.0.17 62928 Bytes 3-2-2012 13:28:14
NETNT.DLL : 12.1.0.17 17104 Bytes 3-2-2012 13:28:21
RCIMAGE.DLL : 12.1.0.13 4449488 Bytes 20-1-2012 22:30:13
RCTEXT.DLL : 12.1.1.16 98256 Bytes 3-2-2012 13:28:37
Configuratie-instellingen voor de scan:
Taaknaam...................................: Volledige systeemscan
Configuratiebestand........................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Logboekregistratie.........................: standaard
Primaire actie.............................: interactief
Secundaire actie...........................: negeren
Hoofdopstartsector scannen.................: aan
Opstartsector scannen......................: aan
Opstartsectoren............................: C:, D:, Q:,
Processcan.................................: aan
Uitgebreide processcan.....................: aan
Register scannen...........................: aan
Zoeken naar rootkits.......................: aan
Integriteitscontrole van systeembestanden..: uit
Alle bestanden scannen.....................: Alle bestanden
Archieven scannen..........................: aan
Aantal herhalingen.........................: 20
Slimme extensies...........................: aan
Macroheuristiek............................: aan
Bestandsheuristiek.........................: uitgebreid
Afwijkende risicocategorieën...............: +APPL,
Begin van de scan: vrijdag 4 mei 2012 19:29
Hoofdopstartsectorscan wordt gestart:
Hoofdopstartsector HD0
[INFO] Er is geen virus gevonden!
Start met het scannen van opstartsectoren:
Opstartsector 'C:\'
[INFO] Er is geen virus gevonden!
Opstartsector 'D:\'
[INFO] Er is geen virus gevonden!
Opstartsector 'Q:\'
[INFO] Er is geen virus gevonden!
[INFO] Start de zoekactie opnieuw, maar dan met beheerdersrechten.
Het zoeken naar verborgen objecten wordt gestart.
HKEY_LOCAL_MACHINE\Software\McAfee
[OPMERKING] De registervermelding is onzichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
Verborgen thread
[OPMERKING] Een systeem-thread is niet zichtbaar.
De scan van processen die worden uitgevoerd, wordt gestart
Scan proces 'iexplore.exe' - '129' module(s) zijn gescand
Scan proces 'iexplore.exe' - '123' module(s) zijn gescand
Scan proces 'iexplore.exe' - '108' module(s) zijn gescand
Scan proces 'avscan.exe' - '84' module(s) zijn gescand
Scan proces 'avcenter.exe' - '106' module(s) zijn gescand
Scan proces 'wqeylJNlXsNxHe.exe' - '45' module(s) zijn gescand
Scan proces 'FlashUtil32_11_2_202_233_ActiveX.exe' - '56' module(s) zijn gescand
Scan proces 'OSE.EXE' - '36' module(s) zijn gescand
Scan proces 'OfficeVirt.exe' - '28' module(s) zijn gescand
Scan proces 'cvh.exe' - '72' module(s) zijn gescand
Scan proces 'wlcomm.exe' - '37' module(s) zijn gescand
Scan proces 'wlmail.exe' - '228' module(s) zijn gescand
Scan proces 'hpwuschd2.exe' - '20' module(s) zijn gescand
Scan proces 'avgnt.exe' - '66' module(s) zijn gescand
Scan proces 'Updater.exe' - '37' module(s) zijn gescand
Scan proces 'B2CNotiAgent.exe' - '69' module(s) zijn gescand
Scan proces 'UNS.exe' - '41' module(s) zijn gescand
Scan proces 'NASvc.exe' - '42' module(s) zijn gescand
Scan proces 'LMS.exe' - '29' module(s) zijn gescand
Scan proces 'CFSvcs.exe' - '50' module(s) zijn gescand
Scan proces 'CFSwMgr.exe' - '55' module(s) zijn gescand
Scan proces 'hpqgpc01.exe' - '46' module(s) zijn gescand
Scan proces 'hpqbam08.exe' - '30' module(s) zijn gescand
Scan proces 'hpqSTE08.exe' - '58' module(s) zijn gescand
Scan proces 'hpqtra08.exe' - '87' module(s) zijn gescand
Scan proces 'ManyCam.exe' - '155' module(s) zijn gescand
Scan proces 'NDSTray.exe' - '81' module(s) zijn gescand
Scan proces 'AVWEBGRD.EXE' - '41' module(s) zijn gescand
Scan proces 'CVHSVC.EXE' - '95' module(s) zijn gescand
Scan proces 'sftlist.exe' - '63' module(s) zijn gescand
Scan proces 'sqlbrowser.exe' - '27' module(s) zijn gescand
Scan proces 'sftvsa.exe' - '28' module(s) zijn gescand
Scan proces 'sqlservr.exe' - '64' module(s) zijn gescand
Scan proces 'svchost.exe' - '46' module(s) zijn gescand
Scan proces 'avguard.exe' - '69' module(s) zijn gescand
Scan proces 'armsvc.exe' - '24' module(s) zijn gescand
Scan proces 'sched.exe' - '42' module(s) zijn gescand
Beginnen met het scannen van uitvoerbare bestanden (register).
Het register is gescand ('651' bestanden).

De bestandsscan wordt gestart:
Begin scan in 'C:\' <WINDOWS>
C:\Users\Taart van Oma\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\73fda495-5442ad2a
[0] Archieftype: ZIP
--> yhrdecskwugrrf/gulfrwpenhwtmuekftw.class
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/11-3544.GL
--> yhrdecskwugrrf/kakcknvhjpnhsmsbgpybdu.class
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/08-5353.CQ
--> yhrdecskwugrrf/phtlkqehqacckkjnk.class
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/CVE-2012-0507
--> yhrdecskwugrrf/wehfnltlfkdmnlwtgppphufbb.class
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/11-3544.GS
--> yhrdecskwugrrf/wfhwqqbw.class
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/11-3544.HA
Begin scan in 'D:\' <Data>
Begin scan in 'Q:\'
Zoekpad Q:\ kan niet worden geopend!
Systeemfout [5]: Toegang geweigerd.
Er wordt begonnen met desinfecteren:
C:\Users\Taart van Oma\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\73fda495-5442ad2a
[DETECTIE] Bevat herkenningspatroon van de exploit EXP/11-3544.HA
[OPMERKING] Het bestand verplaatst naar de quarantainemap onder de naam '5655bf77.qua'.

Einde van de scan: vrijdag 4 mei 2012 20:18
Gebruikte tijd: 49:29 Minuut/minuten
De scan is volledig uitgevoerd.
22866 Gescande mappen
316196 Bestanden zijn gescand
5 Er zijn virussen en ongewenste programma's gevonden
0 Er zijn bestanden als verdacht aangemerkt
0 Bestanden zijn verwijderd
0 Virussen en ongewenste programma's zijn gerepareerd
1 Bestanden zijn in quarantaine geplaatst
0 Bestanden zijn hernoemd
0 Bestanden kunnen niet worden gescand
316191 Bestanden niet betrokken
4039 Archieven zijn gescand
0 Waarschuwingen
66 Opmerkingen
512255 Objecten zijn gescand met de rootkitscan
65 Er zijn verborgen objecten gevonden


Wat kan ik hieraan doen????

#2 Jion

Jion

    Supervisor

  • Supervisor
  • 4221 berichten

Geplaatst 04 mei 2012 - 20:26

Dag Karoline,

Welkom op PCH!

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.
Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".
Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.
Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.
De logjes kan je dan ook in die map terugvinden.

