Vraag & Antwoord

Beveiliging & privacy

Laptop sinds drie dagen traag + hijack log

Anoniem
Abraham54
14 antwoorden
  • Beste mensen,

    Sinds drie dagen loopt mijn toshiba nb505 met windows 7 traag. Ik merk dit onder andere bij het typen waarbij het enige tijd kan duren voordat de letters op het beeld verschijnen en bij het luisteren van muziek hoor ik soms onderbrekingen. Ik heb geen idee waar dit aan kan liggen en hoop dat jullie mij kunnen helpen.

    Hieronder een hijack log file:


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 17:53:22, on 9-11-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\windows\system32\taskhost.exe
    C:\windows\system32\Dwm.exe
    C:\windows\Explorer.EXE
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\igfxsrvc.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\TECO\Teco.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.exe
    C:\Program Files\OpenOffice.org 3\program\soffice.bin
    C:\windows\system32\igfxext.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\windows\system32\prevhost.exe
    C:\Program Files\BitTorrent\BitTorrent.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\wuauclt.exe
    C:\Users\Tom\AppData\Local\Amazon\Kindle\application\Kindle.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\windows\system32\rundll32.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Tom\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe"

    O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
    O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - HKCU\..\Run: [20090604] C:\Program Files\Encore\Hoyle Card Games 2011\Ereg\encore_reg.exe
    "C:\Program Files\Encore\Hoyle Card Games 2011\Ereg\encore_reg.rpd"
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe


    End of file - 8664 bytes

  • Ik heb tevergeefs gezocht naar antivirussoftware!
    Waarom zit er niks in deze Windows?
    Voor de rest moet ik constateren dat jij dit Toshiba netbook als een gewone computer gebruikt.

    Een netbook is eerder een pc'tje voor erbij!

    Windows komt overigens om in de opstarters, waarvan twee onbekend zijn!

    [b:99a987500d]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:99a987500d]

  • Ok hartelijk dank voor je reactie. Op dit moemnt verblijf ik voor lange tijd in het buitenland. Ik heb deze laptop in Amerika gekocht en gebruik hem inderdaad als mijn pc, omdat ik op dit moment geen andere mogelijkheden heb.

    Hierbij de logs:

    TDSSKILLER
    [b:48930dfad1][u:48930dfad1]

