Vraag & Antwoord

Beveiliging & privacy

Laptop sinds drie dagen traag + hijack log

Anoniem
Abraham54
14 antwoorden
 • Beste mensen,

  Sinds drie dagen loopt mijn toshiba nb505 met windows 7 traag. Ik merk dit onder andere bij het typen waarbij het enige tijd kan duren voordat de letters op het beeld verschijnen en bij het luisteren van muziek hoor ik soms onderbrekingen. Ik heb geen idee waar dit aan kan liggen en hoop dat jullie mij kunnen helpen.

  Hieronder een hijack log file:


  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 17:53:22, on 9-11-2011
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\windows\system32\taskhost.exe
  C:\windows\system32\Dwm.exe
  C:\windows\Explorer.EXE
  C:\Windows\System32\igfxtray.exe
  C:\Windows\System32\hkcmd.exe
  C:\Windows\System32\igfxpers.exe
  C:\windows\system32\igfxsrvc.exe
  C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
  C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
  C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
  C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
  C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\TOSHIBA\TECO\Teco.exe
  C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
  C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
  C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
  C:\Program Files\Common Files\Java\Java Update\jusched.exe
  C:\Program Files\QuickTime\QTTask.exe
  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\DAEMON Tools Lite\DTLite.exe
  C:\Program Files\OpenOffice.org 3\program\soffice.exe
  C:\Program Files\OpenOffice.org 3\program\soffice.bin
  C:\windows\system32\igfxext.exe
  C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
  C:\windows\system32\prevhost.exe
  C:\Program Files\BitTorrent\BitTorrent.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\windows\system32\wuauclt.exe
  C:\Users\Tom\AppData\Local\Amazon\Kindle\application\Kindle.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\windows\system32\rundll32.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Users\Tom\Downloads\HijackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/g/
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
  O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
  O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
  O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
  O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
  O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
  O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
  O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
  O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
  O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
  O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
  O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
  O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
  O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
  O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
  O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
  O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
  O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
  O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
  O4 - HKCU\..\Run: [20090604] C:\Program Files\Encore\Hoyle Card Games 2011\Ereg\encore_reg.exe /r "C:\Program Files\Encore\Hoyle Card Games 2011\Ereg\encore_reg.rpd"
  O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
  O4 - Startup: OpenOffice.org 3.3 .lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
  O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
  O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
  O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
  O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
  O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe


  End of file - 8664 bytes
 • Ik heb tevergeefs gezocht naar antivirussoftware!
  Waarom zit er niks in deze Windows?
  Voor de rest moet ik constateren dat jij dit Toshiba netbook als een gewone computer gebruikt.

  Een netbook is eerder een pc'tje voor erbij!

  Windows komt overigens om in de opstarters, waarvan twee onbekend zijn!

  [b:99a987500d]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:99a987500d]

 • Ok hartelijk dank voor je reactie. Op dit moemnt verblijf ik voor lange tijd in het buitenland. Ik heb deze laptop in Amerika gekocht en gebruik hem inderdaad als mijn pc, omdat ik op dit moment geen andere mogelijkheden heb.

  Hierbij de logs:

  TDSSKILLER
  [b:48930dfad1][u:48930dfad1]