 [/HR]
2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".
Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

 [/HR]
3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Tip!
Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

#3 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 04 mei 2012 - 23:59



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:58:05, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Taart van Oma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VBNGB1X8\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Toshiba | MSN
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [wqeylJNlXsNxHe.exe] C:\ProgramData\wqeylJNlXsNxHe.exe
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11677 bytes

#4 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40894 berichten

Geplaatst 05 mei 2012 - 07:23



[FONT=&]Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:[/FONT]

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [wqeylJNlXsNxHe.exe] C:\ProgramData\wqeylJNlXsNxHe.exe
O9 - Extra button: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-229 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
O9 - Extra 'Tools' menuitem: @C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll,-228 - {97F922BD-8563-4184-87EE-8C4ACA438823} - (no file)
[FONT=&]
[/FONT][FONT=&]Klik op 'Fix checked' om de items te verwijderen.[/FONT]

[FONT=&]Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.[/FONT]

[FONT=&]Verwijder Ask Toolbar of Ask.com via Software (indien aanwezig) of verwijder anders volgende vetgedrukte map : [/FONT]C:\Program Files (x86)\Ask.com
[FONT=&]
Download [/FONT][FONT=&]MBAM (Malwarebytes Anti-Malware)[/FONT][FONT=&]

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
Het scannen kan een tijdje duren, dus wees geduldig.
Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.
MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.


Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht[/FONT][FONT=&], samen met een nieuw HijackThis log.[/FONT]

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#5 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 13:16

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Databaseversie: v2012.05.05.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Taart van Oma :: TAARTVANOMA [administrator]
05-05-2012 14:05:27
mbam-log-2012-05-05 (14-05-27).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 217291
Verstreken tijd: 6 minuut/minuten, 46 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Slecht: (0) Goed: (1) -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)

#6 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 14:03

Goedemiddag,

Het lijkt nu ook nog eens dat al mijn data verdwenen is.
Nu is dit een laptop van 1 maand oud, maar mijn boekhouding, emailverkeer en wat foto´s staan hierop.
Is er nog een mogelijkheid om dit terug te krijgen?

---------- Post toegevoegd om 14:58 ---------- Vorige post was om 14:45 ----------

Mijn bureaublad is behalve wat ik gisteren en vandaag geïnstalleerd heb, ook volledig leeg.
HELP!!!

---------- Post toegevoegd om 15:03 ---------- Vorige post was om 14:58 ----------

Kan nu ook niet meer mijn logfile copiëren.
WAT MOET IK NU???

#7 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 14:25

heb gekeken met GetDataBack for NTFS, en zie gelukkig alle bestanden met inhoud nog staan.
Nou kan ik alles terug zetten als ik een licentie koop..... ben ik eigenlijk niet van plan....
Maar wat kan ik wel doen?

Sorry voor dit alles, maar ben ten einde raad.
Karoline

#8 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 14:46

Heb de meldingen RUNTIME error gekregen - en nnu blijkt dat daarna alles weg leek te zijn.

gr. Karoline

#9 Jion

Jion

    Supervisor

  • Supervisor
  • 4221 berichten

Geplaatst 05 mei 2012 - 15:42



Kan je nog [FONT=&]een nieuw HijackThis log plaatsen?[/FONT]

#10 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 16:05

Helaas niet, de link werkt niet meer en aangezien het programma in de map program files is opgeslagen kan ik daar ook niet meer bij.
Zou iemand mij hijjackthis kunnen mailen?

---------- Post toegevoegd om 17:01 ---------- Vorige post was om 16:57 ----------

toch gelukt via een omweg via een andere laptop
Hier is tie dan:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:26, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
R3 - URLSearchHook: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13292 bytes


Bewerkt door Asus, 05 mei 2012 - 16:07.
dubbel log verwijderd + e-mailadres verwijderd ter voorkoming van spam


#11 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40894 berichten

Geplaatst 05 mei 2012 - 18:06

[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop [/FONT]"Application Updater"
[FONT=&]Druk op Enter.[/FONT]
[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete [/FONT]"Application Updater"
[FONT=&]Druk op Enter.[/FONT]
[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop [/FONT]GFNEXSrv
[FONT=&]Druk op Enter.[/FONT]
[FONT=&]Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete[/FONT] GFNEXSrv

[FONT=&]Druk op Enter.[/FONT]

[FONT=&]Start Hijackthis op. [/FONT][FONT=&]Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:
[/FONT]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O8 - Extra context menu item: Toevoegen aan TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000

[FONT=&]Klik op 'Fix checked' om de items te verwijderen.[/FONT]

[FONT=&]Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.[/FONT]

[FONT=&]Download Unhide.exe naar het bureaublad, als u een melding krijgt dat het bestand mogelijk onveilig is kunt u dit negeren.

  • Dubbelklik op "Unhide.exe" om de tool te starten.
  • Let op!!! Windows Vista & 7 gebruikers dienen "Unhide.exe" als administrator uit te voeren "Rechtermuisknop uitvoeren als administrator",
  • Wacht rustig af totdat de tool gereed is en doe in de tussentijd verder niets op de computer.
  • Als de tool gereed is krijgt u het onderstaande scherm te zien, met de melding "Your files should now be visible"
    • Geplaatste Afbeelding
  • Vermeld in uw volgende bericht of u deze melding heeft gekregen.
[/FONT]
Download [FONT=&][/FONT]TDSSKiller[FONT=&] en plaats het op je bureaublad.
Pak de bestanden in tdsskiller.zip uit.
Open de map tdsskiller en dubbelklik op TDSSKiller.exe om de tool te starten.

Windows 7 en Windows Vista gebruikers:
Rechtsklik op TDSSKiller.exe -> Uitvoeren als Administrator om de tool te starten.

Als TDSSKiller bericht geeft van een beschikbare update, dan voer je deze eerst uit.[/FONT]

[FONT=&]Klik op de knop "Start Scan" en volg de instructies.
Wanneer de scan klaar is klik je op de knop "Report".
Er opent een kladblokbestand. Post de inhoud van dit bestand.

Herstart de pc als TDSSKiller die optie geeft. (Reboot now)

Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt[/FONT]

Plaats dan nieuw logje van HijackThis en het log van TDSS Killer in een volgend bericht.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#12 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 18:33