    19:49:08.0404 5648 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
    19:49:09.0407 5648 ============================================================
    19:49:09.0407 5648 Current date / time: 2011/11/09 19:49:09.0406
    19:49:09.0407 5648 SystemInfo:
    19:49:09.0407 5648
    19:49:09.0408 5648 OS Version: 6.1.7601 ServicePack: 1.0
    19:49:09.0408 5648 Product type: Workstation
    19:49:09.0408 5648 ComputerName: TOM-PC
    19:49:09.0409 5648 UserName: Tom
    19:49:09.0409 5648 Windows directory: C:\windows
    19:49:09.0409 5648 System windows directory: C:\windows
    19:49:09.0409 5648 Processor architecture: Intel x86
    19:49:09.0410 5648 Number of processors: 2
    19:49:09.0410 5648 Page size: 0x1000
    19:49:09.0410 5648 Boot type: Normal boot
    19:49:09.0410 5648 ============================================================
    19:49:10.0207 5648 Initialize success
    19:49:39.0253 3936 ============================================================
    19:49:39.0253 3936 Scan started
    19:49:39.0253 3936 Mode: Manual;
    19:49:39.0254 3936 ============================================================
    19:49:40.0133 3936 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
    19:49:40.0139 3936 1394ohci - ok
    19:49:40.0264 3936 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
    19:49:40.0277 3936 ACPI - ok
    19:49:40.0401 3936 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
    19:49:40.0404 3936 AcpiPmi - ok
    19:49:40.0554 3936 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
    19:49:40.0565 3936 adp94xx - ok
    19:49:40.0706 3936 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
    19:49:40.0715 3936 adpahci - ok
    19:49:40.0844 3936 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
    19:49:40.0849 3936 adpu320 - ok
    19:49:41.0000 3936 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
    19:49:41.0011 3936 AFD - ok
    19:49:41.0129 3936 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
    19:49:41.0133 3936 agp440 - ok
    19:49:41.0272 3936 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
    19:49:41.0277 3936 aic78xx - ok
    19:49:41.0424 3936 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
    19:49:41.0427 3936 aliide - ok
    19:49:41.0541 3936 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
    19:49:41.0545 3936 amdagp - ok
    19:49:41.0648 3936 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
    19:49:41.0652 3936 amdide - ok
    19:49:41.0771 3936 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
    19:49:41.0777 3936 AmdK8 - ok
    19:49:41.0885 3936 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
    19:49:41.0890 3936 AmdPPM - ok
    19:49:42.0010 3936 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
    19:49:42.0015 3936 amdsata - ok
    19:49:42.0136 3936 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
    19:49:42.0142 3936 amdsbs - ok
    19:49:42.0251 3936 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
    19:49:42.0255 3936 amdxata - ok
    19:49:42.0381 3936 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
    19:49:42.0385 3936 AppID - ok
    19:49:42.0575 3936 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
    19:49:42.0580 3936 arc - ok
    19:49:42.0689 3936 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
    19:49:42.0695 3936 arcsas - ok
    19:49:42.0832 3936 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
    19:49:42.0836 3936 AsyncMac - ok
    19:49:42.0967 3936 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
    19:49:42.0972 3936 atapi - ok
    19:49:43.0152 3936 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
    19:49:43.0164 3936 b06bdrv - ok
    19:49:43.0282 3936 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
    19:49:43.0290 3936 b57nd60x - ok
    19:49:43.0442 3936 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
    19:49:43.0446 3936 Beep - ok
    19:49:43.0586 3936 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
    19:49:43.0590 3936 blbdrive - ok
    19:49:43.0926 3936 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
    19:49:43.0932 3936 bowser - ok
    19:49:44.0048 3936 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
    19:49:44.0052 3936 BrFiltLo - ok
    19:49:44.0149 3936 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
    19:49:44.0153 3936 BrFiltUp - ok
    19:49:44.0244 3936 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
    19:49:44.0253 3936 Brserid - ok
    19:49:44.0362 3936 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
    19:49:44.0366 3936 BrSerWdm - ok
    19:49:44.0475 3936 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
    19:49:44.0479 3936 BrUsbMdm - ok
    19:49:44.0587 3936 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
    19:49:44.0590 3936 BrUsbSer - ok
    19:49:44.0700 3936 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
    19:49:44.0704 3936 BTHMODEM - ok
    19:49:44.0870 3936 catchme - ok
    19:49:45.0000 3936 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
    19:49:45.0004 3936 cdfs - ok
    19:49:45.0121 3936 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
    19:49:45.0128 3936 cdrom - ok
    19:49:45.0254 3936 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
    19:49:45.0257 3936 circlass - ok
    19:49:45.0356 3936 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
    19:49:45.0365 3936 CLFS - ok
    19:49:45.0519 3936 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
    19:49:45.0524 3936 CmBatt - ok
    19:49:45.0624 3936 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
    19:49:45.0629 3936 cmdide - ok
    19:49:45.0773 3936 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
    19:49:45.0784 3936 CNG - ok
    19:49:45.0899 3936 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
    19:49:45.0903 3936 Compbatt - ok
    19:49:46.0014 3936 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
    19:49:46.0019 3936 CompositeBus - ok
    19:49:46.0151 3936 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
    19:49:46.0156 3936 crcdisk - ok
    19:49:46.0340 3936 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
    19:49:46.0347 3936 DfsC - ok
    19:49:46.0480 3936 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
    19:49:46.0484 3936 discache - ok
    19:49:46.0607 3936 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
    19:49:46.0612 3936 Disk - ok
    19:49:46.0751 3936 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
    19:49:46.0755 3936 drmkaud - ok
    19:49:46.0880 3936 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\windows\system32\DRIVERS\dtsoftbus01.sys
    19:49:46.0888 3936 dtsoftbus01 - ok
    19:49:47.0020 3936 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
    19:49:47.0042 3936 DXGKrnl - ok
    19:49:47.0551 3936 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
    19:49:47.0667 3936 ebdrv - ok
    19:49:47.0821 3936 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
    19:49:47.0836 3936 elxstor - ok
    19:49:47.0952 3936 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
    19:49:47.0958 3936 ErrDev - ok
    19:49:48.0093 3936 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
    19:49:48.0100 3936 exfat - ok
    19:49:48.0207 3936 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
    19:49:48.0213 3936 fastfat - ok
    19:49:48.0342 3936 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
    19:49:48.0346 3936 fdc - ok
    19:49:48.0726 3936 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
    19:49:48.0735 3936 FileInfo - ok
    19:49:48.0866 3936 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
    19:49:48.0870 3936 Filetrace - ok
    19:49:48.0988 3936 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
    19:49:48.0992 3936 flpydisk - ok
    19:49:49.0106 3936 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
    19:49:49.0113 3936 FltMgr - ok
    19:49:49.0250 3936 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
    19:49:49.0256 3936 FsDepends - ok
    19:49:49.0369 3936 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
    19:49:49.0375 3936 Fs_Rec - ok
    19:49:49.0516 3936 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
    19:49:49.0527 3936 fvevol - ok
    19:49:49.0643 3936 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
    19:49:49.0647 3936 gagp30kx - ok
    19:49:49.0779 3936 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    19:49:49.0784 3936 GEARAspiWDM - ok
    19:49:49.0932 3936 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
    19:49:49.0936 3936 hcw85cir - ok
    19:49:50.0074 3936 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
    19:49:50.0083 3936 HdAudAddService - ok
    19:49:50.0204 3936 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
    19:49:50.0209 3936 HDAudBus - ok
    19:49:50.0304 3936 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
    19:49:50.0308 3936 HidBatt - ok
    19:49:50.0418 3936 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
    19:49:50.0424 3936 HidBth - ok
    19:49:50.0520 3936 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
    19:49:50.0526 3936 HidIr - ok
    19:49:50.0649 3936 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
    19:49:50.0653 3936 HidUsb - ok
    19:49:50.0798 3936 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
    19:49:50.0804 3936 HpSAMD - ok
    19:49:50.0931 3936 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
    19:49:50.0946 3936 HTTP - ok
    19:49:51.0042 3936 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
    19:49:51.0046 3936 hwpolicy - ok
    19:49:51.0159 3936 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
    19:49:51.0164 3936 i8042prt - ok
    19:49:51.0302 3936 iaStor (d80aa0907748d7cc8efab3773f32629b) C:\windows\system32\DRIVERS\iaStor.sys
    19:49:51.0311 3936 iaStor - ok
    19:49:51.0434 3936 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
    19:49:51.0444 3936 iaStorV - ok
    19:49:51.0764 3936 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\windows\system32\DRIVERS\igdkmd32.sys
    19:49:51.0939 3936 igfx - ok
    19:49:52.0070 3936 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
    19:49:52.0074 3936 iirsp - ok
    19:49:52.0334 3936 IntcAzAudAddService (cfa2d161b146425a3356da92ae59a6f6) C:\windows\system32\drivers\RTKVHDA.sys
    19:49:52.0445 3936 IntcAzAudAddService - ok
    19:49:52.0552 3936 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
    19:49:52.0555 3936 intelide - ok
    19:49:52.0667 3936 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
    19:49:52.0672 3936 intelppm - ok
    19:49:52.0786 3936 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
    19:49:52.0791 3936 IpFilterDriver - ok
    19:49:52.0929 3936 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
    19:49:52.0935 3936 IPMIDRV - ok
    19:49:53.0056 3936 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
    19:49:53.0062 3936 IPNAT - ok
    19:49:53.0175 3936 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
    19:49:53.0178 3936 IRENUM - ok
    19:49:53.0284 3936 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
    19:49:53.0288 3936 isapnp - ok
    19:49:53.0336 3936 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
    19:49:53.0343 3936 iScsiPrt - ok
    19:49:53.0444 3936 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
    19:49:53.0448 3936 kbdclass - ok
    19:49:53.0565 3936 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
    19:49:53.0568 3936 kbdhid - ok
    19:49:53.0684 3936 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\windows\system32\Drivers\ksecdd.sys
    19:49:53.0688 3936 KSecDD - ok
    19:49:53.0812 3936 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys
    19:49:53.0818 3936 KSecPkg - ok
    19:49:54.0012 3936 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
    19:49:54.0016 3936 lltdio - ok
    19:49:54.0173 3936 LPCFilter (6adab14d7ad12b35bdc665b35278099b) C:\windows\system32\DRIVERS\LPCFilter.sys
    19:49:54.0177 3936 LPCFilter - ok
    19:49:54.0303 3936 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
    19:49:54.0309 3936 LSI_FC - ok
    19:49:54.0427 3936 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
    19:49:54.0432 3936 LSI_SAS - ok
    19:49:54.0550 3936 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
    19:49:54.0557 3936 LSI_SAS2 - ok
    19:49:54.0654 3936 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
    19:49:54.0660 3936 LSI_SCSI - ok
    19:49:54.0771 3936 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
    19:49:54.0776 3936 luafv - ok
    19:49:54.0881 3936 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
    19:49:54.0885 3936 megasas - ok
    19:49:55.0012 3936 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
    19:49:55.0020 3936 MegaSR - ok
    19:49:55.0132 3936 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
    19:49:55.0136 3936 Modem - ok
    19:49:55.0237 3936 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
    19:49:55.0243 3936 monitor - ok
    19:49:55.0358 3936 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
    19:49:55.0362 3936 mouclass - ok
    19:49:55.0470 3936 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
    19:49:55.0474 3936 mouhid - ok
    19:49:55.0585 3936 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
    19:49:55.0590 3936 mountmgr - ok
    19:49:55.0696 3936 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
    19:49:55.0701 3936 mpio - ok
    19:49:55.0805 3936 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
    19:49:55.0811 3936 mpsdrv - ok
    19:49:55.0931 3936 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
    19:49:55.0937 3936 MRxDAV - ok
    19:49:56.0053 3936 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
    19:49:56.0059 3936 mrxsmb - ok
    19:49:56.0166 3936 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
    19:49:56.0174 3936 mrxsmb10 - ok
    19:49:56.0276 3936 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
    19:49:56.0281 3936 mrxsmb20 - ok
    19:49:56.0376 3936 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
    19:49:56.0380 3936 msahci - ok
    19:49:56.0483 3936 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
    19:49:56.0488 3936 msdsm - ok
    19:49:56.0605 3936 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
    19:49:56.0610 3936 Msfs - ok
    19:49:56.0709 3936 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
    19:49:56.0712 3936 mshidkmdf - ok
    19:49:56.0813 3936 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
    19:49:56.0816 3936 msisadrv - ok
    19:49:56.0935 3936 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
    19:49:56.0938 3936 MSKSSRV - ok
    19:49:57.0045 3936 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
    19:49:57.0049 3936 MSPCLOCK - ok
    19:49:57.0152 3936 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
    19:49:57.0157 3936 MSPQM - ok
    19:49:57.0258 3936 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
    19:49:57.0265 3936 MsRPC - ok
    19:49:57.0377 3936 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