  19:49:08.0404 5648 TDSS rootkit removing tool 2.6.17.0 Nov 9 2011 16:48:26
  19:49:09.0407 5648 ============================================================
  19:49:09.0407 5648 Current date / time: 2011/11/09 19:49:09.0406
  19:49:09.0407 5648 SystemInfo:
  19:49:09.0407 5648
  19:49:09.0408 5648 OS Version: 6.1.7601 ServicePack: 1.0
  19:49:09.0408 5648 Product type: Workstation
  19:49:09.0408 5648 ComputerName: TOM-PC
  19:49:09.0409 5648 UserName: Tom
  19:49:09.0409 5648 Windows directory: C:\windows
  19:49:09.0409 5648 System windows directory: C:\windows
  19:49:09.0409 5648 Processor architecture: Intel x86
  19:49:09.0410 5648 Number of processors: 2
  19:49:09.0410 5648 Page size: 0x1000
  19:49:09.0410 5648 Boot type: Normal boot
  19:49:09.0410 5648 ============================================================
  19:49:10.0207 5648 Initialize success
  19:49:39.0253 3936 ============================================================
  19:49:39.0253 3936 Scan started
  19:49:39.0253 3936 Mode: Manual;
  19:49:39.0254 3936 ============================================================
  19:49:40.0133 3936 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys
  19:49:40.0139 3936 1394ohci - ok
  19:49:40.0264 3936 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys
  19:49:40.0277 3936 ACPI - ok
  19:49:40.0401 3936 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys
  19:49:40.0404 3936 AcpiPmi - ok
  19:49:40.0554 3936 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys
  19:49:40.0565 3936 adp94xx - ok
  19:49:40.0706 3936 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys
  19:49:40.0715 3936 adpahci - ok
  19:49:40.0844 3936 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys
  19:49:40.0849 3936 adpu320 - ok
  19:49:41.0000 3936 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys
  19:49:41.0011 3936 AFD - ok
  19:49:41.0129 3936 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys
  19:49:41.0133 3936 agp440 - ok
  19:49:41.0272 3936 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys
  19:49:41.0277 3936 aic78xx - ok
  19:49:41.0424 3936 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys
  19:49:41.0427 3936 aliide - ok
  19:49:41.0541 3936 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys
  19:49:41.0545 3936 amdagp - ok
  19:49:41.0648 3936 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys
  19:49:41.0652 3936 amdide - ok
  19:49:41.0771 3936 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys
  19:49:41.0777 3936 AmdK8 - ok
  19:49:41.0885 3936 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys
  19:49:41.0890 3936 AmdPPM - ok
  19:49:42.0010 3936 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys
  19:49:42.0015 3936 amdsata - ok
  19:49:42.0136 3936 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys
  19:49:42.0142 3936 amdsbs - ok
  19:49:42.0251 3936 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys
  19:49:42.0255 3936 amdxata - ok
  19:49:42.0381 3936 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys
  19:49:42.0385 3936 AppID - ok
  19:49:42.0575 3936 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys
  19:49:42.0580 3936 arc - ok
  19:49:42.0689 3936 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys
  19:49:42.0695 3936 arcsas - ok
  19:49:42.0832 3936 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys
  19:49:42.0836 3936 AsyncMac - ok
  19:49:42.0967 3936 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys
  19:49:42.0972 3936 atapi - ok
  19:49:43.0152 3936 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys
  19:49:43.0164 3936 b06bdrv - ok
  19:49:43.0282 3936 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys
  19:49:43.0290 3936 b57nd60x - ok
  19:49:43.0442 3936 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys
  19:49:43.0446 3936 Beep - ok
  19:49:43.0586 3936 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys
  19:49:43.0590 3936 blbdrive - ok
  19:49:43.0926 3936 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys
  19:49:43.0932 3936 bowser - ok
  19:49:44.0048 3936 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys
  19:49:44.0052 3936 BrFiltLo - ok
  19:49:44.0149 3936 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys
  19:49:44.0153 3936 BrFiltUp - ok
  19:49:44.0244 3936 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys
  19:49:44.0253 3936 Brserid - ok
  19:49:44.0362 3936 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys
  19:49:44.0366 3936 BrSerWdm - ok
  19:49:44.0475 3936 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys
  19:49:44.0479 3936 BrUsbMdm - ok
  19:49:44.0587 3936 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys
  19:49:44.0590 3936 BrUsbSer - ok
  19:49:44.0700 3936 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys
  19:49:44.0704 3936 BTHMODEM - ok
  19:49:44.0870 3936 catchme - ok
  19:49:45.0000 3936 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys
  19:49:45.0004 3936 cdfs - ok
  19:49:45.0121 3936 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys
  19:49:45.0128 3936 cdrom - ok
  19:49:45.0254 3936 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys
  19:49:45.0257 3936 circlass - ok
  19:49:45.0356 3936 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys
  19:49:45.0365 3936 CLFS - ok
  19:49:45.0519 3936 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys
  19:49:45.0524 3936 CmBatt - ok
  19:49:45.0624 3936 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys
  19:49:45.0629 3936 cmdide - ok
  19:49:45.0773 3936 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys
  19:49:45.0784 3936 CNG - ok
  19:49:45.0899 3936 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys
  19:49:45.0903 3936 Compbatt - ok
  19:49:46.0014 3936 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys
  19:49:46.0019 3936 CompositeBus - ok
  19:49:46.0151 3936 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys
  19:49:46.0156 3936 crcdisk - ok
  19:49:46.0340 3936 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys
  19:49:46.0347 3936 DfsC - ok
  19:49:46.0480 3936 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys
  19:49:46.0484 3936 discache - ok
  19:49:46.0607 3936 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys
  19:49:46.0612 3936 Disk - ok
  19:49:46.0751 3936 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys
  19:49:46.0755 3936 drmkaud - ok
  19:49:46.0880 3936 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\windows\system32\DRIVERS\dtsoftbus01.sys
  19:49:46.0888 3936 dtsoftbus01 - ok
  19:49:47.0020 3936 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys
  19:49:47.0042 3936 DXGKrnl - ok
  19:49:47.0551 3936 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys
  19:49:47.0667 3936 ebdrv - ok
  19:49:47.0821 3936 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys
  19:49:47.0836 3936 elxstor - ok
  19:49:47.0952 3936 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys
  19:49:47.0958 3936 ErrDev - ok
  19:49:48.0093 3936 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys
  19:49:48.0100 3936 exfat - ok
  19:49:48.0207 3936 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys
  19:49:48.0213 3936 fastfat - ok
  19:49:48.0342 3936 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys
  19:49:48.0346 3936 fdc - ok
  19:49:48.0726 3936 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys
  19:49:48.0735 3936 FileInfo - ok
  19:49:48.0866 3936 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys
  19:49:48.0870 3936 Filetrace - ok
  19:49:48.0988 3936 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys
  19:49:48.0992 3936 flpydisk - ok
  19:49:49.0106 3936 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys
  19:49:49.0113 3936 FltMgr - ok
  19:49:49.0250 3936 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys
  19:49:49.0256 3936 FsDepends - ok
  19:49:49.0369 3936 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys
  19:49:49.0375 3936 Fs_Rec - ok
  19:49:49.0516 3936 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys
  19:49:49.0527 3936 fvevol - ok
  19:49:49.0643 3936 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys
  19:49:49.0647 3936 gagp30kx - ok
  19:49:49.0779 3936 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
  19:49:49.0784 3936 GEARAspiWDM - ok
  19:49:49.0932 3936 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys
  19:49:49.0936 3936 hcw85cir - ok
  19:49:50.0074 3936 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys
  19:49:50.0083 3936 HdAudAddService - ok
  19:49:50.0204 3936 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys
  19:49:50.0209 3936 HDAudBus - ok
  19:49:50.0304 3936 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys
  19:49:50.0308 3936 HidBatt - ok
  19:49:50.0418 3936 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys
  19:49:50.0424 3936 HidBth - ok
  19:49:50.0520 3936 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys
  19:49:50.0526 3936 HidIr - ok
  19:49:50.0649 3936 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys
  19:49:50.0653 3936 HidUsb - ok
  19:49:50.0798 3936 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys
  19:49:50.0804 3936 HpSAMD - ok
  19:49:50.0931 3936 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys
  19:49:50.0946 3936 HTTP - ok
  19:49:51.0042 3936 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys
  19:49:51.0046 3936 hwpolicy - ok
  19:49:51.0159 3936 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys
  19:49:51.0164 3936 i8042prt - ok
  19:49:51.0302 3936 iaStor (d80aa0907748d7cc8efab3773f32629b) C:\windows\system32\DRIVERS\iaStor.sys
  19:49:51.0311 3936 iaStor - ok
  19:49:51.0434 3936 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys
  19:49:51.0444 3936 iaStorV - ok
  19:49:51.0764 3936 igfx (d0074897c6bc132f3980ea4654bf7fb9) C:\windows\system32\DRIVERS\igdkmd32.sys
  19:49:51.0939 3936 igfx - ok
  19:49:52.0070 3936 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys
  19:49:52.0074 3936 iirsp - ok
  19:49:52.0334 3936 IntcAzAudAddService (cfa2d161b146425a3356da92ae59a6f6) C:\windows\system32\drivers\RTKVHDA.sys
  19:49:52.0445 3936 IntcAzAudAddService - ok
  19:49:52.0552 3936 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys
  19:49:52.0555 3936 intelide - ok
  19:49:52.0667 3936 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys
  19:49:52.0672 3936 intelppm - ok
  19:49:52.0786 3936 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys
  19:49:52.0791 3936 IpFilterDriver - ok
  19:49:52.0929 3936 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys
  19:49:52.0935 3936 IPMIDRV - ok
  19:49:53.0056 3936 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys
  19:49:53.0062 3936 IPNAT - ok
  19:49:53.0175 3936 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys
  19:49:53.0178 3936 IRENUM - ok
  19:49:53.0284 3936 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys
  19:49:53.0288 3936 isapnp - ok
  19:49:53.0336 3936 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys
  19:49:53.0343 3936 iScsiPrt - ok
  19:49:53.0444 3936 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys
  19:49:53.0448 3936 kbdclass - ok
  19:49:53.0565 3936 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys
  19:49:53.0568 3936 kbdhid - ok
  19:49:53.0684 3936 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\windows\system32\Drivers\ksecdd.sys
  19:49:53.0688 3936 KSecDD - ok
  19:49:53.0812 3936 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys
  19:49:53.0818 3936 KSecPkg - ok
  19:49:54.0012 3936 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys
  19:49:54.0016 3936 lltdio - ok
  19:49:54.0173 3936 LPCFilter (6adab14d7ad12b35bdc665b35278099b) C:\windows\system32\DRIVERS\LPCFilter.sys
  19:49:54.0177 3936 LPCFilter - ok
  19:49:54.0303 3936 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys
  19:49:54.0309 3936 LSI_FC - ok
  19:49:54.0427 3936 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys
  19:49:54.0432 3936 LSI_SAS - ok
  19:49:54.0550 3936 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys
  19:49:54.0557 3936 LSI_SAS2 - ok
  19:49:54.0654 3936 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys
  19:49:54.0660 3936 LSI_SCSI - ok
  19:49:54.0771 3936 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys
  19:49:54.0776 3936 luafv - ok
  19:49:54.0881 3936 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys
  19:49:54.0885 3936 megasas - ok
  19:49:55.0012 3936 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys
  19:49:55.0020 3936 MegaSR - ok
  19:49:55.0132 3936 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys
  19:49:55.0136 3936 Modem - ok
  19:49:55.0237 3936 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys
  19:49:55.0243 3936 monitor - ok
  19:49:55.0358 3936 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys
  19:49:55.0362 3936 mouclass - ok
  19:49:55.0470 3936 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys
  19:49:55.0474 3936 mouhid - ok
  19:49:55.0585 3936 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys
  19:49:55.0590 3936 mountmgr - ok
  19:49:55.0696 3936 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys
  19:49:55.0701 3936 mpio - ok
  19:49:55.0805 3936 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys
  19:49:55.0811 3936 mpsdrv - ok
  19:49:55.0931 3936 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys
  19:49:55.0937 3936 MRxDAV - ok
  19:49:56.0053 3936 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys
  19:49:56.0059 3936 mrxsmb - ok
  19:49:56.0166 3936 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys
  19:49:56.0174 3936 mrxsmb10 - ok
  19:49:56.0276 3936 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys
  19:49:56.0281 3936 mrxsmb20 - ok
  19:49:56.0376 3936 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys
  19:49:56.0380 3936 msahci - ok
  19:49:56.0483 3936 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys
  19:49:56.0488 3936 msdsm - ok
  19:49:56.0605 3936 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys
  19:49:56.0610 3936 Msfs - ok
  19:49:56.0709 3936 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys
  19:49:56.0712 3936 mshidkmdf - ok
  19:49:56.0813 3936 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys
  19:49:56.0816 3936 msisadrv - ok
  19:49:56.0935 3936 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys
  19:49:56.0938 3936 MSKSSRV - ok
  19:49:57.0045 3936 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys
  19:49:57.0049 3936 MSPCLOCK - ok
  19:49:57.0152 3936 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys
  19:49:57.0157 3936 MSPQM - ok
  19:49:57.0258 3936 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys
  19:49:57.0265 3936 MsRPC - ok