19:25:58.0787 6920 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
19:25:58.0865 6920 ============================================================
19:25:58.0865 6920 Current date / time: 2012/05/05 19:25:58.0865
19:25:58.0865 6920 SystemInfo:
19:25:58.0865 6920
19:25:58.0865 6920 OS Version: 6.1.7601 ServicePack: 1.0
19:25:58.0865 6920 Product type: Workstation
19:25:58.0865 6920 ComputerName: TAARTVANOMA
19:25:58.0865 6920 UserName: Taart van Oma
19:25:58.0865 6920 Windows directory: C:\Windows
19:25:58.0865 6920 System windows directory: C:\Windows
19:25:58.0865 6920 Running under WOW64
19:25:58.0865 6920 Processor architecture: Intel x64
19:25:58.0865 6920 Number of processors: 4
19:25:58.0865 6920 Page size: 0x1000
19:25:58.0865 6920 Boot type: Normal boot
19:25:58.0865 6920 ============================================================
19:25:59.0973 6920 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:25:59.0973 6920 Drive \Device\Harddisk1\DR5 - Size: 0x1DD800000 (7.46 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:25:59.0973 6920 ============================================================
19:25:59.0973 6920 \Device\Harddisk0\DR0:
19:25:59.0973 6920 MBR partitions:
19:25:59.0973 6920 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D13A000
19:25:59.0973 6920 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D202800, BlocksNum 0x1D183830
19:25:59.0973 6920 \Device\Harddisk1\DR5:
19:25:59.0973 6920 MBR partitions:
19:25:59.0973 6920 \Device\Harddisk1\DR5\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEEA080
19:25:59.0973 6920 ============================================================
19:26:00.0035 6920 C: <-> \Device\Harddisk0\DR0\Partition0
19:26:00.0129 6920 D: <-> \Device\Harddisk0\DR0\Partition1
19:26:00.0129 6920 ============================================================
19:26:00.0129 6920 Initialize success
19:26:00.0129 6920 ============================================================
19:26:06.0337 6088 ============================================================
19:26:06.0337 6088 Scan started
19:26:06.0337 6088 Mode: Manual;
19:26:06.0337 6088 ============================================================
19:26:06.0993 6088 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:26:07.0008 6088 1394ohci - ok
19:26:07.0086 6088 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:26:07.0086 6088 ACPI - ok
19:26:07.0164 6088 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:26:07.0164 6088 AcpiPmi - ok
19:26:07.0336 6088 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:26:07.0336 6088 AdobeARMservice - ok
19:26:07.0507 6088 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:26:07.0507 6088 AdobeFlashPlayerUpdateSvc - ok
19:26:07.0585 6088 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:26:07.0601 6088 adp94xx - ok
19:26:07.0679 6088 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:26:07.0695 6088 adpahci - ok
19:26:07.0726 6088 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:26:07.0726 6088 adpu320 - ok
19:26:07.0757 6088 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:26:07.0757 6088 AeLookupSvc - ok
19:26:07.0851 6088 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:26:07.0851 6088 AFD - ok
19:26:07.0913 6088 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:26:07.0929 6088 agp440 - ok
19:26:07.0960 6088 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:26:07.0960 6088 ALG - ok
19:26:08.0022 6088 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:26:08.0022 6088 aliide - ok
19:26:08.0038 6088 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:26:08.0038 6088 amdide - ok
19:26:08.0053 6088 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:26:08.0069 6088 AmdK8 - ok
19:26:08.0069 6088 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:26:08.0069 6088 AmdPPM - ok
19:26:08.0131 6088 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:26:08.0147 6088 amdsata - ok
19:26:08.0194 6088 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:26:08.0194 6088 amdsbs - ok
19:26:08.0241 6088 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:26:08.0241 6088 amdxata - ok
19:26:08.0303 6088 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
19:26:08.0303 6088 Andbus - ok
19:26:08.0334 6088 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
19:26:08.0334 6088 AndDiag - ok
19:26:08.0381 6088 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
19:26:08.0381 6088 AndGps - ok
19:26:08.0412 6088 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
19:26:08.0412 6088 ANDModem - ok
19:26:08.0553 6088 AntiVirSchedulerService (280c41d70b16dc6af4235ff7000e5cd3) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:26:08.0553 6088 AntiVirSchedulerService - ok
19:26:08.0724 6088 AntiVirService (e545beff703229a10b56026b83add8b4) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:26:08.0724 6088 AntiVirService - ok
19:26:08.0849 6088 AntiVirWebService (fb03e46a8e30f4a18b1d37583cd90c73) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
19:26:08.0865 6088 AntiVirWebService - ok
19:26:08.0911 6088 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:26:08.0911 6088 AppID - ok
19:26:08.0943 6088 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:26:08.0958 6088 AppIDSvc - ok
19:26:09.0005 6088 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:26:09.0005 6088 Appinfo - ok
19:26:09.0099 6088 Application Updater (f4c5530d92fa7f9a41c19edfc4c51bd4) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
19:26:09.0114 6088 Application Updater - ok
19:26:09.0161 6088 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:26:09.0177 6088 arc - ok
19:26:09.0192 6088 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:26:09.0208 6088 arcsas - ok
19:26:09.0223 6088 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:26:09.0223 6088 AsyncMac - ok
19:26:09.0239 6088 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:26:09.0239 6088 atapi - ok
19:26:09.0333 6088 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:09.0348 6088 AudioEndpointBuilder - ok
19:26:09.0364 6088 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:26:09.0364 6088 AudioSrv - ok
19:26:10.0066 6088 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:26:10.0175 6088 AVGIDSAgent - ok
19:26:10.0331 6088 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
19:26:10.0331 6088 AVGIDSDriver - ok
19:26:10.0362 6088 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:26:10.0362 6088 AVGIDSEH - ok
19:26:10.0378 6088 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
19:26:10.0378 6088 AVGIDSFilter - ok
19:26:10.0440 6088 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
19:26:10.0471 6088 Avgldx64 - ok
19:26:10.0487 6088 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:26:10.0487 6088 Avgmfx64 - ok
19:26:10.0549 6088 avgntflt (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
19:26:10.0549 6088 avgntflt - ok
19:26:10.0581 6088 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
19:26:10.0581 6088 Avgrkx64 - ok
19:26:10.0627 6088 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
19:26:10.0643 6088 Avgtdia - ok
19:26:10.0861 6088 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:26:10.0861 6088 avgwd - ok
19:26:10.0908 6088 avipbb (852e3c0a60d368c487949e55ad52a47f) C:\Windows\system32\DRIVERS\avipbb.sys
19:26:10.0924 6088 avipbb - ok
19:26:10.0986 6088 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:26:10.0986 6088 avkmgr - ok
19:26:11.0049 6088 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:26:11.0064 6088 AxInstSV - ok
19:26:11.0142 6088 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:26:11.0158 6088 b06bdrv - ok
19:26:11.0189 6088 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:26:11.0205 6088 b57nd60a - ok
19:26:11.0345 6088 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:26:11.0361 6088 BBSvc - ok
19:26:11.0407 6088 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:26:11.0407 6088 BDESVC - ok
19:26:11.0470 6088 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:26:11.0485 6088 Beep - ok
19:26:11.0610 6088 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:26:11.0610 6088 BFE - ok
19:26:11.0704 6088 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:26:11.0719 6088 BITS - ok
19:26:11.0797 6088 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:26:11.0813 6088 blbdrive - ok
19:26:11.0844 6088 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:26:11.0844 6088 bowser - ok
19:26:11.0860 6088 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:26:11.0875 6088 BrFiltLo - ok
19:26:11.0875 6088 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:26:11.0891 6088 BrFiltUp - ok
19:26:11.0938 6088 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:26:11.0938 6088 Browser - ok
19:26:12.0000 6088 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:26:12.0016 6088 Brserid - ok
19:26:12.0031 6088 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:26:12.0031 6088 BrSerWdm - ok
19:26:12.0047 6088 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:26:12.0047 6088 BrUsbMdm - ok
19:26:12.0063 6088 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:26:12.0063 6088 BrUsbSer - ok
19:26:12.0063 6088 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:26:12.0078 6088 BTHMODEM - ok
19:26:12.0109 6088 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:26:12.0109 6088 bthserv - ok
19:26:12.0172 6088 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:26:12.0172 6088 cdfs - ok
19:26:12.0203 6088 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:26:12.0219 6088 cdrom - ok
19:26:12.0312 6088 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:12.0328 6088 CertPropSvc - ok
19:26:12.0499 6088 cfWiMAXService (41e7c4fa6491747402cfca77cc1c7aab) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
19:26:12.0499 6088 cfWiMAXService - ok
19:26:12.0546 6088 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:26:12.0562 6088 circlass - ok
19:26:12.0624 6088 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:26:12.0624 6088 CLFS - ok
19:26:12.0702 6088 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:26:12.0702 6088 clr_optimization_v2.0.50727_32 - ok