    19:49:57.0382 3936 mssmbios - ok
    19:49:57.0477 3936 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
    19:49:57.0481 3936 MSTEE - ok
    19:49:57.0578 3936 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
    19:49:57.0581 3936 MTConfig - ok
    19:49:57.0683 3936 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
    19:49:57.0687 3936 Mup - ok
    19:49:57.0817 3936 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS
    wifi.sys
    19:49:57.0827 3936 NativeWifiP - ok
    19:49:57.0952 3936 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers
    dis.sys
    19:49:57.0974 3936 NDIS - ok
    19:49:58.0081 3936 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS
    discap.sys
    19:49:58.0085 3936 NdisCap - ok
    19:49:58.0202 3936 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS
    distapi.sys
    19:49:58.0205 3936 NdisTapi - ok
    19:49:58.0315 3936 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS
    disuio.sys
    19:49:58.0319 3936 Ndisuio - ok
    19:49:58.0381 3936 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS
    diswan.sys
    19:49:58.0388 3936 NdisWan - ok
    19:49:58.0494 3936 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
    19:49:58.0498 3936 NDProxy - ok
    19:49:58.0603 3936 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS
    etbios.sys
    19:49:58.0608 3936 NetBIOS - ok
    19:49:58.0715 3936 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS
    etbt.sys
    19:49:58.0723 3936 NetBT - ok
    19:49:58.0872 3936 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS
    frd960.sys
    19:49:58.0876 3936 nfrd960 - ok
    19:49:58.0993 3936 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
    19:49:58.0997 3936 Npfs - ok
    19:49:59.0115 3936 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers
    siproxy.sys
    19:49:59.0118 3936 nsiproxy - ok
    19:49:59.0275 3936 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
    19:49:59.0311 3936 Ntfs - ok
    19:49:59.0414 3936 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
    19:49:59.0419 3936 Null - ok
    19:49:59.0539 3936 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers
    vraid.sys
    19:49:59.0547 3936 nvraid - ok
    19:49:59.0683 3936 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers
    vstor.sys
    19:49:59.0691 3936 nvstor - ok
    19:49:59.0832 3936 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers
    v_agp.sys
    19:49:59.0839 3936 nv_agp - ok
    19:49:59.0955 3936 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
    19:49:59.0961 3936 ohci1394 - ok
    19:50:00.0081 3936 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
    19:50:00.0085 3936 Parport - ok
    19:50:00.0171 3936 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
    19:50:00.0175 3936 partmgr - ok
    19:50:00.0273 3936 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
    19:50:00.0278 3936 Parvdm - ok
    19:50:00.0401 3936 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
    19:50:00.0408 3936 pci - ok
    19:50:00.0510 3936 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
    19:50:00.0515 3936 pciide - ok
    19:50:00.0633 3936 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
    19:50:00.0642 3936 pcmcia - ok
    19:50:00.0751 3936 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
    19:50:00.0755 3936 pcw - ok
    19:50:00.0884 3936 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
    19:50:00.0902 3936 PEAUTH - ok
    19:50:01.0032 3936 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
    19:50:01.0040 3936 PGEffect - ok
    19:50:01.0222 3936 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
    19:50:01.0229 3936 PptpMiniport - ok
    19:50:01.0337 3936 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
    19:50:01.0343 3936 Processor - ok
    19:50:01.0484 3936 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
    19:50:01.0490 3936 Psched - ok
    19:50:01.0637 3936 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
    19:50:01.0676 3936 ql2300 - ok
    19:50:01.0798 3936 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
    19:50:01.0803 3936 ql40xx - ok
    19:50:01.0918 3936 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
    19:50:01.0922 3936 QWAVEdrv - ok
    19:50:02.0042 3936 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
    19:50:02.0045 3936 RasAcd - ok
    19:50:02.0164 3936 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
    19:50:02.0169 3936 RasAgileVpn - ok
    19:50:02.0298 3936 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
    19:50:02.0305 3936 Rasl2tp - ok
    19:50:02.0432 3936 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
    19:50:02.0438 3936 RasPppoe - ok
    19:50:02.0545 3936 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
    19:50:02.0552 3936 RasSstp - ok
    19:50:02.0674 3936 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
    19:50:02.0685 3936 rdbss - ok
    19:50:02.0791 3936 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
    19:50:02.0797 3936 rdpbus - ok
    19:50:02.0911 3936 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
    19:50:02.0916 3936 RDPCDD - ok
    19:50:03.0049 3936 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
    19:50:03.0053 3936 RDPENCDD - ok
    19:50:03.0172 3936 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
    19:50:03.0176 3936 RDPREFMP - ok
    19:50:03.0289 3936 RDPWD (288b06960d78428ff89e811632684e20) C:\windows\system32\drivers\RDPWD.sys
    19:50:03.0298 3936 RDPWD - ok
    19:50:03.0470 3936 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
    19:50:03.0479 3936 rdyboost - ok
    19:50:03.0657 3936 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
    19:50:03.0662 3936 rspndr - ok
    19:50:03.0794 3936 RSUSBSTOR (b38e89386993e69a959b941561f3e5f3) C:\windows\system32\Drivers\RtsUStor.sys
    19:50:03.0804 3936 RSUSBSTOR - ok
    19:50:03.0924 3936 RTL8167 (cfa5758f2a929ce24e16e1b2a5ca8c23) C:\windows\system32\DRIVERS\Rt86win7.sys
    19:50:03.0940 3936 RTL8167 - ok
    19:50:04.0080 3936 RTL8192Ce (9f9858402e5dce7b6123734d4c26cecb) C:\windows\system32\DRIVERS\rtl8192Ce.sys
    19:50:04.0106 3936 RTL8192Ce - ok
    19:50:04.0234 3936 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
    19:50:04.0240 3936 sbp2port - ok
    19:50:04.0358 3936 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
    19:50:04.0364 3936 scfilter - ok
    19:50:04.0520 3936 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
    19:50:04.0525 3936 secdrv - ok
    19:50:04.0655 3936 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
    19:50:04.0659 3936 Serenum - ok
    19:50:04.0769 3936 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
    19:50:04.0774 3936 Serial - ok
    19:50:04.0911 3936 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
    19:50:04.0915 3936 sermouse - ok
    19:50:05.0072 3936 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
    19:50:05.0075 3936 sffdisk - ok
    19:50:05.0186 3936 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
    19:50:05.0191 3936 sffp_mmc - ok
    19:50:05.0305 3936 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
    19:50:05.0309 3936 sffp_sd - ok
    19:50:05.0426 3936 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
    19:50:05.0431 3936 sfloppy - ok
    19:50:05.0576 3936 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
    19:50:05.0580 3936 sisagp - ok
    19:50:05.0695 3936 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
    19:50:05.0700 3936 SiSRaid2 - ok
    19:50:05.0809 3936 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
    19:50:05.0814 3936 SiSRaid4 - ok
    19:50:05.0923 3936 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
    19:50:05.0930 3936 Smb - ok
    19:50:06.0083 3936 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
    19:50:06.0086 3936 spldr - ok
    19:50:06.0241 3936 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
    19:50:06.0253 3936 srv - ok
    19:50:06.0378 3936 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
    19:50:06.0389 3936 srv2 - ok
    19:50:06.0502 3936 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
    19:50:06.0510 3936 srvnet - ok
    19:50:06.0670 3936 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
    19:50:06.0676 3936 stexstor - ok
    19:50:06.0819 3936 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
    19:50:06.0823 3936 swenum - ok
    19:50:06.0942 3936 SynTP (9a28f1c47ce0c8bbc02aaf5941ab44cd) C:\windows\system32\DRIVERS\SynTP.sys
    19:50:06.0951 3936 SynTP - ok
    19:50:07.0152 3936 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\windows\system32\drivers\tcpip.sys
    19:50:07.0186 3936 Tcpip - ok
    19:50:07.0379 3936 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\windows\system32\DRIVERS\tcpip.sys
    19:50:07.0408 3936 TCPIP6 - ok
    19:50:07.0522 3936 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
    19:50:07.0530 3936 tcpipreg - ok
    19:50:07.0671 3936 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
    19:50:07.0676 3936 tdcmdpst - ok
    19:50:07.0781 3936 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
    19:50:07.0786 3936 TDPIPE - ok
    19:50:07.0896 3936 TDTCP (2c10395baa4847f83042813c515cc289) C:\windows\system32\drivers\tdtcp.sys
    19:50:07.0904 3936 TDTCP - ok
    19:50:08.0021 3936 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
    19:50:08.0027 3936 tdx - ok
    19:50:08.0137 3936 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
    19:50:08.0143 3936 TermDD - ok
    19:50:08.0423 3936 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
    19:50:08.0431 3936 tssecsrv - ok
    19:50:08.0563 3936 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
    19:50:08.0572 3936 TsUsbFlt - ok
    19:50:08.0700 3936 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
    19:50:08.0705 3936 tunnel - ok
    19:50:08.0824 3936 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
    19:50:08.0833 3936 TVALZ - ok
    19:50:08.0954 3936 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
    19:50:08.0959 3936 uagp35 - ok
    19:50:09.0079 3936 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
    19:50:09.0088 3936 udfs - ok
    19:50:09.0243 3936 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
    19:50:09.0249 3936 uliagpkx - ok
    19:50:09.0392 3936 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
    19:50:09.0397 3936 umbus - ok
    19:50:09.0518 3936 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
    19:50:09.0525 3936 UmPass - ok
    19:50:09.0670 3936 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
    19:50:09.0674 3936 USBAAPL - ok
    19:50:09.0781 3936 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
    19:50:09.0786 3936 usbccgp - ok
    19:50:09.0891 3936 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
    19:50:09.0897 3936 usbcir - ok
    19:50:09.0999 3936 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\drivers\usbehci.sys
    19:50:10.0005 3936 usbehci - ok
    19:50:10.0117 3936 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
    19:50:10.0127 3936 usbhub - ok
    19:50:10.0240 3936 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
    19:50:10.0244 3936 usbohci - ok
    19:50:10.0359 3936 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
    19:50:10.0363 3936 usbprint - ok
    19:50:10.0470 3936 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
    19:50:10.0476 3936 USBSTOR - ok
    19:50:10.0583 3936 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
    19:50:10.0587 3936 usbuhci - ok
    19:50:10.0714 3936 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
    19:50:10.0721 3936 usbvideo - ok
    19:50:10.0875 3936 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
    19:50:10.0881 3936 vdrvroot - ok
    19:50:11.0009 3936 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
    19:50:11.0014 3936 vga - ok
    19:50:11.0113 3936 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
    19:50:11.0120 3936 VgaSave - ok
    19:50:11.0231 3936 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
    19:50:11.0237 3936 vhdmp - ok
    19:50:11.0367 3936 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
    19:50:11.0371 3936 viaagp - ok
    19:50:11.0429 3936 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
    19:50:11.0434 3936 ViaC7 - ok
    19:50:11.0558 3936 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
    19:50:11.0562 3936 viaide - ok
    19:50:11.0673 3936 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
    19:50:11.0677 3936 volmgr - ok
    19:50:11.0790 3936 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
    19:50:11.0803 3936 volmgrx - ok
    19:50:11.0911 3936 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
    19:50:11.0919 3936 volsnap - ok
    19:50:12.0033 3936 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
    19:50:12.0039 3936 vsmraid - ok
    19:50:12.0157 3936 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
    19:50:12.0162 3936 vwifibus - ok
    19:50:12.0269 3936 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
    19:50:12.0275 3936 vwififlt - ok
    19:50:12.0411 3936 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
    19:50:12.0417 3936 WacomPen - ok
    19:50:12.0536 3936 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
    19:50:12.0542 3936 WANARP - ok
    19:50:12.0560 3936 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
    19:50:12.0565 3936 Wanarpv6 - ok
    19:50:12.0714 3936 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
    19:50:12.0718 3936 Wd - ok
    19:50:12.0843 3936 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
    19:50:12.0859 3936 Wdf01000 - ok
    19:50:13.0051 3936 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
    19:50:13.0055 3936 WfpLwf - ok
    19:50:13.0166 3936 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
    19:50:13.0172 3936 WIMMount - ok
    19:50:13.0406 3936 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
    19:50:13.0410 3936 WinUsb - ok
    19:50:13.0585 3936 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
    19:50:13.0592 3936 WmiAcpi - ok
    19:50:13.0770 3936 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
    19:50:13.0774 3936 ws2ifsl - ok
    19:50:13.0925 3936 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
    19:50:13.0933 3936 WudfPf - ok
    19:50:14.0047 3936 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
    19:50:14.0054 3936 WUDFRd - ok
    19:50:14.0149 3936 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
    19:50:14.0180 3936 \Device\Harddisk0\DR0 - ok
    19:50:14.0211 3936 Boot (0x1200) (5dad5eb060e5c62d13918900b3b45056) \Device\Harddisk0\DR0\Partition0
    19:50:14.0214 3936 \Device\Harddisk0\DR0\Partition0 - ok
    19:50:14.0215 3936 ============================================================
    19:50:14.0215 3936 Scan finished
    19:50:14.0216 3936 ============================================================
    19:50:14.0269 5092 Detected object count: 0
    19:50:14.0269 5092 Actual detected object count: 0