  19:49:57.0377 3936 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys
  19:49:57.0382 3936 mssmbios - ok
  19:49:57.0477 3936 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys
  19:49:57.0481 3936 MSTEE - ok
  19:49:57.0578 3936 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys
  19:49:57.0581 3936 MTConfig - ok
  19:49:57.0683 3936 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys
  19:49:57.0687 3936 Mup - ok
  19:49:57.0817 3936 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys
  19:49:57.0827 3936 NativeWifiP - ok
  19:49:57.0952 3936 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys
  19:49:57.0974 3936 NDIS - ok
  19:49:58.0081 3936 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys
  19:49:58.0085 3936 NdisCap - ok
  19:49:58.0202 3936 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys
  19:49:58.0205 3936 NdisTapi - ok
  19:49:58.0315 3936 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys
  19:49:58.0319 3936 Ndisuio - ok
  19:49:58.0381 3936 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys
  19:49:58.0388 3936 NdisWan - ok
  19:49:58.0494 3936 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys
  19:49:58.0498 3936 NDProxy - ok
  19:49:58.0603 3936 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys
  19:49:58.0608 3936 NetBIOS - ok
  19:49:58.0715 3936 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys
  19:49:58.0723 3936 NetBT - ok
  19:49:58.0872 3936 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys
  19:49:58.0876 3936 nfrd960 - ok
  19:49:58.0993 3936 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys
  19:49:58.0997 3936 Npfs - ok
  19:49:59.0115 3936 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys
  19:49:59.0118 3936 nsiproxy - ok
  19:49:59.0275 3936 Ntfs (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys
  19:49:59.0311 3936 Ntfs - ok
  19:49:59.0414 3936 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys
  19:49:59.0419 3936 Null - ok
  19:49:59.0539 3936 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys
  19:49:59.0547 3936 nvraid - ok
  19:49:59.0683 3936 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys
  19:49:59.0691 3936 nvstor - ok
  19:49:59.0832 3936 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys
  19:49:59.0839 3936 nv_agp - ok
  19:49:59.0955 3936 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys
  19:49:59.0961 3936 ohci1394 - ok
  19:50:00.0081 3936 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys
  19:50:00.0085 3936 Parport - ok
  19:50:00.0171 3936 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\windows\system32\drivers\partmgr.sys
  19:50:00.0175 3936 partmgr - ok
  19:50:00.0273 3936 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys
  19:50:00.0278 3936 Parvdm - ok
  19:50:00.0401 3936 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys
  19:50:00.0408 3936 pci - ok
  19:50:00.0510 3936 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys
  19:50:00.0515 3936 pciide - ok
  19:50:00.0633 3936 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys
  19:50:00.0642 3936 pcmcia - ok
  19:50:00.0751 3936 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys
  19:50:00.0755 3936 pcw - ok
  19:50:00.0884 3936 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys
  19:50:00.0902 3936 PEAUTH - ok
  19:50:01.0032 3936 PGEffect (1b5011dd8d57f53aed31ff0f7d635802) C:\windows\system32\DRIVERS\pgeffect.sys
  19:50:01.0040 3936 PGEffect - ok
  19:50:01.0222 3936 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys
  19:50:01.0229 3936 PptpMiniport - ok
  19:50:01.0337 3936 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys
  19:50:01.0343 3936 Processor - ok
  19:50:01.0484 3936 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys
  19:50:01.0490 3936 Psched - ok
  19:50:01.0637 3936 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys
  19:50:01.0676 3936 ql2300 - ok
  19:50:01.0798 3936 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys
  19:50:01.0803 3936 ql40xx - ok
  19:50:01.0918 3936 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys
  19:50:01.0922 3936 QWAVEdrv - ok
  19:50:02.0042 3936 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys
  19:50:02.0045 3936 RasAcd - ok
  19:50:02.0164 3936 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys
  19:50:02.0169 3936 RasAgileVpn - ok
  19:50:02.0298 3936 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys
  19:50:02.0305 3936 Rasl2tp - ok
  19:50:02.0432 3936 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys
  19:50:02.0438 3936 RasPppoe - ok
  19:50:02.0545 3936 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys
  19:50:02.0552 3936 RasSstp - ok
  19:50:02.0674 3936 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys
  19:50:02.0685 3936 rdbss - ok
  19:50:02.0791 3936 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys
  19:50:02.0797 3936 rdpbus - ok
  19:50:02.0911 3936 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys
  19:50:02.0916 3936 RDPCDD - ok
  19:50:03.0049 3936 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys
  19:50:03.0053 3936 RDPENCDD - ok
  19:50:03.0172 3936 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys
  19:50:03.0176 3936 RDPREFMP - ok
  19:50:03.0289 3936 RDPWD (288b06960d78428ff89e811632684e20) C:\windows\system32\drivers\RDPWD.sys
  19:50:03.0298 3936 RDPWD - ok
  19:50:03.0470 3936 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys
  19:50:03.0479 3936 rdyboost - ok
  19:50:03.0657 3936 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys
  19:50:03.0662 3936 rspndr - ok
  19:50:03.0794 3936 RSUSBSTOR (b38e89386993e69a959b941561f3e5f3) C:\windows\system32\Drivers\RtsUStor.sys
  19:50:03.0804 3936 RSUSBSTOR - ok
  19:50:03.0924 3936 RTL8167 (cfa5758f2a929ce24e16e1b2a5ca8c23) C:\windows\system32\DRIVERS\Rt86win7.sys
  19:50:03.0940 3936 RTL8167 - ok
  19:50:04.0080 3936 RTL8192Ce (9f9858402e5dce7b6123734d4c26cecb) C:\windows\system32\DRIVERS\rtl8192Ce.sys
  19:50:04.0106 3936 RTL8192Ce - ok
  19:50:04.0234 3936 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys
  19:50:04.0240 3936 sbp2port - ok
  19:50:04.0358 3936 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys
  19:50:04.0364 3936 scfilter - ok
  19:50:04.0520 3936 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
  19:50:04.0525 3936 secdrv - ok
  19:50:04.0655 3936 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys
  19:50:04.0659 3936 Serenum - ok
  19:50:04.0769 3936 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys
  19:50:04.0774 3936 Serial - ok
  19:50:04.0911 3936 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys
  19:50:04.0915 3936 sermouse - ok
  19:50:05.0072 3936 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys
  19:50:05.0075 3936 sffdisk - ok
  19:50:05.0186 3936 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys
  19:50:05.0191 3936 sffp_mmc - ok
  19:50:05.0305 3936 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys
  19:50:05.0309 3936 sffp_sd - ok
  19:50:05.0426 3936 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys
  19:50:05.0431 3936 sfloppy - ok
  19:50:05.0576 3936 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys
  19:50:05.0580 3936 sisagp - ok
  19:50:05.0695 3936 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys
  19:50:05.0700 3936 SiSRaid2 - ok
  19:50:05.0809 3936 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys
  19:50:05.0814 3936 SiSRaid4 - ok
  19:50:05.0923 3936 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys
  19:50:05.0930 3936 Smb - ok
  19:50:06.0083 3936 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys
  19:50:06.0086 3936 spldr - ok
  19:50:06.0241 3936 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys
  19:50:06.0253 3936 srv - ok
  19:50:06.0378 3936 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys
  19:50:06.0389 3936 srv2 - ok
  19:50:06.0502 3936 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys
  19:50:06.0510 3936 srvnet - ok
  19:50:06.0670 3936 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys
  19:50:06.0676 3936 stexstor - ok
  19:50:06.0819 3936 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys
  19:50:06.0823 3936 swenum - ok
  19:50:06.0942 3936 SynTP (9a28f1c47ce0c8bbc02aaf5941ab44cd) C:\windows\system32\DRIVERS\SynTP.sys
  19:50:06.0951 3936 SynTP - ok
  19:50:07.0152 3936 Tcpip (04e4a7d53a7ace02e8c55b17a498f631) C:\windows\system32\drivers\tcpip.sys
  19:50:07.0186 3936 Tcpip - ok
  19:50:07.0379 3936 TCPIP6 (04e4a7d53a7ace02e8c55b17a498f631) C:\windows\system32\DRIVERS\tcpip.sys
  19:50:07.0408 3936 TCPIP6 - ok
  19:50:07.0522 3936 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys
  19:50:07.0530 3936 tcpipreg - ok
  19:50:07.0671 3936 tdcmdpst (4084ea00d50c858d6f9038f86ae2e2d0) C:\windows\system32\DRIVERS\tdcmdpst.sys
  19:50:07.0676 3936 tdcmdpst - ok
  19:50:07.0781 3936 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys
  19:50:07.0786 3936 TDPIPE - ok
  19:50:07.0896 3936 TDTCP (2c10395baa4847f83042813c515cc289) C:\windows\system32\drivers\tdtcp.sys
  19:50:07.0904 3936 TDTCP - ok
  19:50:08.0021 3936 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys
  19:50:08.0027 3936 tdx - ok
  19:50:08.0137 3936 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys
  19:50:08.0143 3936 TermDD - ok
  19:50:08.0423 3936 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys
  19:50:08.0431 3936 tssecsrv - ok
  19:50:08.0563 3936 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys
  19:50:08.0572 3936 TsUsbFlt - ok
  19:50:08.0700 3936 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys
  19:50:08.0705 3936 tunnel - ok
  19:50:08.0824 3936 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\windows\system32\DRIVERS\TVALZ_O.SYS
  19:50:08.0833 3936 TVALZ - ok
  19:50:08.0954 3936 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys
  19:50:08.0959 3936 uagp35 - ok
  19:50:09.0079 3936 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys
  19:50:09.0088 3936 udfs - ok
  19:50:09.0243 3936 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys
  19:50:09.0249 3936 uliagpkx - ok
  19:50:09.0392 3936 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys
  19:50:09.0397 3936 umbus - ok
  19:50:09.0518 3936 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys
  19:50:09.0525 3936 UmPass - ok
  19:50:09.0670 3936 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
  19:50:09.0674 3936 USBAAPL - ok
  19:50:09.0781 3936 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys
  19:50:09.0786 3936 usbccgp - ok
  19:50:09.0891 3936 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys
  19:50:09.0897 3936 usbcir - ok
  19:50:09.0999 3936 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\drivers\usbehci.sys
  19:50:10.0005 3936 usbehci - ok
  19:50:10.0117 3936 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys
  19:50:10.0127 3936 usbhub - ok
  19:50:10.0240 3936 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys
  19:50:10.0244 3936 usbohci - ok
  19:50:10.0359 3936 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys
  19:50:10.0363 3936 usbprint - ok
  19:50:10.0470 3936 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS
  19:50:10.0476 3936 USBSTOR - ok
  19:50:10.0583 3936 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys
  19:50:10.0587 3936 usbuhci - ok
  19:50:10.0714 3936 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys
  19:50:10.0721 3936 usbvideo - ok
  19:50:10.0875 3936 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys
  19:50:10.0881 3936 vdrvroot - ok
  19:50:11.0009 3936 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys
  19:50:11.0014 3936 vga - ok
  19:50:11.0113 3936 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys
  19:50:11.0120 3936 VgaSave - ok
  19:50:11.0231 3936 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys
  19:50:11.0237 3936 vhdmp - ok
  19:50:11.0367 3936 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys
  19:50:11.0371 3936 viaagp - ok
  19:50:11.0429 3936 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys
  19:50:11.0434 3936 ViaC7 - ok
  19:50:11.0558 3936 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys
  19:50:11.0562 3936 viaide - ok
  19:50:11.0673 3936 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys
  19:50:11.0677 3936 volmgr - ok
  19:50:11.0790 3936 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys
  19:50:11.0803 3936 volmgrx - ok
  19:50:11.0911 3936 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys
  19:50:11.0919 3936 volsnap - ok
  19:50:12.0033 3936 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys
  19:50:12.0039 3936 vsmraid - ok
  19:50:12.0157 3936 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys
  19:50:12.0162 3936 vwifibus - ok
  19:50:12.0269 3936 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys
  19:50:12.0275 3936 vwififlt - ok
  19:50:12.0411 3936 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys
  19:50:12.0417 3936 WacomPen - ok
  19:50:12.0536 3936 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
  19:50:12.0542 3936 WANARP - ok
  19:50:12.0560 3936 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys
  19:50:12.0565 3936 Wanarpv6 - ok
  19:50:12.0714 3936 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys
  19:50:12.0718 3936 Wd - ok
  19:50:12.0843 3936 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys
  19:50:12.0859 3936 Wdf01000 - ok
  19:50:13.0051 3936 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys
  19:50:13.0055 3936 WfpLwf - ok
  19:50:13.0166 3936 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys
  19:50:13.0172 3936 WIMMount - ok
  19:50:13.0406 3936 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys
  19:50:13.0410 3936 WinUsb - ok
  19:50:13.0585 3936 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys
  19:50:13.0592 3936 WmiAcpi - ok
  19:50:13.0770 3936 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys
  19:50:13.0774 3936 ws2ifsl - ok
  19:50:13.0925 3936 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys
  19:50:13.0933 3936 WudfPf - ok
  19:50:14.0047 3936 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys
  19:50:14.0054 3936 WUDFRd - ok
  19:50:14.0149 3936 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
  19:50:14.0180 3936 \Device\Harddisk0\DR0 - ok
  19:50:14.0211 3936 Boot (0x1200) (5dad5eb060e5c62d13918900b3b45056) \Device\Harddisk0\DR0\Partition0
  19:50:14.0214 3936 \Device\Harddisk0\DR0\Partition0 - ok
  19:50:14.0215 3936 ============================================================
  19:50:14.0215 3936 Scan finished
  19:50:14.0216 3936 ============================================================
  19:50:14.0269 5092 Detected object count: 0
  19:50:14.0269 5092 Actual detected object count: 0


  COMBOFIX
  [/u:48930dfad1][/b:48930dfad1][u:48930dfad1]  ComboFix 11-11-10.03 - Tom 09-11-2011 18:54:06.1.2 - x86
  Microsoft Windows 7 Starter 6.1.7601.1.1252.31.1033.18.1013.281 [GMT -4:00]
  Gestart vanuit: c:\users\Tom\Downloads\ComboFix.exe
  SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\programdata\xp
  c:\programdata\xp\EBLib.dll
  c:\programdata\xp\TPwSav.sys
  c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3 .lnk
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-10-09 to 2011-11-09 ))))))))))))))))))))))))))))))
  .
  .
  2011-11-09 23:27 . 2011-11-09 23:27 ——– d—–w- c:\users\Default\AppData\Local\temp
  2011-11-07 14:07 . 2011-11-07 14:07 56200 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{708216DF-AC62-4BF0-9BEB-D1D7A8D0D942}\offreg.dll
  2011-11-07 14:07 . 2011-10-07 03:48 6668624 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{708216DF-AC62-4BF0-9BEB-D1D7A8D0D942}\mpengine.dll
  2011-11-01 19:34 . 2011-11-01 19:34 ——– d—–w- c:\users\Tom\AppData\Roaming\Rovio
  2011-11-01 19:32 . 2009-08-24 14:15 761152 —-a-w- c:\windows\system32\msvcr100.dll
  2011-10-26 20:11 . 2011-10-26 20:12 ——– d—–w- c:\users\Tom\AppData\Local\Amazon
  2011-10-12 14:11 . 2011-08-17 04:24 465408 —-a-w- c:\windows\system32\psisdecd.dll
  2011-10-12 14:11 . 2011-08-17 04:19 75776 —-a-w- c:\windows\system32\psisrndr.ax
  2011-10-12 14:11 . 2011-08-27 04:26 233472 —-a-w- c:\windows\system32\oleacc.dll
  2011-10-12 14:11 . 2011-08-27 04:26 571904 —-a-w- c:\windows\system32\oleaut32.dll
  2011-10-12 14:11 . 2011-09-06 02:28 2334720 —-a-w- c:\windows\system32\win32k.sys
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-08-17 23:50 . 2009-07-14 02:05 152576 —-a-w- c:\windows\system32\msclmd.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-01 141848]
  "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-01 173592]
  "Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-01 150552]
  "SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-03-04 352256]
  "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 425984]
  "KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2010-09-14 35440]
  "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2010-09-28 521640]
  "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
  "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2010-05-09 742776]
  "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-17 9874024]
  "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2010-11-11 1522280]
  "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-03-11 1697064]
  "Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2010-11-12 1349032]
  "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-10-06 1294136]
  "TWebCamera"="c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-05-01 2454840]
  "ToshibaAppPlace"="c:\program files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
  "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22840]
  "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 611672]
  "TosReelTimeMonitor"="c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [2010-07-10 31648]
  "TosNC"="c:\program files\Toshiba\BulletinBoard\TosNcCore.exe" [2010-04-23 467816]
  "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
  "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
  "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
  "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
  "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-07-19 421736]
  .
  c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
  Best Buy pc app.lnk - c:\programdata\Best Buy pc app\ClickOnceSetup.exe [2010-6-24 9216]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "ConsentPromptBehaviorAdmin"= 5 (0x5)
  "ConsentPromptBehaviorUser"= 3 (0x3)
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 136176]
  R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 136176]
  R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-21 194664]
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
  S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-30 218688]
  S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
  S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-05 1809920]
  S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-11-12 189880]
  S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 24064]
  S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-10-07 322664]
  S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-10-18 999016]
  S3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
  S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 111960]
  .
  .
  — Andere Services/Drivers In Geheugen —
  .
  *NewlyCreated* - 86764295
  *NewlyCreated* - 88651087
  *Deregistered* - 86764295
  *Deregistered* - 88651087
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
  .
  Inhoud van de 'Gedeelde Taken' map
  .
  2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 01:41]
  .
  2011-11-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-05 01:41]
  .
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://start.toshiba.com/g/
  uInternet Settings,ProxyOverride = <local>;*.local
  IE: Google Sidewiki… - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
  TCP: DhcpNameServer = 200.74.121.11 190.160.0.11 190.160.0.14
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  Toolbar-Locked - (no file)
  .
  .
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_USERS\S-1-5-21-3703152482-2520256778-3467307269-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*H*o*m*ûnw\OpenWithList]
  @Class="Shell"
  "a"="vlc.exe"
  "MRUList"="a"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  Voltooingstijd: 2011-11-09 19:39:17
  ComboFix-quarantined-files.txt 2011-11-09 23:39
  .
  Pre-Run: 97.939.312.640 bytes free
  Post-Run: 98.582.990.848 bytes free
  .
  - - End Of File - - AACA8323754870E6EC9FFFCDE8141AF6
  [/u:48930dfad1]
 • Ook ComboFix heeft geen antivirussoftware gevonden.
  Je kan echt niet verwachten, dat je zonder antivirus in Windows een lange "overlevingstijd hebt!

  Ik denk dan ook dat je nu eerst overgaat tot het installeren van een antivirusprogramma!

  Ik adviseer je Avast 6 Free te nemen.
  En een andere firewall dan de Windows firewall is ook aanbevolen.
  Maar daar kom ik nog op terug.

  Op één: Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's en staat daarom internationaal als beste gratis alternatief te boek.

  Avast speelt dus duidelijk op de nieuwe bedreigingen van het internet in!
  [b:76dc6433c4]Bovendien merk je nauwelijks, dat Avast draait![/b:76dc6433c4]
  Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!

  [b:76dc6433c4]Downloadlink Avast 6 Free[/b:76dc6433c4]


  Verder wil ik het volgende weten:

  hoeveel processen en hoeveel CPU-gebruik geeft Taakbeheer aan?
 • Processen: 77
  CPU USAGE: schommelt per halve seconde van 3 procent naar 35 procent
  hysical memory: 88 procent

  Ik ga inderdaad het antivirus software programma installeren, hartelijk dank
 • Wow, dat wordt dan tijd!
  Veel processen inderdaad.

  Indien Avast geïnstalleerd is en geupdated en geregistreerd is, doe dan een volledige systeemscan ermee.

  Meldt je terug als bovenstaande gedaan is.
 • Heb net een volledige systeem scan gedraaid met avast virus programma. Geen geinfecteerde bestanden aangetroffen. Helaas is het probleem nog steeds aanwezig. Nog andere opties die ik kan proberen?

  Hartelijk dank
 • Je mag het volgende doen:

  Download de [b:17c8e10d9a][/b:17c8e10d9a] naar het bureaublad en pak het [b:17c8e10d9a]ZIP[/b:17c8e10d9a] bestand uit.
  [list:17c8e10d9a]
  [*:17c8e10d9a] Open de map "[b:17c8e10d9a]EmsisoftEmergencyKit[/b:17c8e10d9a]" en dubbelklik op "[b:17c8e10d9a]Start.exe[/b:17c8e10d9a]"
  [*:17c8e10d9a] Klik nu op "[b:17c8e10d9a]Emergency Kit Scanner[/b:17c8e10d9a]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:17c8e10d9a]Ja[/b:17c8e10d9a]"
  [img:17c8e10d9a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:17c8e10d9a]
  [*:17c8e10d9a] Als de update gereed is en de melding "[b:17c8e10d9a]Update process is succesvol afgerond[/b:17c8e10d9a]" verschijnt klikt u op "[b:17c8e10d9a]menu[/b:17c8e10d9a]" en dan op "[b:17c8e10d9a]Scan PC[/b:17c8e10d9a]"
  [*:17c8e10d9a] Selecteer de optie "[b:17c8e10d9a]Diep[/b:17c8e10d9a]" als deze niet standaard al zo is ingesteld.
  [*:17c8e10d9a] Klik Nu op de knop "[b:17c8e10d9a]Scan[/b:17c8e10d9a]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  [*:17c8e10d9a] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  [*:17c8e10d9a] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:17c8e10d9a]verwijder geselecteerde[/b:17c8e10d9a]" u zal nu de volgende melding krijgen maar klik hier op "[b:17c8e10d9a]Ja[/b:17c8e10d9a]"
  [img:17c8e10d9a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:17c8e10d9a]
  [*:17c8e10d9a] Als het verwijderen gereed is klikt u op de knop "[b:17c8e10d9a]View report[/b:17c8e10d9a]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:17c8e10d9a]a2scan_110730-111615.txt[/b:17c8e10d9a]
  [*:17c8e10d9a] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  [*:17c8e10d9a] Herstart nu de computer.[/list:u:17c8e10d9a]

 • Emsisoft Emergency Kit - Versie 1.0
  Laatste Update: 11/26/2011 9:07:51 PM

  Scaninstellingen:

  Scantype: Diepe Scan
  Objecten: Geheugen, Sporen, Cookies, C:\
  Scan archieven: Aan
  Heuristieken: Uit
  ADS Scan: Aan

  Scan gestart: 11/30/2011 9:56:27 PM

  C:\Users\Tom\Downloads\ComboFix.exe/$0\List.bat Ontdekt: Virus.Win32.HTML!IK

  Gescand

  Bestanden: 251709
  Sporen: 401794
  Cookies: 849
  Processen: 66

  Gevonden

  Bestanden: 1
  Sporen: 0
  Cookies: 0
  Processen: 0
  Registersleutels: 0

  Scan Geëindigd: 12/1/2011 7:38:29 AM
  Scantijd: 9:42:02

  C:\Users\Tom\Downloads\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK

  Verwijderd

  Bestanden: 1
  Sporen: 0
  Cookies: 0
 • Hmm, een raadsel dus waarom jouw Widows traagheid vertoont.

  Doe het volgende:

  [b:6cae337677]Welk programma[/b:6cae337677]: RSIT
  [b:6cae337677]Waarvoor/waarom[/b:6cae337677]: geeft een zeer uitgebreid overzicht van Windows
  [b:6cae337677]Moeilijkheidsgraad[/b:6cae337677]: geen
  [b:6cae337677]Downloadlokatie[/b:6cae337677]: Dit programma absoluut naar het bureaublad downloaden!
  [b:6cae337677]Download RSIT[/b:6cae337677] [b:6cae337677]hier[/b:6cae337677]
  [b:6cae337677]Het gebruik van RSIT,[/b:6cae337677]
  [list:6cae337677][*:6cae337677]Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling.
  [*:6cae337677]Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".[/list:u:6cae337677]
  [b:6cae337677]Nadat de scan beëindigd is, zullen twee logs openen.[/b:6cae337677]
  [list:6cae337677][*:6cae337677] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn)
  [*:6cae337677] Post ook 'info.txt' ('info.txt', dit log zal eerst geminimaliseerd zijn in de Taakbalk)
  [*:6cae337677] Indien je [b:6cae337677]info.txt[/b:6cae337677] niet vindt, kijk dan in C:\ er naar.[/list:u:6cae337677]
  [b:6cae337677]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:[/b:6cae337677]
  [list:6cae337677][*:6cae337677]RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden.
  [*:6cae337677] Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen',
  [*:6cae337677] klik nu op de tab 'Compatibiliteit'.
  [*:6cae337677] Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'[/list:u:6cae337677]
  RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
 • Logfile of random's system information tool 1.09 (written by random/random)
  Run by Tom at 2011-12-01 12:19:49
  Microsoft Windows 7 Starter Service Pack 1
  System drive C: has 70 GB (31%) free of 229 GB
  Total RAM: 1013 MB (17% free)

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 12:21:22, on 1-12-2011
  Platform: Windows 7 SP1 (WinNT 6.00.3505)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\windows\Explorer.EXE
  C:\windows\system32\Dwm.exe
  C:\Windows\System32\igfxtray.exe
  C:\Windows\System32\hkcmd.exe
  C:\Windows\System32\igfxpers.exe
  C:\windows\system32\igfxsrvc.exe
  C:\windows\system32\taskhost.exe
  C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
  C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
  C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
  C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
  C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
  C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\TOSHIBA\TECO\Teco.exe
  C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  C:\windows\system32\igfxext.exe
  C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
  C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
  C:\Program Files\Common Files\Java\Java Update\jusched.exe
  C:\Program Files\QuickTime\QTTask.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\AVAST Software\Avast\AvastUI.exe
  C:\Program Files\DAEMON Tools Lite\DTLite.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
  C:\windows\system32\rundll32.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Program Files\Google\Chrome\Application\chrome.exe
  C:\Users\Tom\Downloads\RSIT.exe
  C:\windows\system32\SearchFilterHost.exe
  C:\Program Files\trend micro\Tom.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/g/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
  O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
  O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
  O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
  O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
  O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
  O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
  O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
  O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
  O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
  O4 - HKLM\..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe /FORPCEE3
  O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
  O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
  O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
  O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
  O4 - HKLM\..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
  O4 - HKLM\..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
  O4 - HKLM\..\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
  O4 - HKLM\..\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
  O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
  O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')
  O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
  O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
  O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
  O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
  O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
  O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
  O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe


  End of file - 8136 bytes

  ======Scheduled tasks folder======

  C:\windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\windows\tasks\GoogleUpdateTaskMachineUA.job

  ======Registry dump======

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
  Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
  avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
  Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-26 41760]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "IgfxTray"=C:\windows\system32\igfxtray.exe [2010-10-01 141848]
  "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-10-01 173592]
  "Persistence"=C:\windows\system32\igfxpers.exe [2010-10-01 150552]
  "SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2010-03-04 352256]
  "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2010-03-04 425984]
  "KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2010-09-14 35440]
  "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2010-09-28 521640]
  "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-07-28 460088]
  "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-05-08 742776]
  "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-11-16 9874024]
  "RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [2010-11-11 1522280]
  "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 1697064]
  "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-11-11 1349032]
  "ToshibaServiceStation"=C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
  "TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-05-01 2454840]
  "ToshibaAppPlace"=C:\Program Files\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [2010-09-23 552960]
  "TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 22840]
  "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 611672]
  "TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-07-09 31648]
  "TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-04-23 467816]
  "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
  "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
  "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
  "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
  "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-07-19 421736]
  "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
  C:\windows\system32\igfxdev.dll [2010-04-19 218112]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-08-02 203776]

  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
  "SecurityProviders"=credssp.dll

  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  "ConsentPromptBehaviorAdmin"=5
  "ConsentPromptBehaviorUser"=3
  "EnableUIADesktopToggle"=0
  "dontdisplaylastusername"=0
  "legalnoticecaption"=
  "legalnoticetext"=
  "shutdownwithoutlogon"=1
  "undockwithoutlogon"=1

  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  "NoDrives"=0

  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  "NoDrives"=0

  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

  [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
  "vidc.mrle"=msrle32.dll
  "vidc.msvc"=msvidc32.dll
  "msacm.imaadpcm"=imaadp32.acm
  "msacm.msg711"=msg711.acm
  "msacm.msgsm610"=msgsm32.acm
  "msacm.msadpcm"=msadp32.acm
  "midimapper"=midimap.dll
  "wavemapper"=msacm32.drv
  "VIDC.UYVY"=msyuv.dll
  "VIDC.YUY2"=msyuv.dll
  "VIDC.YVYU"=msyuv.dll
  "VIDC.IYUV"=iyuv_32.dll
  "vidc.i420"=iyuv_32.dll
  "VIDC.YVU9"=tsbyuv.dll
  "msacm.l3acm"=C:\Windows\System32\l3codeca.acm
  "vidc.cvid"=iccvid.dll
  "msacm.siren"=sirenacm.dll
  "MSVideo8"=VfWWDM32.dll
  "wave"=wdmaud.drv
  "midi"=wdmaud.drv
  "mixer"=wdmaud.drv
  "aux"=wdmaud.drv

  ======File associations======

  .js - edit - C:\Windows\System32\Notepad.exe %1

  ======List of files/folders created in the last 1 month======

  2011-12-01 12:19:51 —-D—- C:\Program Files\trend micro
  2011-12-01 12:19:49 —-D—- C:\rsit
  2011-11-13 19:05:21 —-A—- C:\windows\system32\drivers\aswSP.sys
  2011-11-13 19:05:21 —-A—- C:\windows\system32\drivers\aswFsBlk.sys
  2011-11-13 19:05:18 —-A—- C:\windows\system32\drivers\aswTdi.sys
  2011-11-13 19:05:18 —-A—- C:\windows\system32\drivers\aswRdr.sys
  2011-11-13 19:05:17 —-A—- C:\windows\system32\drivers\aswSnx.sys
  2011-11-13 19:05:16 —-A—- C:\windows\system32\drivers\aswMonFlt.sys
  2011-11-13 19:04:49 —-A—- C:\windows\avastSS.scr
  2011-11-13 19:04:48 —-A—- C:\windows\system32\aswBoot.exe
  2011-11-13 19:04:29 —-D—- C:\ProgramData\AVAST Software
  2011-11-13 19:04:29 —-D—- C:\Program Files\AVAST Software
  2011-11-09 19:49:08 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_19.49.08_log.txt
  2011-11-09 19:39:59 —-SHD—- C:\$RECYCLE.BIN
  2011-11-09 19:39:23 —-A—- C:\ComboFix.txt
  2011-11-09 19:27:13 —-D—- C:\windows\temp
  2011-11-09 18:48:01 —-A—- C:\windows\zip.exe
  2011-11-09 18:48:01 —-A—- C:\windows\SWSC.exe
  2011-11-09 18:48:01 —-A—- C:\windows\SWREG.exe
  2011-11-09 18:48:01 —-A—- C:\windows\sed.exe
  2011-11-09 18:48:01 —-A—- C:\windows\PEV.exe
  2011-11-09 18:48:01 —-A—- C:\windows\NIRCMD.exe
  2011-11-09 18:48:01 —-A—- C:\windows\MBR.exe
  2011-11-09 18:48:01 —-A—- C:\windows\grep.exe
  2011-11-09 18:47:33 —-D—- C:\windows\ERDNT
  2011-11-09 18:47:10 —-D—- C:\Qoobox
  2011-11-09 18:37:35 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_18.37.35_log.txt
  2011-11-09 18:36:44 —-A—- C:\TDSSKiller.2.6.17.0_09.11.2011_18.36.44_log.txt
  2011-11-08 12:23:19 —-A—- C:\windows\system32\drivers\tcpip.sys
  2011-11-08 12:23:11 —-A—- C:\windows\system32\win32k.sys

  ======List of files/folders modified in the last 1 month======

  2011-12-01 12:19:51 —-RD—- C:\Program Files
  2011-12-01 08:33:12 —-D—- C:\windows\system32\config
  2011-12-01 08:23:44 —-D—- C:\windows\Minidump
  2011-12-01 08:23:17 —-AD—- C:\Windows
  2011-11-30 22:12:13 —-SHD—- C:\System Volume Information
  2011-11-26 20:54:12 —-D—- C:\Users\Tom\AppData\Roaming\BitTorrent
  2011-11-26 18:01:32 —-D—- C:\Users\Tom\AppData\Roaming\Skype
  2011-11-22 13:13:15 —-AD—- C:\windows\System32
  2011-11-22 13:13:15 —-A—- C:\windows\system32\PerfStringBackup.INI
  2011-11-22 13:13:09 —-D—- C:\windows\inf
  2011-11-13 19:05:21 —-D—- C:\windows\system32\drivers
  2011-11-13 19:05:06 —-SHD—- C:\windows\Installer
  2011-11-13 19:04:29 —-D—- C:\ProgramData
  2011-11-13 11:17:26 —-D—- C:\Users\Tom\AppData\Roaming\vlc
  2011-11-10 03:28:07 —-D—- C:\windows\winsxs
  2011-11-10 03:25:41 —-D—- C:\Program Files\Common Files\System
  2011-11-10 03:03:45 —-A—- C:\windows\system32\MRT.exe
  2011-11-10 03:03:35 —-D—- C:\windows\system32\catroot
  2011-11-10 03:03:34 —-D—- C:\windows\system32\catroot2
  2011-11-09 19:28:40 —-A—- C:\windows\system.ini
  2011-11-09 19:27:48 —-D—- C:\windows\system32\drivers\etc
  2011-11-09 19:07:45 —-D—- C:\windows\AppPatch
  2011-11-09 19:07:40 —-D—- C:\Program Files\Common Files
  2011-11-09 17:52:39 —-SD—- C:\Users\Tom\AppData\Roaming\Microsoft

  ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 435736]
  R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-31 36208]
  R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
  R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 23512]
  R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
  R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
  R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-09-06 320856]
  R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
  R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-30 218688]
  R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
  R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
  R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
  R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
  R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-04-19 4806144]
  R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-11-16 3248168]
  R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
  R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-10-06 322664]
  R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2010-10-18 999016]
  R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-03-10 242864]
  R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 22912]
  S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
  S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-13 70720]
  S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-13 53312]
  S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
  S3 catchme;catchme; \??\C:\Users\Tom\AppData\Local\Temp\catchme.sys []
  S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12368]
  S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-07-20 194664]
  S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-13 52304]
  S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
  S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
  S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-13 53328]
  S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
  S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

  ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

  R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
  R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
  R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-07-12 387944]
  R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2010-08-04 1809920]
  R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2010-10-20 128416]
  R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2010-09-28 468392]
  R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-11-11 189880]
  R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
  R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-07-19 821096]
  R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
  R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 111960]
  S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-04 136176]
  S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-04 136176]
  S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

  —————–EOF—————–
  [b:36a5bdedcf][/b:36a5bdedcf][b:36a5bdedcf][/b:36a5bdedcf]
 • info.txt logfile of random's system information tool 1.09 2011-12-01 12:22:10

  ======Uninstall list======

  –>"C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe" REMOVE=TRUE MODIFY=FALSE
  Adobe Flash Player 10 ActiveX–>C:\Windows\system32\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex
  Adobe Flash Player 10 Plugin–>C:\windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin
  Adobe Reader 9.4.5–>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
  Apple Application Support–>MsiExec.exe /I{B3575D00-27EF-49C2-B9E0-14B3D954E992}
  Apple Mobile Device Support–>MsiExec.exe /I{C23CD6DA-1958-43A5-ADD0-59396572E02E}
  Apple Software Update–>MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
  avast! Free Antivirus–>C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
  Best Buy pc app–>C:\ProgramData\{FBF3739B-717D-4429-BCEB-98D514E65F29}\Best Buy pc app Setup.exe
  BitTorrent–>"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
  Bonjour–>MsiExec.exe /X{D03482C5-9AD8-496D-B388-692AE04C93AF}
  Commandos 3 - Destination Berlin–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C270BC04-1540-4673-960F-A546B2C860CD}\SETUP.EXE"
  D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
  DAEMON Tools Lite–>C:\Program Files\DAEMON Tools Lite\uninst.exe
  Freelang Dictionary (wordlist)–>"C:\Users\Tom\AppData\Local\Freelang Dictionary\unins000.exe"
  Freelang Dictionary 3.74 beta–>"C:\Users\Tom\AppData\Local\Freelang Dictionary\unins001.exe"
  Google Chrome–>"C:\Program Files\Google\Chrome\Application\15.0.874.121\Installer\setup.exe" –uninstall –multi-install –chrome –system-level –verbose-logging
  Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
  Intel(R) Graphics Media Accelerator Driver–>C:\windows\system32\igxpun.exe -uninstall
  Intel(R) Rapid Storage Technology–>C:\Program Files\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
  Internet-based TOEFL–>"C:\Program Files\Kap.TOEFL\unins000.exe"
  iTunes–>MsiExec.exe /I{C73CA646-73B3-4AEF-A136-C37505745174}
  Java(TM) 6 Update 22–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
  Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
  Longman iBT–>C:\windows\unvise32.exe C:\Program Files\Longman iBT\uninstal.log
  Magic ISO Maker v5.5 (build 0265)–>C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
  Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
  Microsoft .NET Framework 4 Client Profile–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
  Microsoft .NET Framework 4 Client Profile–>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
  Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
  Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
  Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
  Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
  Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
  MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
  OpenOffice.org 3.3–>MsiExec.exe /I{91EBCCB9-A539-4306-AC5A-F372E0D6092B}
  Path to Success–>"C:\Program Files\Path to Success\uninstall.exe" "/U:C:\Program Files\Path to Success\Uninstall\uninstall.xml"
  PlayReady PC Runtime x86–>MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}
  Pocketwoordenboeken–>"C:\windows\Pocketwoordenboeken\uninstall.exe" "/U:C:\Program Files\Pocketwoordenboeken\Uninstall\uninstall.xml"
  QuickTime–>MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
  Railroad Tycoon II - Platinum–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BED27751-CD2A-4C2F-9813-00B9B60C76FE}\setup.exe"
  Realtek Ethernet Controller Driver–>C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly
  Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
  Realtek USB 2.0 Card Reader–>"C:\Program Files\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -removeonly
  Realtek WLAN Driver–>C:\Program Files\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
  Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
  Sid Meier's Railroad Tycoon–>C:\Program Files\2K Games\Sid Meier's Railroad Tycoon\uninst.exe
  SimCity 4 Deluxe–>C:\Program Files\Maxis\SimCity 4 Deluxe\EAUninstall.exe
  Skype™ 5.3–>MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}
  SopCast 3.4.0–>C:\Program Files\SopCast\uninst.exe
  Starcraft–>C:\windows\scunin.exe C:\windows\scunin.dat
  Synaptics Pointing Device Driver–>rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
  TELL ME MORE–>"C:\Program Files\Auralog\TELL ME MORE SI PLUS\Bin\unsetup.exe" -file "C:\Program Files\Auralog\TELL ME MORE SI PLUS\unsetup.aui"
  Toshiba App Place–>MsiExec.exe /I{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}
  TOSHIBA Application and Driver Installer–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe" -l0x9 -removeonly
  TOSHIBA Assist–>C:\Program Files\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -l0x0009 -removeonly
  Toshiba Book Place–>MsiExec.exe /I{39187A4B-7538-4BE7-8BAD-9E83303793AA}
  TOSHIBA Bulletin Board–>"C:\Program Files\InstallShield Installation Information\{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}\setup.exe" -runfromtemp -l0x0409 -removeonly
  TOSHIBA Bulletin Board–>MsiExec.exe /X{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}
  TOSHIBA Disc Creator–>MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
  TOSHIBA eco Utility–>C:\Program Files\InstallShield Installation Information\{53536479-DFB0-47ED-9D10-43F3708C222D}\setup.exe -runfromtemp -l0x0409
  TOSHIBA eco Utility–>C:\Program Files\InstallShield Installation Information\{53536479-DFB0-47ED-9D10-43F3708C222D}\setup.exe -runfromtemp -l0x0409
  TOSHIBA Flash Cards Support Utility–>"C:\Program Files\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409
  TOSHIBA Flash Cards Support Utility–>"C:\Program Files\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409 -removeonly
  TOSHIBA Hardware Setup–>"C:\Program Files\InstallShield Installation Information\{5279374D-87FE-4879-9385-F17278EBB9D3}\setup.exe" -runfromtemp -l0x0409 -removeonly
  TOSHIBA Hardware Setup–>MsiExec.exe /I{5279374D-87FE-4879-9385-F17278EBB9D3}
  TOSHIBA HDD/SSD Alert–>C:\Program Files\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0409
  TOSHIBA HDD/SSD Alert–>C:\Program Files\InstallShield Installation Information\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\setup.exe -runfromtemp -l0x0409
  TOSHIBA Media Controller–>C:\Program Files\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -l0x0009 -removeonly
  TOSHIBA Quality Application–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly
  TOSHIBA Recovery Media Creator–>MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
  TOSHIBA ReelTime–>"C:\Program Files\InstallShield Installation Information\{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}\setup.exe" -runfromtemp -l0x0409 -removeonly
  TOSHIBA ReelTime–>MsiExec.exe /X{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}
  TOSHIBA Service Station–>C:\Program Files\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
  TOSHIBA Supervisor Password–>"C:\Program Files\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409
  TOSHIBA Supervisor Password–>"C:\Program Files\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409 -removeonly
  TOSHIBA Value Added Package–>C:\Program Files\TOSHIBA\TVAP\Setup.exe
  TOSHIBA Web Camera Application–>C:\Program Files\InstallShield Installation Information\{5E6F6CF3-BACC-4144-868C-E14622C658F3}\setup.exe -runfromtemp -l0x0009 -removeonly
  ToshibaRegistration–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly
  Update for Microsoft .NET Framework 4 Client Profile (KB2468871)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
  Update for Microsoft .NET Framework 4 Client Profile (KB2533523)–>C:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
  Utility Common Driver–>"C:\Program Files\InstallShield Installation Information\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}\setup.exe" -runfromtemp -l0x0409 -removeonly
  Utility Common Driver–>MsiExec.exe /I{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}
  VLC media player 1.1.11–>C:\Program Files\VideoLAN\VLC\uninstall.exe
  Warzone Tower Defense–>C:\Program Files\softendo.com\Warzone Tower Defense\Uninstal.exe
  Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
  Windows Live Essentials–>C:\Program Files\Windows Live\Installer\wlarp.exe
  Windows Live Essentials–>MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
  Windows Live ID Sign-in Assistant–>MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
  Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
  Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
  Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
  Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
  Windows Live Mesh–>MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
  Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
  Windows Live Messenger–>MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B}
  Windows Live Messenger–>MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
  Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
  Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
  Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
  Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
  Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
  Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
  Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
  Windows Live PIMT Platform–>MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
  Windows Live Remote Client Resources–>MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
  Windows Live Remote Client–>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
  Windows Live Remote Service Resources–>MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
  Windows Live Remote Service–>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
  Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
  Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
  Windows Live UX Platform Language Pack–>MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}
  Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
  Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
  Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
  Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
  Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
  WinRAR 4.00 (32-bit)–>C:\Program Files\WinRAR\uninstall.exe
  YouTube Downloader 3.3–>"C:\Program Files\YouTube Downloader\uninstall.exe"