19:26:12.0765 6088 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:26:12.0765 6088 clr_optimization_v2.0.50727_64 - ok
19:26:12.0843 6088 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:26:12.0843 6088 clr_optimization_v4.0.30319_32 - ok
19:26:12.0905 6088 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:26:12.0921 6088 clr_optimization_v4.0.30319_64 - ok
19:26:12.0952 6088 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:26:12.0967 6088 CmBatt - ok
19:26:12.0999 6088 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:26:12.0999 6088 cmdide - ok
19:26:13.0077 6088 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:26:13.0077 6088 CNG - ok
19:26:13.0123 6088 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:26:13.0123 6088 Compbatt - ok
19:26:13.0155 6088 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:26:13.0170 6088 CompositeBus - ok
19:26:13.0186 6088 COMSysApp - ok
19:26:13.0311 6088 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
19:26:13.0311 6088 ConfigFree Service - ok
19:26:13.0342 6088 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:26:13.0342 6088 crcdisk - ok
19:26:13.0404 6088 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:26:13.0420 6088 CryptSvc - ok
19:26:13.0591 6088 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:26:13.0623 6088 cvhsvc - ok
19:26:13.0701 6088 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:13.0716 6088 DcomLaunch - ok
19:26:13.0779 6088 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:26:13.0794 6088 defragsvc - ok
19:26:13.0888 6088 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:26:13.0888 6088 DfsC - ok
19:26:14.0013 6088 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:26:14.0028 6088 Dhcp - ok
19:26:14.0122 6088 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:26:14.0122 6088 discache - ok
19:26:14.0184 6088 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:26:14.0184 6088 Disk - ok
19:26:14.0231 6088 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:26:14.0247 6088 Dnscache - ok
19:26:14.0262 6088 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:26:14.0262 6088 dot3svc - ok
19:26:14.0340 6088 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:26:14.0356 6088 Dot4 - ok
19:26:14.0356 6088 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:26:14.0356 6088 Dot4Print - ok
19:26:14.0387 6088 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:26:14.0387 6088 dot4usb - ok
19:26:14.0434 6088 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:26:14.0434 6088 DPS - ok
19:26:14.0496 6088 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:26:14.0496 6088 drmkaud - ok
19:26:14.0574 6088 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:26:14.0605 6088 DXGKrnl - ok
19:26:14.0652 6088 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:26:14.0652 6088 EapHost - ok
19:26:15.0198 6088 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:26:15.0307 6088 ebdrv - ok
19:26:15.0510 6088 eczrzakz - ok
19:26:15.0541 6088 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:26:15.0557 6088 EFS - ok
19:26:15.0666 6088 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:26:15.0682 6088 ehRecvr - ok
19:26:15.0744 6088 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:26:15.0744 6088 ehSched - ok
19:26:15.0838 6088 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:26:15.0853 6088 elxstor - ok
19:26:15.0853 6088 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:26:15.0869 6088 ErrDev - ok
19:26:15.0931 6088 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:26:15.0947 6088 EventSystem - ok
19:26:15.0978 6088 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:26:15.0994 6088 exfat - ok
19:26:16.0056 6088 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:26:16.0072 6088 fastfat - ok
19:26:16.0228 6088 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:26:16.0243 6088 Fax - ok
19:26:16.0259 6088 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:26:16.0275 6088 fdc - ok
19:26:16.0337 6088 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:26:16.0337 6088 fdPHost - ok
19:26:16.0368 6088 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:26:16.0368 6088 FDResPub - ok
19:26:16.0415 6088 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:26:16.0415 6088 FileInfo - ok
19:26:16.0415 6088 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:26:16.0431 6088 Filetrace - ok
19:26:16.0446 6088 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:26:16.0446 6088 flpydisk - ok
19:26:16.0509 6088 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:26:16.0509 6088 FltMgr - ok
19:26:16.0602 6088 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:26:16.0618 6088 FontCache - ok
19:26:16.0680 6088 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:26:16.0680 6088 FontCache3.0.0.0 - ok
19:26:16.0774 6088 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:26:16.0774 6088 FsDepends - ok
19:26:16.0821 6088 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
19:26:16.0821 6088 fssfltr - ok
19:26:17.0039 6088 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:26:17.0070 6088 fsssvc - ok
19:26:17.0335 6088 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:26:17.0335 6088 Fs_Rec - ok
19:26:17.0429 6088 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:26:17.0429 6088 fvevol - ok
19:26:17.0476 6088 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:26:17.0491 6088 gagp30kx - ok
19:26:17.0601 6088 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:26:17.0601 6088 GamesAppService - ok
19:26:17.0679 6088 GFNEXSrv (fa07ec01952729ddddc5bf4bae06b09e) C:\Windows\System32\GFNEXSrv.exe
19:26:17.0679 6088 GFNEXSrv - ok
19:26:17.0788 6088 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:26:17.0803 6088 gpsvc - ok
19:26:17.0850 6088 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:26:17.0866 6088 hcw85cir - ok
19:26:17.0913 6088 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:26:17.0913 6088 HdAudAddService - ok
19:26:17.0959 6088 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:26:17.0959 6088 HDAudBus - ok
19:26:17.0975 6088 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:26:17.0991 6088 HidBatt - ok
19:26:18.0006 6088 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:26:18.0022 6088 HidBth - ok
19:26:18.0053 6088 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:26:18.0053 6088 HidIr - ok
19:26:18.0084 6088 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:26:18.0100 6088 hidserv - ok
19:26:18.0162 6088 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:26:18.0162 6088 HidUsb - ok
19:26:18.0240 6088 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:26:18.0240 6088 hkmsvc - ok
19:26:18.0256 6088 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:26:18.0271 6088 HomeGroupListener - ok
19:26:18.0303 6088 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:26:18.0318 6088 HomeGroupProvider - ok
19:26:18.0490 6088 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:26:18.0505 6088 hpqcxs08 - ok
19:26:18.0521 6088 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:26:18.0521 6088 hpqddsvc - ok
19:26:18.0568 6088 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:26:18.0568 6088 HpSAMD - ok
19:26:18.0677 6088 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:26:18.0708 6088 HPSLPSVC - ok
19:26:18.0802 6088 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:26:18.0817 6088 HTTP - ok
19:26:18.0849 6088 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:26:18.0849 6088 hwpolicy - ok
19:26:18.0895 6088 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:26:18.0895 6088 i8042prt - ok
19:26:18.0958 6088 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\DRIVERS\iaStor.sys
19:26:18.0973 6088 iaStor - ok
19:26:19.0051 6088 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:26:19.0067 6088 iaStorV - ok
19:26:19.0223 6088 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:26:19.0223 6088 IDriverT - ok
19:26:19.0348 6088 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:26:19.0363 6088 idsvc - ok
19:26:20.0237 6088 igfx (370c2a8629b30f910f740387795ddc6f) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:26:20.0487 6088 igfx - ok
19:26:20.0611 6088 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:26:20.0627 6088 iirsp - ok
19:26:20.0799 6088 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:26:20.0830 6088 IKEEXT - ok
19:26:21.0095 6088 IntcAzAudAddService (16c324e22208e6e8336c3f2da14cfe2d) C:\Windows\system32\drivers\RTKVHD64.sys
19:26:21.0142 6088 IntcAzAudAddService - ok
19:26:21.0282 6088 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:26:21.0282 6088 intelide - ok
19:26:21.0313 6088 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:26:21.0313 6088 intelppm - ok
19:26:21.0360 6088 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:26:21.0376 6088 IPBusEnum - ok
19:26:21.0423 6088 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:26:21.0438 6088 IpFilterDriver - ok
19:26:21.0501 6088 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:26:21.0516 6088 iphlpsvc - ok
19:26:21.0516 6088 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:26:21.0532 6088 IPMIDRV - ok
19:26:21.0547 6088 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:26:21.0563 6088 IPNAT - ok
19:26:21.0610 6088 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:26:21.0610 6088 IRENUM - ok
19:26:21.0657 6088 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:26:21.0657 6088 isapnp - ok
19:26:21.0735 6088 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:26:21.0735 6088 iScsiPrt - ok
19:26:21.0781 6088 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:26:21.0781 6088 kbdclass - ok
19:26:21.0844 6088 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:26:21.0844 6088 kbdhid - ok
19:26:21.0875 6088 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:21.0875 6088 KeyIso - ok
19:26:21.0906 6088 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:26:21.0906 6088 KSecDD - ok
19:26:21.0937 6088 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:26:21.0937 6088 KSecPkg - ok
19:26:21.0969 6088 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:26:21.0969 6088 ksthunk - ok
19:26:22.0093 6088 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:26:22.0109 6088 KtmRm - ok
19:26:22.0234 6088 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:26:22.0249 6088 LanmanServer - ok
19:26:22.0312 6088 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:26:22.0327 6088 LanmanWorkstation - ok
19:26:22.0390 6088 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:26:22.0390 6088 lltdio - ok
19:26:22.0452 6088 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:26:22.0468 6088 lltdsvc - ok
19:26:22.0515 6088 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:26:22.0515 6088 lmhosts - ok
19:26:22.0686 6088 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:26:22.0702 6088 LMS - ok
19:26:22.0764 6088 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:26:22.0780 6088 LSI_FC - ok
19:26:22.0827 6088 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:26:22.0827 6088 LSI_SAS - ok
19:26:22.0842 6088 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:26:22.0858 6088 LSI_SAS2 - ok
19:26:22.0858 6088 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:26:22.0873 6088 LSI_SCSI - ok
19:26:22.0905 6088 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:26:22.0905 6088 luafv - ok
19:26:22.0951 6088 ManyCam (922cbac7b992b9614cab7122f4bf9406) C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
19:26:22.0951 6088 ManyCam - ok
19:26:22.0998 6088 mcaudrv_simple (34a42dd7cf525d0d2c5232916496e4b8) C:\Windows\system32\drivers\mcaudrv_x64.sys
19:26:22.0998 6088 mcaudrv_simple - ok
19:26:23.0045 6088 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:26:23.0045 6088 Mcx2Svc - ok
19:26:23.0092 6088 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:26:23.0092 6088 megasas - ok
19:26:23.0170 6088 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:26:23.0185 6088 MegaSR - ok
19:26:23.0217 6088 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
19:26:23.0217 6088 MEIx64 - ok
19:26:23.0279 6088 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:23.0279 6088 MMCSS - ok
19:26:23.0310 6088 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:26:23.0310 6088 Modem - ok
19:26:23.0341 6088 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:26:23.0341 6088 monitor - ok
19:26:23.0373 6088 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:26:23.0388 6088 mouclass - ok
19:26:23.0419 6088 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:26:23.0419 6088 mouhid - ok
19:26:23.0451 6088 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:26:23.0451 6088 mountmgr - ok
19:26:23.0482 6088 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:26:23.0482 6088 mpio - ok
19:26:23.0497 6088 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:26:23.0497 6088 mpsdrv - ok
19:26:23.0653 6088 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:26:23.0685 6088 MpsSvc - ok
19:26:23.0716 6088 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:26:23.0716 6088 MRxDAV - ok
19:26:23.0747 6088 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:26:23.0747 6088 mrxsmb - ok
19:26:23.0794 6088 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:26:23.0809 6088 mrxsmb10 - ok
19:26:23.0825 6088 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:26:23.0825 6088 mrxsmb20 - ok
19:26:23.0856 6088 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\DRIVERS\msahci.sys
19:26:23.0856 6088 msahci - ok
19:26:23.0887 6088 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:26:23.0887 6088 msdsm - ok
19:26:23.0934 6088 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:26:23.0934 6088 MSDTC - ok
19:26:23.0997 6088 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:26:23.0997 6088 Msfs - ok
19:26:24.0043 6088 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:26:24.0043 6088 mshidkmdf - ok
19:26:24.0075 6088 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:26:24.0075 6088 msisadrv - ok
19:26:24.0199 6088 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:26:24.0215 6088 MSiSCSI - ok
19:26:24.0215 6088 msiserver - ok
19:26:24.0277 6088 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:26:24.0277 6088 MSKSSRV - ok
19:26:24.0277 6088 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:26:24.0293 6088 MSPCLOCK - ok
19:26:24.0293 6088 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:26:24.0293 6088 MSPQM - ok
19:26:24.0340 6088 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:26:24.0340 6088 MsRPC - ok
19:26:24.0371 6088 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:26:24.0371 6088 mssmbios - ok
19:26:24.0449 6088 MSSQL$IMUISSQL - ok
19:26:24.0496 6088 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
19:26:24.0496 6088 MSSQLServerADHelper - ok
19:26:24.0527 6088 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:26:24.0527 6088 MSTEE - ok
19:26:24.0574 6088 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:26:24.0574 6088 MTConfig - ok
19:26:24.0621 6088 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:26:24.0621 6088 Mup - ok
19:26:24.0730 6088 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:26:24.0745 6088 napagent - ok
19:26:24.0870 6088 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:26:24.0886 6088 NativeWifiP - ok
19:26:25.0026 6088 NAUpdate (2989174df02e0aef54bae90674fb445f) c:\Program Files (x86)\Nero\Update\NASvc.exe
19:26:25.0026 6088 NAUpdate - ok
19:26:25.0198 6088 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:26:25.0229 6088 NDIS - ok
19:26:25.0291 6088 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:26:25.0307 6088 NdisCap - ok
19:26:25.0338 6088 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:26:25.0338 6088 NdisTapi - ok
19:26:25.0401 6088 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:26:25.0401 6088 Ndisuio - ok
19:26:25.0416 6088 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:26:25.0432 6088 NdisWan - ok
19:26:25.0463 6088 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:26:25.0463 6088 NDProxy - ok
19:26:25.0525 6088 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
19:26:25.0525 6088 Net Driver HPZ12 - ok
19:26:25.0557 6088 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:26:25.0572 6088 NetBIOS - ok
19:26:25.0666 6088 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:26:25.0697 6088 NetBT - ok
19:26:25.0728 6088 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:25.0728 6088 Netlogon - ok
19:26:25.0791 6088 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:26:25.0806 6088 Netman - ok
19:26:25.0837 6088 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:26:25.0837 6088 netprofm - ok
19:26:25.0915 6088 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:26:25.0915 6088 NetTcpPortSharing - ok
19:26:25.0978 6088 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:26:25.0978 6088 nfrd960 - ok
19:26:26.0040 6088 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:26:26.0056 6088 NlaSvc - ok
19:26:26.0071 6088 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:26:26.0071 6088 Npfs - ok
19:26:26.0087 6088 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:26:26.0087 6088 nsi - ok
19:26:26.0118 6088 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:26:26.0118 6088 nsiproxy - ok
19:26:26.0290 6088 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:26:26.0321 6088 Ntfs - ok
19:26:26.0446 6088 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:26:26.0446 6088 Null - ok
19:26:26.0508 6088 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:26:26.0508 6088 nvraid - ok
19:26:26.0555 6088 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:26:26.0555 6088 nvstor - ok
19:26:26.0649 6088 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:26:26.0649 6088 nv_agp - ok
19:26:26.0664 6088 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:26:26.0664 6088 ohci1394 - ok
19:26:26.0914 6088 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:26:26.0914 6088 ose - ok
19:26:27.0429 6088 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:26:27.0585 6088 osppsvc - ok
19:26:27.0912 6088 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:27.0928 6088 p2pimsvc - ok
19:26:27.0975 6088 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:26:27.0990 6088 p2psvc - ok
19:26:28.0068 6088 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:26:28.0068 6088 Parport - ok
19:26:28.0084 6088 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:26:28.0099 6088 partmgr - ok
19:26:28.0131 6088 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:26:28.0162 6088 PcaSvc - ok
19:26:28.0193 6088 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:26:28.0209 6088 pci - ok
19:26:28.0209 6088 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
19:26:28.0209 6088 pciide - ok
19:26:28.0255 6088 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:26:28.0255 6088 pcmcia - ok
19:26:28.0287 6088 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:26:28.0287 6088 pcw - ok
19:26:28.0349 6088 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:26:28.0365 6088 PEAUTH - ok
19:26:28.0443 6088 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:26:28.0458 6088 PerfHost - ok
19:26:28.0489 6088 PGEffect (91111cebbde8015e822c46120ed9537c) C:\Windows\system32\DRIVERS\pgeffect.sys
19:26:28.0489 6088 PGEffect - ok
19:26:28.0614 6088 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:26:28.0645 6088 pla - ok
19:26:28.0770 6088 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:26:28.0770 6088 PlugPlay - ok
19:26:28.0848 6088 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
19:26:28.0848 6088 Pml Driver HPZ12 - ok
19:26:28.0895 6088 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:26:28.0895 6088 PNRPAutoReg - ok
19:26:28.0926 6088 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:26:28.0942 6088 PNRPsvc - ok
19:26:29.0004 6088 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:26:29.0004 6088 PolicyAgent - ok
19:26:29.0051 6088 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:26:29.0051 6088 Power - ok
19:26:29.0145 6088 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:26:29.0145 6088 PptpMiniport - ok
19:26:29.0176 6088 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:26:29.0176 6088 Processor - ok
19:26:29.0223 6088 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:26:29.0238 6088 ProfSvc - ok
19:26:29.0269 6088 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:29.0269 6088 ProtectedStorage - ok
19:26:29.0332 6088 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:26:29.0332 6088 Psched - ok
19:26:29.0457 6088 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:26:29.0457 6088 ql2300 - ok
19:26:29.0691 6088 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:26:29.0706 6088 ql40xx - ok
19:26:29.0784 6088 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:26:29.0815 6088 QWAVE - ok
19:26:29.0831 6088 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:26:29.0831 6088 QWAVEdrv - ok
19:26:29.0862 6088 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:26:29.0862 6088 RasAcd - ok
19:26:29.0893 6088 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:26:29.0893 6088 RasAgileVpn - ok
19:26:29.0925 6088 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:26:29.0925 6088 RasAuto - ok
19:26:29.0971 6088 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:26:29.0971 6088 Rasl2tp - ok
19:26:30.0018 6088 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:26:30.0034 6088 RasMan - ok
19:26:30.0081 6088 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:26:30.0096 6088 RasPppoe - ok
19:26:30.0112 6088 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:26:30.0112 6088 RasSstp - ok
19:26:30.0143 6088 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:26:30.0143 6088 rdbss - ok
19:26:30.0159 6088 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:26:30.0174 6088 rdpbus - ok
19:26:30.0190 6088 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:26:30.0190 6088 RDPCDD - ok
19:26:30.0205 6088 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:26:30.0205 6088 RDPENCDD - ok
19:26:30.0221 6088 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:26:30.0221 6088 RDPREFMP - ok
19:26:30.0252 6088 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:26:30.0268 6088 RDPWD - ok
19:26:30.0330 6088 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:26:30.0330 6088 rdyboost - ok
19:26:30.0361 6088 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:26:30.0377 6088 RemoteAccess - ok
19:26:30.0424 6088 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:26:30.0455 6088 RemoteRegistry - ok
19:26:30.0486 6088 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:26:30.0486 6088 RpcEptMapper - ok
19:26:30.0517 6088 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:26:30.0517 6088 RpcLocator - ok
19:26:30.0580 6088 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:26:30.0595 6088 RpcSs - ok
19:26:30.0658 6088 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:26:30.0658 6088 rspndr - ok
19:26:30.0736 6088 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\Windows\system32\Drivers\RtsUStor.sys
19:26:30.0751 6088 RSUSBSTOR - ok
19:26:30.0829 6088 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:26:30.0845 6088 RTL8167 - ok
19:26:30.0970 6088 RTL8192Ce (e7d79600575f755614dd5d79b044d588) C:\Windows\system32\DRIVERS\rtl8192Ce.sys
19:26:31.0001 6088 RTL8192Ce - ok
19:26:31.0032 6088 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:31.0032 6088 SamSs - ok
19:26:31.0063 6088 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:26:31.0063 6088 sbp2port - ok
19:26:31.0126 6088 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:26:31.0126 6088 SCardSvr - ok
19:26:31.0157 6088 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:26:31.0157 6088 scfilter - ok
19:26:31.0235 6088 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:26:31.0266 6088 Schedule - ok
19:26:31.0297 6088 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:26:31.0297 6088 SCPolicySvc - ok
19:26:31.0329 6088 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:26:31.0344 6088 SDRSVC - ok
19:26:31.0547 6088 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:26:31.0563 6088 SeaPort - ok
19:26:31.0625 6088 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:26:31.0641 6088 secdrv - ok
19:26:31.0672 6088 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:26:31.0672 6088 seclogon - ok
19:26:31.0687 6088 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:26:31.0687 6088 SENS - ok
19:26:31.0750 6088 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:26:31.0750 6088 SensrSvc - ok
19:26:31.0828 6088 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:26:31.0828 6088 Serenum - ok
19:26:31.0859 6088 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:26:31.0859 6088 Serial - ok
19:26:31.0875 6088 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:26:31.0875 6088 sermouse - ok
19:26:31.0921 6088 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:26:31.0921 6088 SessionEnv - ok
19:26:31.0937 6088 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:26:31.0953 6088 sffdisk - ok
19:26:31.0968 6088 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:26:31.0968 6088 sffp_mmc - ok
19:26:31.0968 6088 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:26:31.0984 6088 sffp_sd - ok
19:26:31.0999 6088 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:26:31.0999 6088 sfloppy - ok
19:26:32.0109 6088 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:26:32.0124 6088 Sftfs - ok
19:26:32.0233 6088 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:26:32.0249 6088 sftlist - ok
19:26:32.0280 6088 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:26:32.0280 6088 Sftplay - ok
19:26:32.0311 6088 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:26:32.0311 6088 Sftredir - ok
19:26:32.0343 6088 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:26:32.0343 6088 Sftvol - ok
19:26:32.0405 6088 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:26:32.0405 6088 sftvsa - ok
19:26:32.0499 6088 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:26:32.0514 6088 SharedAccess - ok
19:26:32.0561 6088 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:26:32.0577 6088 ShellHWDetection - ok
19:26:32.0623 6088 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:26:32.0639 6088 SiSRaid2 - ok
19:26:32.0639 6088 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:26:32.0639 6088 SiSRaid4 - ok
19:26:32.0670 6088 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:26:32.0670 6088 Smb - ok
19:26:32.0748 6088 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:26:32.0748 6088 SNMPTRAP - ok
19:26:32.0779 6088 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:26:32.0779 6088 spldr - ok
19:26:32.0842 6088 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:26:32.0857 6088 Spooler - ok
19:26:33.0076 6088 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:26:33.0154 6088 sppsvc - ok
19:26:33.0263 6088 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:26:33.0263 6088 sppuinotify - ok
19:26:33.0403 6088 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:26:33.0403 6088 SQLBrowser - ok
19:26:33.0544 6088 SQLWriter (3c432a96363097870995e2a3c8b66abd) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:26:33.0544 6088 SQLWriter - ok
19:26:33.0637 6088 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:26:33.0653 6088 srv - ok
19:26:33.0715 6088 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:26:33.0731 6088 srv2 - ok
19:26:33.0778 6088 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:26:33.0793 6088 srvnet - ok
19:26:33.0840 6088 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:26:33.0856 6088 SSDPSRV - ok
19:26:33.0856 6088 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:26:33.0871 6088 SstpSvc - ok
19:26:33.0903 6088 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:26:33.0903 6088 stexstor - ok
19:26:33.0934 6088 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:26:33.0934 6088 StillCam - ok
19:26:33.0996 6088 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:26:34.0012 6088 stisvc - ok
19:26:34.0043 6088 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:26:34.0043 6088 swenum - ok
19:26:34.0105 6088 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:26:34.0137 6088 swprv - ok
19:26:34.0277 6088 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\Windows\system32\DRIVERS\SynTP.sys
19:26:34.0293 6088 SynTP - ok
19:26:34.0636 6088 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:26:34.0667 6088 SysMain - ok
19:26:34.0823 6088 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:26:34.0839 6088 TabletInputService - ok
19:26:34.0870 6088 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:26:34.0885 6088 TapiSrv - ok
19:26:34.0901 6088 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:26:34.0901 6088 TBS - ok
19:26:35.0104 6088 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:26:35.0135 6088 Tcpip - ok
19:26:35.0400 6088 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:26:35.0431 6088 TCPIP6 - ok
19:26:35.0650 6088 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:26:35.0650 6088 tcpipreg - ok
19:26:35.0681 6088 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\Windows\system32\DRIVERS\tdcmdpst.sys
19:26:35.0681 6088 tdcmdpst - ok
19:26:35.0712 6088 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:26:35.0712 6088 TDPIPE - ok
19:26:35.0743 6088 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:26:35.0759 6088 TDTCP - ok
19:26:35.0806 6088 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:26:35.0821 6088 tdx - ok
19:26:35.0931 6088 TemproMonitoringService (1b709733a04dcc41a63f9cd1f76a4ebe) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
19:26:35.0931 6088 TemproMonitoringService - ok
19:26:35.0977 6088 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:26:35.0993 6088 TermDD - ok
19:26:36.0071 6088 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:26:36.0102 6088 TermService - ok
19:26:36.0118 6088 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:26:36.0118 6088 Themes - ok
19:26:36.0149 6088 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:26:36.0149 6088 THREADORDER - ok
19:26:36.0227 6088 TMachInfo (f120967184a27e927052e8ddbb727851) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:26:36.0227 6088 TMachInfo - ok
19:26:36.0274 6088 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\Windows\system32\TODDSrv.exe
19:26:36.0274 6088 TODDSrv - ok
19:26:36.0414 6088 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
19:26:36.0414 6088 TosCoSrv - ok
19:26:36.0492 6088 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:26:36.0492 6088 TOSHIBA HDD SSD Alert Service - ok
19:26:36.0664 6088 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\Windows\system32\DRIVERS\tos_sps64.sys
19:26:36.0664 6088 tos_sps64 - ok
19:26:36.0773 6088 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:26:36.0789 6088 TrkWks - ok
19:26:36.0851 6088 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:26:36.0851 6088 TrustedInstaller - ok
19:26:36.0898 6088 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:26:36.0898 6088 tssecsrv - ok
19:26:36.0929 6088 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:26:36.0929 6088 TsUsbFlt - ok
19:26:36.0945 6088 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:26:36.0945 6088 TsUsbGD - ok
19:26:36.0991 6088 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:26:36.0991 6088 tunnel - ok
19:26:37.0069 6088 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
19:26:37.0069 6088 TVALZ - ok
19:26:37.0085 6088 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:26:37.0085 6088 uagp35 - ok
19:26:37.0132 6088 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:26:37.0132 6088 udfs - ok
19:26:37.0179 6088 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:26:37.0179 6088 UI0Detect - ok
19:26:37.0210 6088 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:26:37.0225 6088 uliagpkx - ok
19:26:37.0288 6088 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:26:37.0303 6088 umbus - ok
19:26:37.0319 6088 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:26:37.0335 6088 UmPass - ok
19:26:37.0709 6088 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:26:37.0771 6088 UNS - ok
19:26:37.0912 6088 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:26:37.0912 6088 upnphost - ok
19:26:37.0974 6088 usbbus (c85b8247fadd432fa54fe11667c8d97d) C:\Windows\system32\DRIVERS\lgx64bus.sys
19:26:37.0974 6088 usbbus - ok
19:26:38.0021 6088 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:26:38.0021 6088 usbccgp - ok
19:26:38.0083 6088 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:26:38.0083 6088 usbcir - ok
19:26:38.0130 6088 UsbDiag (d8cdc12f5429878f23ddb3785a0fdf95) C:\Windows\system32\DRIVERS\lgx64diag.sys
19:26:38.0130 6088 UsbDiag - ok
19:26:38.0146 6088 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:26:38.0161 6088 usbehci - ok
19:26:38.0193 6088 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:26:38.0208 6088 usbhub - ok
19:26:38.0255 6088 USBModem (79fa7a22b0f6f0082f640cbc82a00fce) C:\Windows\system32\DRIVERS\lgx64modem.sys
19:26:38.0271 6088 USBModem - ok
19:26:38.0302 6088 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:26:38.0302 6088 usbohci - ok
19:26:38.0333 6088 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:26:38.0333 6088 usbprint - ok
19:26:38.0364 6088 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:26:38.0380 6088 usbscan - ok
19:26:38.0427 6088 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:26:38.0427 6088 USBSTOR - ok
19:26:38.0442 6088 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:26:38.0442 6088 usbuhci - ok
19:26:38.0489 6088 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:26:38.0505 6088 usbvideo - ok
19:26:38.0520 6088 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:26:38.0520 6088 UxSms - ok
19:26:38.0598 6088 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:26:38.0598 6088 VaultSvc - ok
19:26:38.0676 6088 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:26:38.0676 6088 vdrvroot - ok
19:26:38.0785 6088 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:26:38.0785 6088 vds - ok
19:26:38.0817 6088 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:26:38.0817 6088 vga - ok
19:26:38.0848 6088 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:26:38.0848 6088 VgaSave - ok
19:26:38.0910 6088 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:26:38.0926 6088 vhdmp - ok
19:26:38.0926 6088 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:26:38.0941 6088 viaide - ok
19:26:38.0973 6088 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:26:38.0973 6088 volmgr - ok
19:26:39.0019 6088 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:26:39.0019 6088 volmgrx - ok
19:26:39.0066 6088 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:26:39.0082 6088 volsnap - ok
19:26:39.0129 6088 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:26:39.0129 6088 vsmraid - ok
19:26:39.0269 6088 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:26:39.0300 6088 VSS - ok
19:26:39.0456 6088 vToolbarUpdater (49099f62da09c819ecc69e9d9267d3ac) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
19:26:39.0472 6088 vToolbarUpdater - ok
19:26:39.0612 6088 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:26:39.0612 6088 vwifibus - ok
19:26:39.0659 6088 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:26:39.0659 6088 vwififlt - ok
19:26:39.0721 6088 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:26:39.0721 6088 vwifimp - ok
19:26:39.0799 6088 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:26:39.0815 6088 W32Time - ok
19:26:39.0846 6088 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:26:39.0862 6088 WacomPen - ok
19:26:39.0893 6088 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0909 6088 WANARP - ok
19:26:39.0909 6088 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:26:39.0909 6088 Wanarpv6 - ok
19:26:40.0049 6088 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:26:40.0080 6088 WatAdminSvc - ok
19:26:40.0205 6088 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:26:40.0221 6088 wbengine - ok
19:26:40.0345 6088 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:26:40.0361 6088 WbioSrvc - ok
19:26:40.0392 6088 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:26:40.0423 6088 wcncsvc - ok
19:26:40.0423 6088 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:26:40.0439 6088 WcsPlugInService - ok
19:26:40.0486 6088 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:26:40.0501 6088 Wd - ok
19:26:40.0564 6088 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:26:40.0579 6088 Wdf01000 - ok
19:26:40.0611 6088 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:40.0611 6088 WdiServiceHost - ok
19:26:40.0611 6088 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:26:40.0626 6088 WdiSystemHost - ok
19:26:40.0642 6088 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:26:40.0657 6088 WebClient - ok
19:26:40.0689 6088 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:26:40.0689 6088 Wecsvc - ok
19:26:40.0751 6088 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:26:40.0751 6088 wercplsupport - ok
19:26:40.0782 6088 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:26:40.0782 6088 WerSvc - ok
19:26:40.0876 6088 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:26:40.0876 6088 WfpLwf - ok
19:26:40.0907 6088 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:26:40.0907 6088 WIMMount - ok
19:26:40.0969 6088 WinDefend - ok
19:26:40.0985 6088 WinHttpAutoProxySvc - ok
19:26:41.0063 6088 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:26:41.0063 6088 Winmgmt - ok
19:26:41.0219 6088 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:26:41.0266 6088 WinRM - ok
19:26:41.0453 6088 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:26:41.0453 6088 Wlansvc - ok
19:26:41.0547 6088 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:26:41.0547 6088 wlcrasvc - ok
19:26:41.0765 6088 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:26:41.0843 6088 wlidsvc - ok
19:26:42.0015 6088 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:26:42.0015 6088 WmiAcpi - ok
19:26:42.0093 6088 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:26:42.0093 6088 wmiApSrv - ok
19:26:42.0171 6088 WMPNetworkSvc - ok
19:26:42.0233 6088 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:26:42.0249 6088 WPCSvc - ok
19:26:42.0264 6088 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:26:42.0280 6088 WPDBusEnum - ok
19:26:42.0295 6088 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:26:42.0311 6088 ws2ifsl - ok
19:26:42.0342 6088 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:26:42.0358 6088 wscsvc - ok
19:26:42.0358 6088 WSearch - ok
19:26:42.0545 6088 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:26:42.0561 6088 wuauserv - ok
19:26:42.0685 6088 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:26:42.0701 6088 WudfPf - ok
19:26:42.0732 6088 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:26:42.0748 6088 WUDFRd - ok
19:26:42.0779 6088 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:26:42.0779 6088 wudfsvc - ok
19:26:42.0873 6088 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:26:42.0888 6088 WwanSvc - ok
19:26:42.0966 6088 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:26:42.0982 6088 \Device\Harddisk0\DR0 - ok
19:26:42.0982 6088 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
19:26:42.0982 6088 \Device\Harddisk1\DR5 - ok
19:26:42.0997 6088 Boot (0x1200) (6bb62090a3744140081c216e581d012a) \Device\Harddisk0\DR0\Partition0
19:26:42.0997 6088 \Device\Harddisk0\DR0\Partition0 - ok
19:26:43.0013 6088 Boot (0x1200) (e79cdd2a72f6af28c80445a703c5c52d) \Device\Harddisk0\DR0\Partition1
19:26:43.0013 6088 \Device\Harddisk0\DR0\Partition1 - ok
19:26:43.0029 6088 Boot (0x1200) (c62ecd414708fb99cd63b1d846562f9a) \Device\Harddisk1\DR5\Partition0
19:26:43.0029 6088 \Device\Harddisk1\DR5\Partition0 - ok
19:26:43.0029 6088 ============================================================
19:26:43.0029 6088 Scan finished
19:26:43.0029 6088 ============================================================
19:26:43.0029 5568 Detected object count: 0
19:26:43.0029 5568 Actual detected object count: 0

---------- Post toegevoegd om 19:33 ---------- Vorige post was om 19:29 ----------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:49, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14895 bytes




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:49, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14895 bytes

Bewerkt door Karoline, 05 mei 2012 - 18:34.
2e report bijgeplaatst


#13 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40894 berichten

Geplaatst 05 mei 2012 - 18:36

Logje HijackThis is nog steeds identiek. De aangeduide items zitten nog in dit log. Heb je dit als Win 7-gebruiker uitgevoerd als "administrator" ? Zo niet, wil je dat nog eens herhalen en doe het meteen ook in "veilige modus". Hang daarna een actueel log van HijackThis in je volgende bericht.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#14 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 18:43

Ik heb niet de melding gekregen "Your files should be visible now", maar op mijn bureaublad staat wel alles weer!!!!
heb ook weer toegang tot de rest van mijn data!!!

Hoe nu verder? en wat kan ik nog doen aan firewall - virusscan????

---------- Post toegevoegd om 19:38 ---------- Vorige post was om 19:37 ----------

Ok zal ik doen, momentje

---------- Post toegevoegd om 19:42 ---------- Vorige post was om 19:38 ----------

Het laatste log


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:12, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode
Running processes:
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O3 - Toolbar: Wondershare PC Care Toolbar - {bee9ae08-b4e5-4021-ae8b-0befc64d537b} - C:\Program Files (x86)\Wondershare PC Care Toolbar\IE\5.6\pccareToolbarIE.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13386 bytes

---------- Post toegevoegd om 19:43 ---------- Vorige post was om 19:42 ----------

Heb het uitgevoerd in veilige modus en als Administrator

#15 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 18:59

Nog maar eens het een en ander geprobeerd - dit is het laatste log
Er blijven nog steeds een paar regels opstaan die ik verwijderd zou hebben.....

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:18, on 05-05-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode
Running processes:
F:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door MSN and Bing
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
O4 - HKCU\..\Run: [Spotify] "C:\Users\Taart van Oma\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Taart van Oma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Toshiba Places Icon Utility.lnk = C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.h...tDetection2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @c:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12413 bytes

#16 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40894 berichten

Geplaatst 05 mei 2012 - 19:19

Nu ben je er helemaal door met het logje van HijackThis. De twee lijntjes die terugkeren in je nieuwe log zijn "schoonheidsfoutjes" en hebben geen enkele negatieve invloed op werking PC. De rest van het log ziet er prima uit !

Laat nu Avira eens opnieuw scannen. Benieuwd wat die nog te vertellen heeft ?

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#17 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 05 mei 2012 - 19:42

Avira geeft aan dat er 65 verborgen objecten zijn en dat er een herstel gedraaid moet worden.....
Meer niet .

Laat nu ook nog AVG scannen

Wat moet ik nu doen?

#18 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40894 berichten

Geplaatst 05 mei 2012 - 19:56

Verwijder manueel TDSS Killer.

Download CCleaner.
Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In Windows 7

  • via Start -> Configuratiescherm -> Systeem -> Systeembeveiliging -> schakel nu systeemherstel uit door de gewenste schijf te selecteren en op "configureren" te klikken.
  • Klik nu op "verwijderen" om alle herstelpunten te verwijderen.
  • Klik op "Toepassen" en "OK".
  • Herstart nu de PC.
Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#19 Karoline

Karoline

    Lid

  • Lid
  • PipPip
  • 13 berichten

Geplaatst 06 mei 2012 - 01:49

sorry dat ik er weer ben, maar ik krijg mijn oude herstelpunten niet verwijderd. Kan ze niet vinden .... :(((

#20 clarkie

clarkie

    Super Moderator

  • Super Moderator
  • 20990 berichten

Geplaatst 06 mei 2012 - 08:32

Ga via Start -> Configuratiescherm naar Systeem en klik erop

herstel.png
Je krijgt nu onderstaand scherm, klik op geavanceerde systeeminstellingen.

herstel1.jpg

Volgend venster verschijnt, klik op het tabblad systeembeveiliging.

herstel2.png

Selecteer je schijf (normaal gezien je C schijf) en klik op configureren.

herstel3.png

In het volgend venster klik je op verwijderen.
Dan op toepassen en OK.

herstel4.png




0 gebruiker(s) lezen dit onderwerp

0 leden, 0 gasten, 0 anonieme gebruikers

Over ons

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!