    COMBOFIX
    [/u:48930dfad1][/b:48930dfad1][u:48930dfad1]



    ComboFix 11-11-10.03 - Tom 09-11-2011 18:54:06.1.2 - x86
    Microsoft Windows 7 Starter 6.1.7601.1.1252.31.1033.18.1013.281 [GMT -4:00]
    Gestart vanuit: c:\users\Tom\Downloads\ComboFix.exe
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\xp
    c:\programdata\xp\EBLib.dll
    c:\programdata\xp\TPwSav.sys
    c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-10-09 to 2011-11-09 ))))))))))))))))))))))))))))))
    .
    .
    2011-11-09 23:27 . 2011-11-09 23:27 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-11-07 14:07 . 2011-11-07 14:07 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{708216DF-AC62-4BF0-9BEB-D1D7A8D0D942}\offreg.dll
    2011-11-07 14:07 . 2011-10-07 03:48 6668624 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{708216DF-AC62-4BF0-9BEB-D1D7A8D0D942}\mpengine.dll
    2011-11-01 19:34 . 2011-11-01 19:34 ——– d—–w- c:\users\Tom\AppData\Roaming\Rovio
    2011-11-01 19:32 . 2009-08-24 14:15 761152 —-a-w- c:\windows\system32\msvcr100.dll
    2011-10-26 20:11 . 2011-10-26 20:12 ——– d—–w- c:\users\Tom\AppData\Local\Amazon
    2011-10-12 14:11 . 2011-08-17 04:24 465408 —-a-w- c:\windows\system32\psisdecd.dll
    2011-10-12 14:11 . 2011-08-17 04:19 75776 —-a-w- c:\windows\system32\psisrndr.ax
    2011-10-12 14:11 . 2011-08-27 04:26 233472 —-a-w- c:\windows\system32\oleacc.dll
    2011-10-12 14:11 . 2011-08-27 04:26 571904 —-a-w- c:\windows\system32\oleaut32.dll
    2011-10-12 14:11 . 2011-09-06 02:28 2334720 —-a-w- c:\windows\system32\win32k.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-08-17 23:50 . 2009-07-14 02:05 152576 —-a-w- c:\windows\system32\msclmd.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-01 141848]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-01 173592]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-01 150552]
    "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-03-04 352256]
    "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 425984]
    "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2010-09-14 35440]
    "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2010-09-28 521640]
    "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
    "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-05-09 742776]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-17 9874024]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2010-11-11 1522280]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1697064]
    "Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2010-11-12 1349032]
    "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
    "TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
    "ToshibaAppPlace"="c:\program files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
    "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]
    "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 611672]
    "TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2010-07-10 31648]
    "TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2010-04-23 467816]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 136176]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 136176]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-21 194664]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-30 218688]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-05 1809920]
    S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-11-12 189880]
    S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-10-07 322664]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-10-18 999016]
    S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
    S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 111960]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 86764295
    *NewlyCreated* - 88651087
    *Deregistered* - 86764295
    *Deregistered* - 88651087
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 01:41]
    .
    2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 01:41]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://start.toshiba.com/g/
    uInternet Settings,ProxyOverride = <local>;*.local
    IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    TCP: DhcpNameServer = 200.74.121.11 190.160.0.11 190.160.0.14
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-3703152482-2520256778-3467307269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*H*o*m*ûnw\OpenWithList]
    @Class="Shell"
    "a"="vlc.exe"
    "MRUList"="a"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2011-11-09 19:39:17
    ComboFix-quarantined-files.txt 2011-11-09 23:39
    .
    Pre-Run: 97.939.312.640 bytes free
    Post-Run: 98.582.990.848 bytes free
    .
    - - End Of File - - AACA8323754870E6EC9FFFCDE8141AF6
    [/u:48930dfad1]