  ======System event log======

  Computer Name: Tom-PC
  Event Code: 0
  Message:
  Record Number: 8513
  Source Name: RTL8192Ce
  Time Written: 20110803015304.439312-000
  Event Type: Error
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message:
  Record Number: 8512
  Source Name: RTL8192Ce
  Time Written: 20110803015304.439312-000
  Event Type: Error
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message:
  Record Number: 8511
  Source Name: RTL8192Ce
  Time Written: 20110803015302.879310-000
  Event Type: Error
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message:
  Record Number: 8508
  Source Name: RTL8192Ce
  Time Written: 20110803015204.418428-000
  Event Type: Error
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message:
  Record Number: 8507
  Source Name: RTL8192Ce
  Time Written: 20110803015204.418428-000
  Event Type: Error
  User:

  =====Application event log=====

  Computer Name: Tom-PC
  Event Code: 0
  Message: Skipping empty element [tsu:setup_args]
  Record Number: 1859
  Source Name: TOSHIBA Service Station
  Time Written: 20110730173333.000000-000
  Event Type: Warning
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message: Skipping empty element [tsu:setup_args]
  Record Number: 1858
  Source Name: TOSHIBA Service Station
  Time Written: 20110730173333.000000-000
  Event Type: Warning
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message: Skipping empty element [tsu:setup_args]
  Record Number: 1857
  Source Name: TOSHIBA Service Station
  Time Written: 20110730173333.000000-000
  Event Type: Warning
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message: Skipping empty element [tsu:setup_args]
  Record Number: 1856
  Source Name: TOSHIBA Service Station
  Time Written: 20110730173333.000000-000
  Event Type: Warning
  User:

  Computer Name: Tom-PC
  Event Code: 0
  Message: Skipping empty element [tsu:setup_args]
  Record Number: 1854
  Source Name: TOSHIBA Service Station
  Time Written: 20110730173333.000000-000
  Event Type: Warning
  User:

  =====Security event log=====

  Computer Name: WIN-S3C11JGGV7T
  Event Code: 4624
  Message: An account was successfully logged on.

  Subject:
  Security ID: S-1-5-18
  Account Name: WIN-S3C11JGGV7T$
  Account Domain: WORKGROUP
  Logon ID: 0x3e7

  Logon Type: 5

  New Logon:
  Security ID: S-1-5-18
  Account Name: SYSTEM
  Account Domain: NT AUTHORITY
  Logon ID: 0x3e7
  Logon GUID: {00000000-0000-0000-0000-000000000000}

  Process Information:
  Process ID: 0x1e4
  Process Name: C:\Windows\System32\services.exe

  Network Information:
  Workstation Name:
  Source Network Address: -
  Source Port: -

  Detailed Authentication Information:
  Logon Process: Advapi
  Authentication Package: Negotiate
  Transited Services: -
  Package Name (NTLM only): -
  Key Length: 0

  This event is generated when a logon session is created. It is generated on the computer that was accessed.

  The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

  The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

  The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

  The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

  The authentication information fields provide detailed information about this specific logon request.
  - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
  - Transited services indicate which intermediate services have participated in this logon request.
  - Package name indicates which sub-protocol was used among the NTLM protocols.
  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
  Record Number: 790
  Source Name: Microsoft-Windows-Security-Auditing
  Time Written: 20110317003357.801047-000
  Event Type: Audit Success
  User:

  Computer Name: WIN-S3C11JGGV7T
  Event Code: 4672
  Message: Special privileges assigned to new logon.

  Subject:
  Security ID: S-1-5-18
  Account Name: SYSTEM
  Account Domain: NT AUTHORITY
  Logon ID: 0x3e7

  Privileges: SeAssignPrimaryTokenPrivilege
  SeTcbPrivilege
  SeSecurityPrivilege
  SeTakeOwnershipPrivilege
  SeLoadDriverPrivilege
  SeBackupPrivilege
  SeRestorePrivilege
  SeDebugPrivilege
  SeAuditPrivilege
  SeSystemEnvironmentPrivilege
  SeImpersonatePrivilege
  Record Number: 789
  Source Name: Microsoft-Windows-Security-Auditing
  Time Written: 20110317003336.491410-000
  Event Type: Audit Success
  User:

  Computer Name: WIN-S3C11JGGV7T
  Event Code: 4624
  Message: An account was successfully logged on.

  Subject:
  Security ID: S-1-5-18
  Account Name: WIN-S3C11JGGV7T$
  Account Domain: WORKGROUP
  Logon ID: 0x3e7

  Logon Type: 5

  New Logon:
  Security ID: S-1-5-18
  Account Name: SYSTEM
  Account Domain: NT AUTHORITY
  Logon ID: 0x3e7
  Logon GUID: {00000000-0000-0000-0000-000000000000}

  Process Information:
  Process ID: 0x1e4
  Process Name: C:\Windows\System32\services.exe

  Network Information:
  Workstation Name:
  Source Network Address: -
  Source Port: -

  Detailed Authentication Information:
  Logon Process: Advapi
  Authentication Package: Negotiate
  Transited Services: -
  Package Name (NTLM only): -
  Key Length: 0

  This event is generated when a logon session is created. It is generated on the computer that was accessed.

  The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

  The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

  The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

  The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

  The authentication information fields provide detailed information about this specific logon request.
  - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
  - Transited services indicate which intermediate services have participated in this logon request.
  - Package name indicates which sub-protocol was used among the NTLM protocols.
  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
  Record Number: 788
  Source Name: Microsoft-Windows-Security-Auditing
  Time Written: 20110317003336.491410-000
  Event Type: Audit Success
  User:

  Computer Name: WIN-S3C11JGGV7T
  Event Code: 4738
  Message: A user account was changed.

  Subject:
  Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
  Account Name: Administrator
  Account Domain: WIN-S3C11JGGV7T
  Logon ID: 0x19e09

  Target Account:
  Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
  Account Name: Administrator
  Account Domain: WIN-S3C11JGGV7T

  Changed Attributes:
  SAM Account Name: -
  Display Name: -
  User Principal Name: -
  Home Directory: -
  Home Drive: -
  Script Path: -
  Profile Path: -
  User Workstations: -
  Password Last Set: -
  Account Expires: -
  Primary Group ID: -
  AllowedToDelegateTo: -
  Old UAC Value: 0x211
  New UAC Value: 0x211
  User Account Control: -
  User Parameters: -
  SID History: -
  Logon Hours: -

  Additional Information:
  Privileges: -
  Record Number: 787
  Source Name: Microsoft-Windows-Security-Auditing
  Time Written: 20110317003336.101409-000
  Event Type: Audit Success
  User:

  Computer Name: WIN-S3C11JGGV7T
  Event Code: 1102
  Message: The audit log was cleared.
  Subject:
  Security ID: S-1-5-21-3703152482-2520256778-3467307269-500
  Account Name: Administrator
  Domain Name: WIN-S3C11JGGV7T
  Logon ID: 0x19e09
  Record Number: 786
  Source Name: Microsoft-Windows-Eventlog
  Time Written: 20110317003335.898609-000
  Event Type: Audit Success
  User:

  ======Environment variables======

  "ComSpec"=%SystemRoot%\system32\cmd.exe
  "FP_NO_HOST_CHECK"=NO
  "OS"=Windows_NT
  "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Windows Live\Shared;C:\Program Files\QuickTime\QTSystem
  "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
  "PROCESSOR_ARCHITECTURE"=x86
  "TEMP"=%SystemRoot%\TEMP
  "TMP"=%SystemRoot%\TEMP
  "USERNAME"=SYSTEM
  "windir"=%SystemRoot%
  "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
  "NUMBER_OF_PROCESSORS"=2
  "PROCESSOR_LEVEL"=6
  "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 10, GenuineIntel
  "PROCESSOR_REVISION"=1c0a
  "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
  "asl.log"=Destination=file
  "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

  —————–EOF—————–
 • Dit is dus een Netbook van Toshiba.

  Ik adviseer je te upgraden naar 2GB werkgeheugen.
  http://www.interngeheugen.com/link.odb?stat=banner&url=/mappreporter.odb?&id=70

  Via die link kom je exact te weten wat mogelijk is en wat zo ongeveer de kosten zijn.

  Bovendien is het gros van de opstarters allemaal Toshiba software, waar je het grootste deel mijn inziens helemaal niet van nodig hebt!
 • Klopt inderdaad…… maar toch vreemd ik opeens een verschil merk in functioneren. Zelfs het schrijven van een email duurt langer dan normaal omdat de letters later op mijn beeld verschijnen. Hoe kan ik deze start up programma's verwijderen.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.