  • Ook ComboFix heeft geen antivirussoftware gevonden.
    Je kan echt niet verwachten, dat je zonder antivirus in Windows een lange "overlevingstijd hebt!

    Ik denk dan ook dat je nu eerst overgaat tot het installeren van een antivirusprogramma!

    Ik adviseer je Avast 6 Free te nemen.
    En een andere firewall dan de Windows firewall is ook aanbevolen.
    Maar daar kom ik nog op terug.

    Op één: Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's en staat daarom internationaal als beste gratis alternatief te boek.

    Avast speelt dus duidelijk op de nieuwe bedreigingen van het internet in!
    [b:76dc6433c4]Bovendien merk je nauwelijks, dat Avast draait![/b:76dc6433c4]
    Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!

    [b:76dc6433c4]Downloadlink Avast 6 Free[/b:76dc6433c4]


    Verder wil ik het volgende weten:

    hoeveel processen en hoeveel CPU-gebruik geeft Taakbeheer aan?
  • Processen: 77
    CPU USAGE: schommelt per halve seconde van 3 procent naar 35 procent
    hysical memory: 88 procent

    Ik ga inderdaad het antivirus software programma installeren, hartelijk dank
  • Wow, dat wordt dan tijd!
    Veel processen inderdaad.

    Indien Avast geïnstalleerd is en geupdated en geregistreerd is, doe dan een volledige systeemscan ermee.

    Meldt je terug als bovenstaande gedaan is.
  • Heb net een volledige systeem scan gedraaid met avast virus programma. Geen geinfecteerde bestanden aangetroffen. Helaas is het probleem nog steeds aanwezig. Nog andere opties die ik kan proberen?

    Hartelijk dank
  • Je mag het volgende doen:

    Download de [b:17c8e10d9a][/b:17c8e10d9a] naar het bureaublad en pak het [b:17c8e10d9a]ZIP[/b:17c8e10d9a] bestand uit.
    [list:17c8e10d9a]
    [*:17c8e10d9a] Open de map "[b:17c8e10d9a]EmsisoftEmergencyKit[/b:17c8e10d9a]" en dubbelklik op "[b:17c8e10d9a]Start.exe[/b:17c8e10d9a]"
    [*:17c8e10d9a] Klik nu op "[b:17c8e10d9a]Emergency Kit Scanner[/b:17c8e10d9a]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:17c8e10d9a]Ja[/b:17c8e10d9a]"
    [img:17c8e10d9a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:17c8e10d9a]
    [*:17c8e10d9a] Als de update gereed is en de melding "[b:17c8e10d9a]Update process is succesvol afgerond[/b:17c8e10d9a]" verschijnt klikt u op "[b:17c8e10d9a]menu[/b:17c8e10d9a]" en dan op "[b:17c8e10d9a]Scan PC[/b:17c8e10d9a]"
    [*:17c8e10d9a] Selecteer de optie "[b:17c8e10d9a]Diep[/b:17c8e10d9a]" als deze niet standaard al zo is ingesteld.
    [*:17c8e10d9a] Klik Nu op de knop "[b:17c8e10d9a]Scan[/b:17c8e10d9a]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:17c8e10d9a] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
    [*:17c8e10d9a] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:17c8e10d9a]verwijder geselecteerde[/b:17c8e10d9a]" u zal nu de volgende melding krijgen maar klik hier op "[b:17c8e10d9a]Ja[/b:17c8e10d9a]"
    [img:17c8e10d9a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:17c8e10d9a]
    [*:17c8e10d9a] Als het verwijderen gereed is klikt u op de knop "[b:17c8e10d9a]View report[/b:17c8e10d9a]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:17c8e10d9a]a2scan_110730-111615.txt[/b:17c8e10d9a]
    [*:17c8e10d9a] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:17c8e10d9a] Herstart nu de computer.[/list:u:17c8e10d9a]

  • Emsisoft Emergency Kit - Versie 1.0
    Laatste Update: 11/26/2011 9:07:51 PM

    Scaninstellingen:

    Scantype: Diepe Scan
    Objecten: Geheugen, Sporen, Cookies, C:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan gestart: 11/30/2011 9:56:27 PM

    C:\Users\Tom\Downloads\ComboFix.exe/$0\List.bat Ontdekt: Virus.Win32.HTML!IK

    Gescand

    Bestanden: 251709
    Sporen: 401794
    Cookies: 849
    Processen: 66

    Gevonden

    Bestanden: 1
    Sporen: 0
    Cookies: 0
    Processen: 0
    Registersleutels: 0

    Scan Geëindigd: 12/1/2011 7:38:29 AM
    Scantijd: 9:42:02

    C:\Users\Tom\Downloads\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK

    Verwijderd

    Bestanden: 1
    Sporen: 0
    Cookies: 0
  • Hmm, een raadsel dus waarom jouw Widows traagheid vertoont.

    Doe het volgende:

    [b:6cae337677]Welk programma[/b:6cae337677]: RSIT
    [b:6cae337677]Waarvoor/waarom[/b:6cae337677]: geeft een zeer uitgebreid overzicht van Windows
    [b:6cae337677]Moeilijkheidsgraad[/b:6cae337677]: geen
    [b:6cae337677]Downloadlokatie[/b:6cae337677]: Dit programma absoluut naar het bureaublad downloaden!
    [b:6cae337677]Download RSIT[/b:6cae337677] [b:6cae337677]hier[/b:6cae337677]
    [b:6cae337677]Het gebruik van RSIT,[/b:6cae337677]
    [list:6cae337677][*:6cae337677]Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling.
    [*:6cae337677]Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".[/list:u:6cae337677]
    [b:6cae337677]Nadat de scan beëindigd is, zullen twee logs openen.[/b:6cae337677]
    [list:6cae337677][*:6cae337677] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn)
    [*:6cae337677] Post ook 'info.txt' ('info.txt', dit log zal eerst geminimaliseerd zijn in de Taakbalk)
    [*:6cae337677] Indien je [b:6cae337677]info.txt[/b:6cae337677] niet vindt, kijk dan in C:\ er naar.[/list:u:6cae337677]
    [b:6cae337677]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:[/b:6cae337677]
    [list:6cae337677][*:6cae337677]RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden.
    [*:6cae337677] Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen',
    [*:6cae337677] klik nu op de tab 'Compatibiliteit'.
    [*:6cae337677] Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'[/list:u:6cae337677]
    RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
  • Logfile of random's system information tool 1.09 (written by random
    andom)
    Run by Tom at 2011-12-01 12:19:49
    Microsoft Windows 7 Starter Service Pack 1
    System drive C: has 70 GB (31%) free of 229 GB
    Total RAM: 1013 MB (17% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 12:21:22, on 1-12-2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\windows\Explorer.EXE
    C:\windows\system32\Dwm.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\windows\system32\igfxsrvc.exe
    C:\windows\system32\taskhost.exe
    C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\TOSHIBA\TECO\Teco.exe
    C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\windows\system32\igfxext.exe
    C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    C:\windows\system32\rundll32.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\Tom\Downloads\RSIT.exe
    C:\windows\system32\SearchFilterHost.exe
    C:\Program Files\trend micro\Tom.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
    O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
    O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
    O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe"

    O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
    O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
    O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
    O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
    O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
    O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe


    End of file - 8136 bytes

    ======Scheduled tasks folder======

    C:\windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\windows\tasks\GoogleUpdateTaskMachineUA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
    avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-26 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IgfxTray"=C:\windows\system32\igfxtray.exe [2010-10-01 141848]
    "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-10-01 173592]
    "Persistence"=C:\windows\system32\igfxpers.exe [2010-10-01 150552]
    "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2010-03-04 352256]
    "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 425984]
    "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2010-09-14 35440]
    "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-09-28 521640]
    "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-07-28 460088]
    "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-08 742776]
    "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-16 9874024]
    "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-11-11 1522280]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 1697064]
    "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-11-11 1349032]
    "ToshibaServiceStation"=C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
    "TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-05-01 2454840]
    "ToshibaAppPlace"=C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [2010-09-23 552960]
    "TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 22840]
    "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 611672]
    "TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-07-09 31648]
    "TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 467816]
    "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
    "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\windows\system32\igfxdev.dll [2010-04-19 218112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-08-02 203776]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\AFD]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
    "vidc.mrle"=msrle32.dll
    "vidc.msvc"=msvidc32.dll
    "msacm.imaadpcm"=imaadp32.acm
    "msacm.msg711"=msg711.acm
    "msacm.msgsm610"=msgsm32.acm
    "msacm.msadpcm"=msadp32.acm
    "midimapper"=midimap.dll
    "wavemapper"=msacm32.drv
    "VIDC.UYVY"=msyuv.dll
    "VIDC.YUY2"=msyuv.dll
    "VIDC.YVYU"=msyuv.dll
    "VIDC.IYUV"=iyuv_32.dll
    "vidc.i420"=iyuv_32.dll
    "VIDC.YVU9"=tsbyuv.dll
    "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
    "vidc.cvid"=iccvid.dll
    "msacm.siren"=sirenacm.dll
    "MSVideo8"=VfWWDM32.dll
    "wave"=wdmaud.drv
    "midi"=wdmaud.drv
    "mixer"=wdmaud.drv
    "aux"=wdmaud.drv

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    ======List of files/folders created in the last 1 month======

    2011-12-01 12:19:51 —-D—- C:\Program Files\trend micro
    2011-12-01 12:19:49 —-D—- C:\rsit
    2011-11-13 19:05:21 —-A—- C:\windows\system32\drivers\aswSP.sys
    2011-11-13 19:05:21 —-A—- C:\windows\system32\drivers\aswFsBlk.sys
    2011-11-13 19:05:18 —-A—- C:\windows\system32\drivers\aswTdi.sys
    2011-11-13 19:05:18 —-A—- C:\windows\system32\drivers\aswRdr.sys
    2011-11-13 19:05:17 —-A—- C:\windows\system32\drivers\aswSnx.sys
    2011-11-13 19:05:16 —-A—- C:\windows\system32\drivers\aswMonFlt.sys
    2011-11-13 19:04:49 —-A—- C:\windows\avastSS.scr
    2011-11-13 19:04:48 —-A—- C:\windows\system32\aswBoot.exe
    2011-11-13 19:04:29 —-D—- C:\ProgramData\AVAST Software
    2011-11-13 19:04:29 —-D—- C:\Program Files\AVAST Software
    2011-11-09 19:49:08 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_19.49.08_log.txt
    2011-11-09 19:39:59 —-SHD—- C:\$RECYCLE.BIN
    2011-11-09 19:39:23 —-A—- C:\ComboFix.txt
    2011-11-09 19:27:13 —-D—- C:\windows\temp
    2011-11-09 18:48:01 —-A—- C:\windows\zip.exe
    2011-11-09 18:48:01 —-A—- C:\windows\SWSC.exe
    2011-11-09 18:48:01 —-A—- C:\windows\SWREG.exe
    2011-11-09 18:48:01 —-A—- C:\windows\sed.exe
    2011-11-09 18:48:01 —-A—- C:\windows\PEV.exe
    2011-11-09 18:48:01 —-A—- C:\windows\NIRCMD.exe
    2011-11-09 18:48:01 —-A—- C:\windows\MBR.exe
    2011-11-09 18:48:01 —-A—- C:\windows\grep.exe
    2011-11-09 18:47:33 —-D—- C:\windows\ERDNT
    2011-11-09 18:47:10 —-D—- C:\Qoobox
    2011-11-09 18:37:35 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_18.37.35_log.txt
    2011-11-09 18:36:44 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_18.36.44_log.txt
    2011-11-08 12:23:19 —-A—- C:\windows\system32\drivers\tcpip.sys
    2011-11-08 12:23:11 —-A—- C:\windows\system32\win32k.sys

    ======List of files/folders modified in the last 1 month======

    2011-12-01 12:19:51 —-RD—- C:\Program Files
    2011-12-01 08:33:12 —-D—- C:\windows\system32\config
    2011-12-01 08:23:44 —-D—- C:\windows\Minidump
    2011-12-01 08:23:17 —-AD—- C:\Windows
    2011-11-30 22:12:13 —-SHD—- C:\System Volume Information
    2011-11-26 20:54:12 —-D—- C:\Users\Tom\AppData\Roaming\BitTorrent
    2011-11-26 18:01:32 —-D—- C:\Users\Tom\AppData\Roaming\Skype
    2011-11-22 13:13:15 —-AD—- C:\windows\System32
    2011-11-22 13:13:15 —-A—- C:\windows\system32\PerfStringBackup.INI
    2011-11-22 13:13:09 —-D—- C:\windows\inf
    2011-11-13 19:05:21 —-D—- C:\windows\system32\drivers
    2011-11-13 19:05:06 —-SHD—- C:\windows\Installer
    2011-11-13 19:04:29 —-D—- C:\ProgramData
    2011-11-13 11:17:26 —-D—- C:\Users\Tom\AppData\Roaming\vlc
    2011-11-10 03:28:07 —-D—- C:\windows\winsxs
    2011-11-10 03:25:41 —-D—- C:\Program Files\Common Files\System
    2011-11-10 03:03:45 —-A—- C:\windows\system32\MRT.exe
    2011-11-10 03:03:35 —-D—- C:\windows\system32\catroot
    2011-11-10 03:03:34 —-D—- C:\windows\system32\catroot2
    2011-11-09 19:28:40 —-A—- C:\windows\system.ini
    2011-11-09 19:27:48 —-D—- C:\windows\system32\drivers\etc
    2011-11-09 19:07:45 —-D—- C:\windows\AppPatch
    2011-11-09 19:07:40 —-D—- C:\Program Files\Common Files
    2011-11-09 17:52:39 —-SD—- C:\Users\Tom\AppData\Roaming\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 435736]
    R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-31 36208]
    R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
    R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 23512]
    R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
    R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
    R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-09-06 320856]
    R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
    R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-30 218688]
    R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
    R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
    R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
    R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-04-19 4806144]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-11-16 3248168]
    R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
    R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-10-06 322664]
    R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-10-18 999016]
    R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-03-10 242864]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 22912]
    S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
    S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
    S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-13 53312]
    S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
    S3 catchme;catchme; \??\C:\Users\Tom\AppData\Local\Temp\catchme.sys []
    S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12368]
    S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-07-20 194664]
    S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-13 52304]
    S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
    S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
    S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-13 53328]
    S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
    S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
    R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
    R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 128416]
    R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 468392]
    R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-11-11 189880]
    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
    R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
    R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
    R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 111960]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-04 136176]
    S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-04 136176]
    S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

    —————–EOF—————–
    [b:36a5bdedcf][/b:36a5bdedcf][b:36a5bdedcf][/b:36a5bdedcf]


  • info.txt logfile of random's system information tool 1.09 2011-12-01 12:22:10

    ======Uninstall list======

    –>"C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe Flash Player 10 ActiveX–>C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
    Adobe Flash Player 10 Plugin–>C:\windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
    Adobe Reader 9.4.5–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
    Apple Application Support–>MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
    Apple Mobile Device Support–>MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}
    Apple Software Update–>MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
    avast! Free Antivirus–>C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
    Best Buy pc app–>C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe
    BitTorrent–>"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
    Bonjour–>MsiExec.exe /X{D03482C5-9AD8-496D-B388-692AE04C93AF}
    Commandos 3 - Destination Berlin–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C270BC04-1540-4673-960F-A546B2C860CD}\SETUP.EXE"
    D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
    DAEMON Tools Lite–>C:\Program Files\DAEMON Tools Lite\uninst.exe
    Freelang Dictionary (wordlist)–>"C:\Users\Tom\AppData\Local\Freelang Dictionary\unins000.exe"
    Freelang Dictionary 3.74 beta–>"C:\Users\Tom\AppData\Local\Freelang Dictionary\unins001.exe"
    Google Chrome–>"C:\Program Files\Google\Chrome\Application\15.0.874.121\Installer\setup.exe" –uninstall –multi-install –chrome –system-level –verbose-logging
    Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Intel(R) Graphics Media Accelerator Driver–>C:\windows\system32\igxpun.exe -uninstall
    Intel(R) Rapid Storage Technology–>C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
    Internet-based TOEFL–>"C:\Program Files\Kap.TOEFL\unins000.exe"
    iTunes–>MsiExec.exe /I{C73CA646-73B3-4AEF-A136-C37505745174}
    Java(TM) 6 Update 22–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
    Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    Longman iBT–>C:\windows\unvise32.exe C:\Program Files\Longman iBT\uninstal.log
    Magic ISO Maker v5.5 (build 0265)–>C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
    Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
    Microsoft .NET Framework 4 Client Profile–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe
    epair /x86 /parameterfolder Client
    Microsoft .NET Framework 4 Client Profile–>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
    MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    OpenOffice.org 3.3–>MsiExec.exe /I{91EBCCB9-A539-4306-AC5A-F372E0D6092B}
    Path to Success–>"C:\Program Files\Path to Success\uninstall.exe" "/U:C:\Program Files\Path to Success\Uninstall\uninstall.xml"
    PlayReady PC Runtime x86–>MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
    Pocketwoordenboeken–>"C:\windows\Pocketwoordenboeken\uninstall.exe" "/U:C:\Program Files\Pocketwoordenboeken\Uninstall\uninstall.xml"
    QuickTime–>MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
    Railroad Tycoon II - Platinum–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}\setup.exe"
    Realtek Ethernet Controller Driver–>C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
    Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
    Realtek USB 2.0 Card Reader–>"C:\Program Files\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -removeonly
    Realtek WLAN Driver–>C:\Program Files\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
    Sid Meier's Railroad Tycoon–>C:\Program Files\2K Games\Sid Meier's Railroad Tycoon\uninst.exe
    SimCity 4 Deluxe–>C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
    Skype™ 5.3–>MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
    SopCast 3.4.0–>C:\Program Files\SopCast\uninst.exe
    Starcraft–>C:\windows\scunin.exe C:\windows\scunin.dat
    Synaptics Pointing Device Driver–>rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    TELL ME MORE–>"C:\Program Files\Auralog\TELL ME MORE SI PLUS\Bin\unsetup.exe" -file "C:\Program Files\Auralog\TELL ME MORE SI PLUS\unsetup.aui"
    Toshiba App Place–>MsiExec.exe /I{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}
    TOSHIBA Application and Driver Installer–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe" -l0x9 -removeonly
    TOSHIBA Assist–>C:\Program Files\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -l0x0009 -removeonly
    Toshiba Book Place–>MsiExec.exe /I{39187A4B-7538-4BE7-8BAD-9E83303793AA}
    TOSHIBA Bulletin Board–>"C:\Program Files\InstallShield Installation Information\{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}\setup.exe" -runfromtemp -l0x0409 -removeonly
    TOSHIBA Bulletin Board–>MsiExec.exe /X{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}
    TOSHIBA Disc Creator–>MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
    TOSHIBA eco Utility–>C:\Program Files\InstallShield Installation Information\{53536479-DFB0-47ED-9D10-43F3708C222D}\setup.exe -runfromtemp -l0x0409
    TOSHIBA eco Utility–>C:\Program Files\InstallShield Installation Information\{53536479-DFB0-47ED-9D10-43F3708C222D}\setup.exe -runfromtemp -l0x0409
    TOSHIBA Flash Cards Support Utility–>"C:\Program Files\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409
    TOSHIBA Flash Cards Support Utility–>"C:\Program Files\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409 -removeonly
    TOSHIBA Hardware Setup–>"C:\Program Files\InstallShield Installation Information\{5279374D-87FE-4879-9385-F17278EBB9D3}\setup.exe" -runfromtemp -l0x0409 -removeonly
    TOSHIBA Hardware Setup–>MsiExec.exe /I{5279374D-87FE-4879-9385-F17278EBB9D3}
    TOSHIBA HDD/SSD Alert–>C:\Program Files\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0409
    TOSHIBA HDD/SSD Alert–>C:\Program Files\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0409
    TOSHIBA Media Controller–>C:\Program Files\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -l0x0009 -removeonly
    TOSHIBA Quality Application–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly
    TOSHIBA Recovery Media Creator–>MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
    TOSHIBA ReelTime–>"C:\Program Files\InstallShield Installation Information\{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}\setup.exe" -runfromtemp -l0x0409 -removeonly
    TOSHIBA ReelTime–>MsiExec.exe /X{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}
    TOSHIBA Service Station–>C:\Program Files\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
    TOSHIBA Supervisor Password–>"C:\Program Files\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409
    TOSHIBA Supervisor Password–>"C:\Program Files\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409 -removeonly
    TOSHIBA Value Added Package–>C:\Program Files\TOSHIBA\TVAP\Setup.exe
    TOSHIBA Web Camera Application–>C:\Program Files\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0009 -removeonly
    ToshibaRegistration–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
    Utility Common Driver–>"C:\Program Files\InstallShield Installation Information\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}\setup.exe" -runfromtemp -l0x0409 -removeonly
    Utility Common Driver–>MsiExec.exe /I{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}
    VLC media player 1.1.11–>C:\Program Files\VideoLAN\VLC\uninstall.exe
    Warzone Tower Defense–>C:\Program Files\softendo.com\Warzone Tower Defense\Uninstal.exe
    Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
    Windows Live Essentials–>C:\Program Files\Windows Live\Installer\wlarp.exe
    Windows Live Essentials–>MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
    Windows Live ID Sign-in Assistant–>MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
    Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
    Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
    Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
    Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
    Windows Live Mesh–>MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
    Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
    Windows Live Messenger–>MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
    Windows Live Messenger–>MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
    Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
    Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
    Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
    Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
    Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
    Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
    Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
    Windows Live PIMT Platform–>MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
    Windows Live Remote Client Resources–>MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
    Windows Live Remote Client–>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
    Windows Live Remote Service Resources–>MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
    Windows Live Remote Service–>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
    Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
    Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
    Windows Live UX Platform Language Pack–>MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
    Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
    Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
    Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
    Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
    Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
    WinRAR 4.00 (32-bit)–>C:\Program Files\WinRAR\uninstall.exe
    YouTube Downloader 3.3–>"C:\Program Files\YouTube Downloader\uninstall.exe"

    ======System event log======

    Computer Name: Tom-PC
    Event Code: 0
    Message:
    Record Number: 8513
    Source Name: RTL8192Ce
    Time Written: 20110803015304.439312-000
    Event Type: Error
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message:
    Record Number: 8512
    Source Name: RTL8192Ce
    Time Written: 20110803015304.439312-000
    Event Type: Error
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message:
    Record Number: 8511
    Source Name: RTL8192Ce
    Time Written: 20110803015302.879310-000
    Event Type: Error
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message:
    Record Number: 8508
    Source Name: RTL8192Ce
    Time Written: 20110803015204.418428-000
    Event Type: Error
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message:
    Record Number: 8507
    Source Name: RTL8192Ce
    Time Written: 20110803015204.418428-000
    Event Type: Error
    User:

    =====Application event log=====

    Computer Name: Tom-PC
    Event Code: 0
    Message: Skipping empty element [tsu:setup_args]
    Record Number: 1859
    Source Name: TOSHIBA Service Station
    Time Written: 20110730173333.000000-000
    Event Type: Warning
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message: Skipping empty element [tsu:setup_args]
    Record Number: 1858
    Source Name: TOSHIBA Service Station
    Time Written: 20110730173333.000000-000
    Event Type: Warning
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message: Skipping empty element [tsu:setup_args]
    Record Number: 1857
    Source Name: TOSHIBA Service Station
    Time Written: 20110730173333.000000-000
    Event Type: Warning
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message: Skipping empty element [tsu:setup_args]
    Record Number: 1856
    Source Name: TOSHIBA Service Station
    Time Written: 20110730173333.000000-000
    Event Type: Warning
    User:

    Computer Name: Tom-PC
    Event Code: 0
    Message: Skipping empty element [tsu:setup_args]
    Record Number: 1854
    Source Name: TOSHIBA Service Station
    Time Written: 20110730173333.000000-000
    Event Type: Warning
    User:

    =====Security event log=====

    Computer Name: WIN-S3C11JGGV7T
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-S3C11JGGV7T$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x1e4
    Process Name: C:\Windows\System32\services.exe

    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 790
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110317003357.801047-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-S3C11JGGV7T
    Event Code: 4672
    Message: Special privileges assigned to new logon.

    Subject:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7

    Privileges: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 789
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110317003336.491410-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-S3C11JGGV7T
    Event Code: 4624
    Message: An account was successfully logged on.

    Subject:
    Security ID: S-1-5-18
    Account Name: WIN-S3C11JGGV7T$
    Account Domain: WORKGROUP
    Logon ID: 0x3e7

    Logon Type: 5

    New Logon:
    Security ID: S-1-5-18
    Account Name: SYSTEM
    Account Domain: NT AUTHORITY
    Logon ID: 0x3e7
    Logon GUID: {00000000-0000-0000-0000-000000000000}

    Process Information:
    Process ID: 0x1e4
    Process Name: C:\Windows\System32\services.exe

    Network Information:
    Workstation Name:
    Source Network Address: -
    Source Port: -

    Detailed Authentication Information:
    Logon Process: Advapi
    Authentication Package: Negotiate
    Transited Services: -
    Package Name (NTLM only): -
    Key Length: 0

    This event is generated when a logon session is created. It is generated on the computer that was accessed.

    The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

    The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

    The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

    The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

    The authentication information fields provide detailed information about this specific logon request.
    - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
    - Transited services indicate which intermediate services have participated in this logon request.
    - Package name indicates which sub-protocol was used among the NTLM protocols.
    - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
    Record Number: 788
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110317003336.491410-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-S3C11JGGV7T
    Event Code: 4738
    Message: A user account was changed.

    Subject:
    Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
    Account Name: Administrator
    Account Domain: WIN-S3C11JGGV7T
    Logon ID: 0x19e09

    Target Account:
    Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
    Account Name: Administrator
    Account Domain: WIN-S3C11JGGV7T

    Changed Attributes:
    SAM Account Name: -
    Display Name: -
    User Principal Name: -
    Home Directory: -
    Home Drive: -
    Script Path: -
    Profile Path: -
    User Workstations: -
    Password Last Set: -
    Account Expires: -
    Primary Group ID: -
    AllowedToDelegateTo: -
    Old UAC Value: 0x211
    New UAC Value: 0x211
    User Account Control: -
    User Parameters: -
    SID History: -
    Logon Hours: -

    Additional Information:
    Privileges: -
    Record Number: 787
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20110317003336.101409-000
    Event Type: Audit Success
    User:

    Computer Name: WIN-S3C11JGGV7T
    Event Code: 1102
    Message: The audit log was cleared.
    Subject:
    Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
    Account Name: Administrator
    Domain Name: WIN-S3C11JGGV7T
    Logon ID: 0x19e09
    Record Number: 786
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20110317003335.898609-000
    Event Type: Audit Success
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Windows Live\Shared;C:\Program Files\QuickTime\QTSystem
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=2
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 10, GenuineIntel
    "PROCESSOR_REVISION"=1c0a
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "asl.log"=Destination=file
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    —————–EOF—————–
  • Dit is dus een Netbook van Toshiba.

    Ik adviseer je te upgraden naar 2GB werkgeheugen.
    http://www.interngeheugen.com/link.odb?stat=banner&url=/mappreporter.odb?&id=70

    Via die link kom je exact te weten wat mogelijk is en wat zo ongeveer de kosten zijn.

    Bovendien is het gros van de opstarters allemaal Toshiba software, waar je het grootste deel mijn inziens helemaal niet van nodig hebt!
  • Klopt inderdaad…… maar toch vreemd ik opeens een verschil merk in functioneren. Zelfs het schrijven van een email duurt langer dan normaal omdat de letters later op mijn beeld verschijnen. Hoe kan ik deze start up programma's verwijderen.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord