• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

trage Laptop, speelt videos op youtube, facebook en dergelijke sites happend af

Status
Niet open voor verdere reacties.

lunnyMcFunny

Gevestigd lid
Lid geworden
23 mei 2009
Berichten
333
Waarderingsscore
0
Hallo,

heb hier en HJT voor jullie omdat mijn laptop traag loopt en de laatste tijd videos happend afspeelt met firefox

[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52:32, on 3-8-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe
c:\program files (x86)\windows live\messenger\msnmsgr.exe
c:\program files (x86)\tomtom home 2\tomtomhomerunner.exe
c:\program files (x86)\daemon tools lite\dtlite.exe
c:\users\hp\appdata\local\google\update\1.3.21.115\googlecrashhandler.exe
c:\program files (x86)\skype\phone\skype.exe
c:\program files (x86)\corel\corel paint shop pro photo x2\coreliomonitor.exe
c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe
c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe
c:\program files (x86)\f-secure\common\fsm32.exe
c:\program files (x86)\hp\hp software update\hpwuschd2.exe
c:\program files (x86)\common files\java\java update\jusched.exe
c:\program files (x86)\quicktime\qttask.exe
c:\program files (x86)\windows live\contacts\wlcomm.exe
c:\program files (x86)\hewlett-packard\shared\hpqtoaster.exe
c:\program files (x86)\mozilla firefox\firefox.exe
c:\program files\widcomm\bluetooth software\bluetoothheadsetproxy.exe
c:\program files (x86)\mozilla firefox\plugin-container.exe
c:\windows\syswow64\macromed\flash\flashplayerplugin_11_3_300_270.exe
c:\windows\syswow64\macromed\flash\flashplayerplugin_11_3_300_270.exe
c:\users\hp\downloads\hijackthis.exe

r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://search.imesh.net[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://g.uk.msn.com/hpcon/8[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hklm\software\microsoft\internet explorer\main,local page = c:\windows\syswow64\blank.htm
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = *.local
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
f2 - reg:system.ini: userinit=userinit.exe
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: wincore mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll (file missing)
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files (x86)\java\jre6\bin\ssv.dll
o2 - bho: aanmeldhulp voor windows live id - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: skypeiepluginbho - {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o2 - bho: litmusbho - {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files (x86)\f-secure\nrs\iescript\baselitmus.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
o3 - toolbar: wincore mediabar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll (file missing)
o3 - toolbar: browsing protection toolbar - {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files (x86)\f-secure\nrs\iescript\baselitmus.dll
o4 - hklm\..\run: [corel file shell monitor] c:\program files (x86)\corel\corel paint shop pro photo x2\coreliomonitor.exe
o4 - hklm\..\run: [hpcam_menu] c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe "c:\program files (x86)\hewlett-packard\media\webcam" updatewithcreateonce "software\hewlett-packard\media\webcam"
o4 - hklm\..\run: [qlbctrl.exe] c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe /start
o4 - hklm\..\run: [easybits recovery] c:\program files (x86)\easybits for kids\ezrecover.exe
o4 - hklm\..\run: [wirelessassistant] c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe
o4 - hklm\..\run: [f-secure manager] c:\program files (x86)\f-secure\common\fsm32.exe /splash
o4 - hklm\..\run: [f-secure tnb] c:\program files (x86)\f-secure\fsgui\tnbutil.exe /checkall /waitforsw
o4 - hklm\..\run: [divx download manager] c:\program files (x86)\divx\divx plus web player\ddmservice.exe start
o4 - hklm\..\run: [adobe arm] c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [apsdaemon] c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
o4 - hklm\..\run: [ituneshelper] c:\program files (x86)\itunes\ituneshelper.exe
o4 - hklm\..\run: [hp software update] c:\program files (x86)\hp\hp software update\hpwuschd2.exe
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files (x86)\common files\java\java update\jusched.exe
o4 - hklm\..\run: [quicktime task] c:\program files (x86)\quicktime\qttask.exe -atboottime
o4 - hkcu\..\run: [lightscribe control panel] c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe -hidden
o4 - hkcu\..\run: [msnmsgr] c:\program files (x86)\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [restart_sticky_notes] c:\windows\system32\stikynot.exe
o4 - hkcu\..\run: [hpadvisor] c:\program files (x86)\hewlett-packard\hp advisor\hpadvisor.exe view=dockview
o4 - hkcu\..\run: [tomtomhome.exe] c:\program files (x86)\tomtom home 2\tomtomhomerunner.exe
o4 - hkcu\..\run: [isuspm] c:\program files (x86)\common files\installshield\updateservice\isuspm.exe -scheduler
o4 - hkcu\..\run: [superantispyware] c:\program files\superantispyware\superantispyware.exe
o4 - hkcu\..\run: [google update] c:\users\hp\appdata\local\google\update\googleupdate.exe /c
o4 - hkcu\..\run: [ea core] c:\program files (x86)\electronic arts\eadm\core.exe -silent
o4 - hkcu\..\run: [hp photosmart 7510 series (net)] c:\program files\hp\hp photosmart 7510 series\bin\scantopcactivationapp.exe -deviceid "cn1bm340ky05px:nw" -scfn "hp photosmart 7510 series (net)" -autostart 1
o4 - hkcu\..\run: [daemon tools lite] c:\program files (x86)\daemon tools lite\dtlite.exe -autorun
o4 - hkcu\..\run: [skype] c:\program files (x86)\skype\phone\skype.exe /minimized /regrun
o4 - startup: inktwaarschuwingen controleren - hp photosmart 7510 series (netwerk).lnk = ?
o4 - global startup: bluetooth.lnk = ?
o8 - extra context menu item: afbeelding verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
o8 - extra context menu item: e&xporteren naar microsoft excel - res://c:\progra~2\micros~1\office12\excel.exe/3000
o8 - extra context menu item: pagina verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
o9 - extra button: hp smart print - {22cc3ebd-c286-43aa-b8e6-06b115f74162} - c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe
o9 - extra 'tools' menuitem: smartprint - {22cc3ebd-c286-43aa-b8e6-06b115f74162} - c:\program files (x86)\hewlett-packard\smartprint\smartprintsetup.exe
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll
o9 - extra 'tools' menuitem: verz&enden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~2\micros~1\office12\onbttnie.dll
o9 - extra button: skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra 'tools' menuitem: skype click to call - {898ea8c8-e7ff-479b-8935-aec46303b9e5} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~2\micros~1\office12\refiebar.dll
o9 - extra button: verzenden naar bluetooth - {cca281ca-c863-46ef-9331-5c8d4460577f} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
o9 - extra 'tools' menuitem: verzenden naar &bluetooth-apparaat... - {cca281ca-c863-46ef-9331-5c8d4460577f} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
o16 - dpf: {c345e174-3e87-4f41-a01c-b066a90a49b4} (wrc class) - [noparse]http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx[/noparse]
o18 - protocol: skype-ie-addon-data - {91774881-d725-4e58-b298-07617b9b86a8} - c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~2\common~1\skype\skype4~1.dll
o20 - appinit_dlls:
o23 - service: sas core service (!sascore) - superantispyware.com - c:\program files\superantispyware\sascore64.exe
o23 - service: adobe acrobat update service (adobearmservice) - adobe systems incorporated - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
o23 - service: andrea st filters service (aestfilters) - andrea electronics corporation - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe
o23 - service: @%systemroot%\system32\alg.exe,-112 (alg) - unknown owner - c:\windows\system32\alg.exe (file missing)
o23 - service: apple mobile device - apple inc. - c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: autodesk content service - unknown owner - c:\program files (x86)\autodesk\content service\connect.service.contentservice.exe
o23 - service: bonjour-service (bonjour service) - apple inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: bluetooth service (btwdins) - broadcom corporation. - c:\program files\widcomm\bluetooth software\btwdins.exe
o23 - service: com4qlbex - hewlett-packard development company, l.p. - c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe
o23 - service: @%systemroot%\system32\efssvc.dll,-100 (efs) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: fsgkhs (f-secure gatekeeper handler starter) - unknown owner - c:\program files (x86)\f-secure\anti-virus\fsgk32st.exe
o23 - service: @%systemroot%\system32\fxsresm.dll,-118 (fax) - unknown owner - c:\windows\system32\fxssvc.exe (file missing)
o23 - service: flexnet licensing service 64 - flexera software, inc. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe
o23 - service: f-secure anti-virus firewall daemon (fsdfwd) - f-secure corporation - c:\program files (x86)\f-secure\fwes\program\fsdfwd.exe
o23 - service: f-secure management agent (fsma) - f-secure corporation - c:\program files (x86)\f-secure\common\fsma32.exe
o23 - service: f-secure orsp client (fsorspclient) - f-secure corporation - c:\program files (x86)\f-secure\orsp client\fsorsp.exe
o23 - service: gamesappservice - wildtangent, inc. - c:\program files (x86)\wildtangent games\app\gamesappservice.exe
o23 - service: google update-service (gupdate) (gupdate) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files (x86)\google\update\googleupdate.exe
o23 - service: hp support assistant service - hewlett-packard company - c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe
o23 - service: hp quick synchronization service (hpdrvmntsvc.exe) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe
o23 - service: hp software framework service (hpqwmiex) - hewlett-packard company - c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe
o23 - service: hp service (hpsrv) - unknown owner - c:\windows\system32\hpservice.exe (file missing)
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: @keyiso.dll,-100 (keyiso) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\program files (x86)\common files\lightscribe\lssrvc.exe
o23 - service: mozilla maintenance service (mozillamaintenance) - mozilla foundation - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
o23 - service: @comres.dll,-2797 (msdtc) - unknown owner - c:\windows\system32\msdtc.exe (file missing)
o23 - service: @%systemroot%\system32\netlogon.dll,-102 (netlogon) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: nvidia display driver service (nvsvc) - unknown owner - c:\windows\system32\nvvsvc.exe (file missing)
o23 - service: nvidia update service daemon (nvupdatusservice) - nvidia corporation - c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
o23 - service: @%systemroot%\system32\psbase.dll,-300 (protectedstorage) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: protexis licensing v2 (psi_svc_2) - protexis inc. - c:\program files (x86)\common files\protexis\license service\psiservice_2.exe
o23 - service: cyberlink richvideo service(crvs) (richvideo) - unknown owner - c:\program files (x86)\cyberlink\shared files\richvideo.exe
o23 - service: @%systemroot%\system32\locator.exe,-2 (rpclocator) - unknown owner - c:\windows\system32\locator.exe (file missing)
o23 - service: @%systemroot%\system32\samsrv.dll,-1 (samss) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: skype updater (skypeupdate) - skype technologies - c:\program files (x86)\skype\updater\updater.exe
o23 - service: @%systemroot%\system32\snmptrap.exe,-3 (snmptrap) - unknown owner - c:\windows\system32\snmptrap.exe (file missing)
o23 - service: @%systemroot%\system32\spoolsv.exe,-1 (spooler) - unknown owner - c:\windows\system32\spoolsv.exe (file missing)
o23 - service: @%systemroot%\system32\sppsvc.exe,-101 (sppsvc) - unknown owner - c:\windows\system32\sppsvc.exe (file missing)
o23 - service: audio service (stacsv) - idt, inc. - c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
o23 - service: tomtomhomeservice - tomtom - c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe
o23 - service: @%systemroot%\system32\ui0detect.exe,-101 (ui0detect) - unknown owner - c:\windows\system32\ui0detect.exe (file missing)
o23 - service: @%systemroot%\system32\vaultsvc.dll,-1003 (vaultsvc) - unknown owner - c:\windows\system32\lsass.exe (file missing)
o23 - service: @%systemroot%\system32\vds.exe,-100 (vds) - unknown owner - c:\windows\system32\vds.exe (file missing)
o23 - service: @%systemroot%\system32\vssvc.exe,-102 (vss) - unknown owner - c:\windows\system32\vssvc.exe (file missing)
o23 - service: @%systemroot%\system32\wat\watux.exe,-601 (watadminsvc) - unknown owner - c:\windows\system32\wat\watadminsvc.exe (file missing)
o23 - service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - unknown owner - c:\windows\system32\wbengine.exe (file missing)
o23 - service: @%systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiapsrv) - unknown owner - c:\windows\system32\wbem\wmiapsrv.exe (file missing)
o23 - service: @%programfiles%\windows media player\wmpnetwk.exe,-101 (wmpnetworksvc) - unknown owner - c:\program files (x86)\windows media player\wmpnetwk.exe (file missing)
--
end of file - 16733 bytes

[/hjt]


en de uninstall list

Update for Microsoft Office 2007 (KB2508958)
Torrent
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.3) - Nederlands
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Apple Application Support
Apple Software Update
Autodesk Content Service
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
BitTorrent
Compatibiliteitspakket voor het 2007 Microsoft Office system
Corel Paint Shop Pro Photo X2
Corel VideoStudio 12
CyberLink DVD Suite
CyberLink DVD Suite
D3DX10
DAEMON Tools Lite
De Sims 3
De Sims 3 Ambities
De Sims 3 Buitenleven Accessoires
De Sims 3 Levensweg
De Sims 3 Luxe Accessoires
De Sims 3 Na Middernacht
De Sims 3 Supersnelle Accessoires
De Sims 3 Wereldavonturen
DVD Menu Pack for HP MediaSmart Video
DVD Menu Pack for HP MediaSmart Video
ESU for Microsoft Windows 7
FARO LS 1.1.406.58
Football Manager 2011
F-Secure Internet Security 2011
Google Earth Plug-in
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.2.0
HP Customer Experience Enhancements
HP Games


hoop dat iemand tijd heeft om er naar te kijken. Alvast bedankt voor de moeite iig

groetjes
Lunny
 
Omdat Abraham denk ik niet online is (De virussen en malware specialist) kun je wel alvast dit doen:

Welk programma: Malwarebytes MBAM
Waarvoor/waarom: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
Moeilijkheidsgraad: geen.

http://www.malwarebytes.org/mbam-download-exe.php
Allereerst:
Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!

Malwarebytes MBAM opstarten:
Sluit nu eerst alle nog openstaande programmavensters!
Windows 2000 en Windows XP: dubbelklik op de MBAM -snelkoppeling.
Windows Vista en Windows 7: rechtsklik op de MBAM-snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

Let op:
Malwarebytes verstrekt nu de volledige versie van MBAM.
Bij de eerste start kijg je de mogelijkheid de gratis probeerversie van Malwarebytes AntiMalware tijdelijk te gebruiken.
Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan voor de gratis versie te gaan en dus het vinkje bij de probeerversie te verwijderen.
Zodoende zal MBAM als gratis versie verder te gebruiken zijn




Doe ook nog het volgende:
Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".


Scannen:
Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.

Infecties gevonden:
Klik nu eerst op OK om de melding weg te klikken
Klik vervolgens rechtsonder op de knop Bekijk resultaten.
Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.

MBAM-Log:
Het log wordt automatisch bewaard door 'MBAM' en dat kan je terugvinden door in het hoofdmenu van 'MBAM' op de tab 'Logbestanden' te klikken.

Post aansluitend in je volgende bericht de inhoud van het MBAM-log.

Deze tekst is door abraham gemaakt maar dit heb ik even gekopieerd
 
Laatst bewerkt door een moderator:
Mbam gestart en uitgevoerd. Heeft niks gevonden.

hier het logje
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Databaseversie: v2012.08.03.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
HP :: HP-PC [administrator]

3-8-2012 21:36:01
mbam-log-2012-08-03 (21-36-01).txt

Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 219152
Verstreken tijd: 3 minuut/minuten, 49 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

(einde)
 
Doe maar het volgende:

Welk programma: Emsisoft Emergency Kit 1.0
Waarvoor/waarom: Detecteert en verwijdert malware
Moeilijkheidsgraad: geen.
Download: Emsisoft Emergency Kit

Opmerkingen:
  • de download is gecomprimeerd, pak EmsisoftEmergencyKit.zip uit en plaats de nieuwe map op het bureaublad.
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Emsisoft Emergency Kit opstarten door de map "EmsisoftEmergencyKit" te openen
    • Windows 2000 en Windows XP: dubbelklik op "Start.exe".
    • Windows Vista en Windows 7: via rechtsklik op "Start.exe" en kies voor "Als Administrator uitvoeren".

Scannen:
  • Klik nu in het keuzescherm op "Emergency Kit Scanner" en aansluitend komt dan de melding,
    dat het is aanbevolen om eerst te updaten.

    4f8d1a3bd3fbd-EmsisoftEK11.jpg


  • Doe dit dan ook door te klikken op "Ja"
  • Wanneer het updaten gereed is volgt de melding "Update proces is succesvol afgerond"
  • Klik nu op"Menu" en dan op "Scan PC"
  • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  • Klik aansluitend op de knop "Scan"
    • Wees geduldig en doe verder niets met de computer gedurende de scan,
      daar de scan geruime tijd kan duren.
  • Het venster met de waarschuwing over een verhoogd risico kan gesloten worden, wanneer de scan gereed is.

  • Zorg ervoor dat alle gevonden items zijn aangevinkt en klik dan op de knop "Verwijder geselecteerde" - dan zal de volgende melding komen:

    4f8d1a4d61ffa-EmsisoftEK2.jpg


  • Klik aansluitend dus op "Ja"
  • Wanneer het verwijderen klaar is, klik dan op de knop "View report" en selecteer het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  • Plaats de inhoud van dat LOG bestand straks in het nieuwe bericht.
Notabene: Herstart nu de computer.
 
Hallo Abraham54,

scan uitgevoerd en hier het logje

Emsisoft Emergency Kit - Versie 2.0
Laatste Update: 4-8-2012 9:01:03

Scaninstellingen:

Scantype: Diepe scan
Objecten: Rootkits, Geheugen, Sporen, C:\, D:\, E:\
Scan archieven: Aan
ADS Scan: Aan

Scan gestart: 4-8-2012 9:01:44

Key: hkey_current_user\software\imesh Ontdekt: Trace.Registry.imesh!E1
Value: hkey_current_user\software\imesh --> lastopenfiledir Ontdekt: Trace.Registry.imesh!E1
Key: hkey_local_machine\software\trymedia systems Ontdekt: Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software Ontdekt: Trace.Registry.trymedia!E1
C:\Users\HP\Downloads\The Sims 3\Keygen The Sims 3 Outdoor Living Stuff.exe Ontdekt: Riskware.Keygen.Sims3!E2
C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Ontdekt: Adware.Win32.1ClickDownload.AMN!E1
C:\HP\Bin\EndProcess.exe Ontdekt: Riskware.Win32.KillApp!E1

Gescand 748567
Gevonden 7

Scan geindigd: 4-8-2012 10:07:16
Scantijd: 1:05:32

C:\HP\Bin\EndProcess.exe Verwijderd Riskware.Win32.KillApp!E1
C:\Program Files (x86)\1ClickDownload\ocmainpack.exe Verwijderd Adware.Win32.1ClickDownload.AMN!E1
C:\Users\HP\Downloads\The Sims 3\Keygen The Sims 3 Outdoor Living Stuff.exe Verwijderd Riskware.Keygen.Sims3!E2
Key: hkey_local_machine\software\trymedia systems Verwijderd Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software Verwijderd Trace.Registry.trymedia!E1
Key: hkey_current_user\software\imesh Verwijderd Trace.Registry.imesh!E1
Value: hkey_current_user\software\imesh --> lastopenfiledir Verwijderd Trace.Registry.imesh!E1

Verwijderd 7
 
Oppassen met keygens!
Voordat je het weet zit er al actieve malware in jouw Windows die nog meer daarvan binnenhaald.

Doe daarom nu eerst dit:

Welk programma: TDSSStarter .exe
Waarvoor/waarom: Rootkitscanner
Moeilijkheidsgraad: geen
Download TDSSStarter naar het bureaublad.

"TDSSSStarter.exe" gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start " TDSSStarter .exe" middels dubbelklikken er op .
    • Windows Vista en Windows 7: start " TDSSStarter .exe" middels rechtsklik en kies dan voor Als Administrator uitvoeren.
  • Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
  • Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.
 
Ook dit is weer gedaan

het nieuwste logje

12:04:20.0634 8148 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:04:20.0654 8148 ============================================================
12:04:20.0654 8148 Current date / time: 2012/08/04 12:04:20.0654
12:04:20.0654 8148 SystemInfo:
12:04:20.0654 8148
12:04:20.0654 8148 OS Version: 6.1.7601 ServicePack: 1.0
12:04:20.0654 8148 Product type: Workstation
12:04:20.0654 8148 ComputerName: HP-PC
12:04:20.0654 8148 UserName: HP
12:04:20.0654 8148 Windows directory: C:\Windows
12:04:20.0654 8148 System windows directory: C:\Windows
12:04:20.0654 8148 Running under WOW64
12:04:20.0654 8148 Processor architecture: Intel x64
12:04:20.0654 8148 Number of processors: 4
12:04:20.0654 8148 Page size: 0x1000
12:04:20.0654 8148 Boot type: Normal boot
12:04:20.0654 8148 ============================================================
12:04:23.0125 8148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:04:23.0155 8148 ============================================================
12:04:23.0155 8148 \Device\Harddisk0\DR0:
12:04:23.0165 8148 MBR partitions:
12:04:23.0165 8148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
12:04:23.0165 8148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x380D1800
12:04:23.0165 8148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38135800, BlocksNum 0x221C800
12:04:23.0165 8148 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
12:04:23.0165 8148 ============================================================
12:04:23.0425 8148 C: <-> \Device\Harddisk0\DR0\Partition1
12:04:23.0735 8148 D: <-> \Device\Harddisk0\DR0\Partition2
12:04:23.0805 8148 E: <-> \Device\Harddisk0\DR0\Partition3
12:04:23.0985 8148 ============================================================
12:04:23.0985 8148 Initialize success
12:04:23.0985 8148 ============================================================
12:04:24.0075 5352 ============================================================
12:04:24.0075 5352 Scan started
12:04:24.0075 5352 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
12:04:24.0075 5352 ============================================================
12:04:39.0356 5352 \Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:04:40.0796 5352 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:04:41.0486 5352 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Users\HP\Desktop\Run\a2ddax64.sys
12:04:41.0777 5352 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
12:04:42.0127 5352 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:04:42.0557 5352 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:04:43.0257 5352 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:04:43.0887 5352 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:04:44.0457 5352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:04:45.0137 5352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:04:46.0178 5352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:04:46.0348 5352 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:04:47.0188 5352 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
12:04:47.0438 5352 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:04:48.0278 5352 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:04:48.0398 5352 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:04:48.0488 5352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:04:48.0558 5352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:04:48.0618 5352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:04:48.0808 5352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:04:48.0948 5352 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:04:49.0078 5352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:04:49.0148 5352 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:04:49.0248 5352 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:04:49.0428 5352 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:04:49.0568 5352 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:04:49.0808 5352 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:04:49.0978 5352 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:04:50.0028 5352 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:04:50.0188 5352 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:04:50.0278 5352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:04:50.0428 5352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:04:50.0638 5352 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:04:50.0918 5352 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:04:51.0128 5352 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
12:04:51.0328 5352 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:04:51.0508 5352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:04:51.0718 5352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:04:52.0609 5352 BCM43XX (6c95dd14cfd30b0617b91dc6a0b1a1fb) C:\Windows\system32\DRIVERS\bcmwl664.sys
12:04:53.0049 5352 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:04:53.0239 5352 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:04:53.0449 5352 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:04:53.0879 5352 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:04:54.0189 5352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:04:54.0549 5352 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
12:04:54.0749 5352 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:04:54.0829 5352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:04:54.0949 5352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:04:55.0009 5352 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:04:55.0129 5352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:04:55.0259 5352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:04:55.0339 5352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:04:55.0399 5352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:04:55.0949 5352 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:04:56.0859 5352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:04:58.0799 5352 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:04:59.0039 5352 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:04:59.0319 5352 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:04:59.0429 5352 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:04:59.0529 5352 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
12:04:59.0599 5352 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
12:04:59.0849 5352 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:05:00.0039 5352 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:05:00.0069 5352 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
12:05:00.0149 5352 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:05:00.0299 5352 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:05:00.0419 5352 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:05:00.0559 5352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:05:00.0709 5352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:05:00.0869 5352 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:00.0959 5352 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:05:01.0059 5352 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:01.0379 5352 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:05:01.0449 5352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:05:01.0519 5352 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:05:01.0629 5352 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:05:01.0829 5352 Com4QLBEx (f9a79c5b27037821112c50a9c8fb367a) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
12:05:01.0899 5352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:05:01.0959 5352 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:05:02.0029 5352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:05:02.0109 5352 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:05:02.0379 5352 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:05:02.0599 5352 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:05:02.0749 5352 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:05:02.0879 5352 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:05:03.0009 5352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:05:03.0179 5352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:05:03.0289 5352 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:05:03.0399 5352 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:05:03.0539 5352 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:05:03.0679 5352 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:05:03.0799 5352 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:05:04.0109 5352 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:05:04.0339 5352 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:05:05.0200 5352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:05:05.0560 5352 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:05:05.0930 5352 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:05:06.0230 5352 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:05:06.0410 5352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:05:06.0540 5352 enecir (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
12:05:06.0620 5352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:05:06.0730 5352 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:05:06.0890 5352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:05:07.0070 5352 F-Secure Gatekeeper (169897de484a79120af8c201883efdc4) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys
12:05:07.0230 5352 F-Secure Gatekeeper Handler Starter (a081425c6a0286affccbe1f7ee1f9f23) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
12:05:07.0370 5352 F-Secure HIPS (1c8ab0d7d5451c58962940539f913473) C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys
12:05:07.0510 5352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:05:07.0760 5352 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:05:07.0920 5352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:05:07.0980 5352 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:05:08.0120 5352 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:05:08.0250 5352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:05:08.0310 5352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:05:09.0171 5352 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:05:09.0831 5352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:09.0991 5352 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:05:10.0141 5352 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:05:10.0361 5352 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:10.0541 5352 fsbts (d5c492752fccb61bffae361c82f914ac) C:\Windows\system32\Drivers\fsbts.sys
12:05:10.0691 5352 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:05:11.0211 5352 FSDFWD (4fb994aa29be9d11f17e579cf9941093) C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
12:05:11.0481 5352 FSES (81491719ad2f5bb3563334f87c82f734) C:\Windows\system32\drivers\fses.sys
12:05:11.0551 5352 FSFW (b5b3d6eb4f40abfc4f28be0e5b5538e5) C:\Windows\system32\drivers\fsdfw.sys
12:05:11.0621 5352 FSMA (7f0c12d9c38a51319687132c41a36468) C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
12:05:11.0831 5352 FSORSPClient (42aef6a385354aca65fc210ce7ce4d7c) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
12:05:12.0001 5352 fsvista (8a920e6cff3163c843c06e14cf787bd8) C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys
12:05:12.0071 5352 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:05:12.0551 5352 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:05:12.0651 5352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:05:12.0771 5352 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:05:12.0891 5352 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:05:13.0151 5352 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:05:13.0501 5352 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:13.0621 5352 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:13.0681 5352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:05:13.0811 5352 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:05:13.0941 5352 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:05:14.0021 5352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:05:14.0081 5352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:05:14.0191 5352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:05:14.0281 5352 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:05:14.0401 5352 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:05:14.0491 5352 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:05:14.0751 5352 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:05:14.0901 5352 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:05:15.0131 5352 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:05:15.0231 5352 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:05:15.0341 5352 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
12:05:15.0431 5352 HpqKbFiltr (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
12:05:15.0591 5352 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:05:15.0851 5352 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:05:15.0971 5352 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
12:05:16.0341 5352 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:05:16.0591 5352 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:05:16.0671 5352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:05:16.0801 5352 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys
12:05:16.0911 5352 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:05:17.0101 5352 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:05:17.0271 5352 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:05:17.0271 5352 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:05:17.0811 5352 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:05:19.0961 5352 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:05:20.0371 5352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:05:20.0561 5352 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:05:20.0993 5352 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\DRIVERS\Impcd.sys
12:05:21.0083 5352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:05:21.0163 5352 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:05:21.0273 5352 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:05:21.0423 5352 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:21.0593 5352 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:05:21.0753 5352 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:05:21.0833 5352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:05:22.0103 5352 iPod Service (3c0d4b3e80fc4854ca325dd123cc4ded) C:\Program Files\iPod\bin\iPodService.exe
12:05:22.0273 5352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:05:22.0393 5352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:05:22.0453 5352 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:05:22.0563 5352 JMCR (f8844b00c10e386c704c610e95a9847d) C:\Windows\system32\DRIVERS\jmcr.sys
12:05:22.0663 5352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:05:22.0703 5352 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:05:22.0773 5352 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:22.0873 5352 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:05:22.0953 5352 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:05:23.0023 5352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:05:23.0133 5352 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:05:23.0323 5352 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:05:23.0473 5352 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:05:23.0653 5352 LightScribeService (2238b91ac1a12cc6cc4c4fed41258b2a) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:05:23.0703 5352 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
12:05:23.0703 5352 LightScribeService - detected UnsignedFile.Multi.Generic (1)
12:05:23.0763 5352 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:05:23.0873 5352 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:05:23.0983 5352 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:05:24.0083 5352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:05:24.0113 5352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:05:24.0173 5352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:05:24.0243 5352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:05:24.0303 5352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:05:24.0423 5352 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
12:05:24.0623 5352 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:05:24.0843 5352 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:05:24.0923 5352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:05:25.0003 5352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:05:25.0083 5352 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:05:25.0203 5352 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:05:25.0323 5352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:05:25.0393 5352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:05:25.0443 5352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:05:25.0533 5352 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:05:25.0683 5352 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:05:25.0753 5352 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:05:25.0813 5352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:05:26.0053 5352 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:05:26.0293 5352 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:05:26.0373 5352 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:26.0503 5352 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:26.0593 5352 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:26.0643 5352 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:05:26.0713 5352 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:05:26.0793 5352 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:05:26.0883 5352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:05:26.0963 5352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:05:27.0033 5352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:05:27.0093 5352 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:05:27.0243 5352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:05:27.0873 5352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:28.0923 5352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:05:30.0814 5352 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:05:30.0964 5352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:05:31.0024 5352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:05:31.0114 5352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:05:31.0204 5352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:05:31.0324 5352 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:05:31.0484 5352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:05:31.0754 5352 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:05:31.0894 5352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:05:32.0014 5352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:32.0154 5352 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:32.0284 5352 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:32.0494 5352 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:05:32.0594 5352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:05:32.0704 5352 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:05:32.0844 5352 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:32.0944 5352 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:05:33.0284 5352 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:33.0344 5352 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:33.0414 5352 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:05:33.0624 5352 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:33.0654 5352 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:35.0374 5352 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
12:05:35.0884 5352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:05:36.0014 5352 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:05:36.0164 5352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:05:36.0334 5352 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:05:36.0464 5352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:05:37.0204 5352 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:05:38.0234 5352 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:05:38.0424 5352 NVHDA (102806b360d0e6bc6e55bf47ef655d43) C:\Windows\system32\drivers\nvhda64v.sys
12:05:43.0505 5352 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:05:44.0495 5352 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:05:44.0625 5352 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:05:44.0785 5352 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
12:05:45.0555 5352 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:05:46.0065 5352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:05:46.0225 5352 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:05:46.0455 5352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:05:46.0585 5352 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:05:46.0675 5352 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:05:46.0825 5352 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:05:46.0915 5352 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:05:46.0985 5352 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:05:47.0055 5352 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:05:47.0175 5352 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:05:47.0255 5352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:05:47.0315 5352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:05:47.0475 5352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:05:47.0946 5352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:05:48.0656 5352 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:05:48.0896 5352 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:05:49.0096 5352 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:05:49.0256 5352 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:05:49.0336 5352 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:05:49.0456 5352 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:05:49.0606 5352 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:05:49.0756 5352 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:05:49.0856 5352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:05:49.0926 5352 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:05:50.0026 5352 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:50.0106 5352 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:05:50.0246 5352 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:05:50.0426 5352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:05:50.0636 5352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:05:50.0699 5352 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:05:50.0769 5352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:05:50.0809 5352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:05:50.0899 5352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:05:50.0989 5352 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:05:51.0089 5352 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:51.0259 5352 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:05:51.0379 5352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:51.0489 5352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:05:51.0619 5352 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:05:51.0749 5352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:05:51.0789 5352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:51.0869 5352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:05:51.0939 5352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:05:52.0039 5352 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:05:52.0229 5352 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:05:52.0299 5352 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:05:52.0399 5352 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:05:52.0509 5352 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:05:52.0649 5352 RichVideo (498eb62a160674e793fa40fd65390625) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:05:52.0739 5352 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:05:52.0819 5352 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
12:05:52.0879 5352 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:05:52.0969 5352 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:05:53.0049 5352 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:05:53.0209 5352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:05:53.0339 5352 RTL8167 (5b04929ef24f87e239b880faae410e3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:05:53.0449 5352 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:53.0549 5352 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:05:53.0619 5352 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:05:53.0669 5352 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:05:53.0739 5352 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:05:53.0879 5352 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:05:54.0059 5352 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:05:54.0279 5352 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:05:54.0399 5352 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
12:05:54.0489 5352 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:05:54.0619 5352 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:05:54.0720 5352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:05:54.0810 5352 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:05:54.0940 5352 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:05:55.0060 5352 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:05:55.0130 5352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:05:55.0190 5352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:05:55.0260 5352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:05:55.0340 5352 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:05:55.0450 5352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:05:55.0530 5352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:05:55.0570 5352 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:05:55.0630 5352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:05:55.0731 5352 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:05:55.0891 5352 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:05:56.0001 5352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:05:56.0051 5352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:05:56.0211 5352 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
12:05:56.0381 5352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:05:56.0501 5352 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:05:56.0571 5352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:05:56.0661 5352 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:05:57.0011 5352 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:05:57.0451 5352 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:05:57.0601 5352 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:05:57.0781 5352 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:05:57.0901 5352 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
12:05:58.0051 5352 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
12:05:58.0381 5352 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
12:05:58.0491 5352 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:05:58.0581 5352 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:05:58.0661 5352 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:05:58.0821 5352 STacSV (7595d53ee8e8b0baa9a2ddde867ebb0c) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
12:05:58.0911 5352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:05:58.0991 5352 STHDA (dffbc024dfc7bb05b2129e05cbc7a201) C:\Windows\system32\DRIVERS\stwrt64.sys
12:05:59.0151 5352 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
12:05:59.0321 5352 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:05:59.0431 5352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:05:59.0501 5352 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:05:59.0711 5352 SynTP (ac3cc98b1bdb6540021d3ffb105ac2b9) C:\Windows\system32\DRIVERS\SynTP.sys
12:05:59.0926 5352 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:06:00.0256 5352 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:06:00.0336 5352 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:06:00.0426 5352 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:06:00.0686 5352 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:06:01.0086 5352 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:06:01.0306 5352 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:06:01.0416 5352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:06:01.0486 5352 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:06:01.0546 5352 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:06:01.0616 5352 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:06:01.0696 5352 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:06:01.0876 5352 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:06:01.0956 5352 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:06:02.0116 5352 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
12:06:02.0196 5352 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:06:02.0336 5352 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:06:02.0476 5352 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:06:02.0606 5352 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:06:02.0716 5352 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:06:02.0806 5352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:06:02.0856 5352 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:06:02.0956 5352 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:06:03.0026 5352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:06:03.0086 5352 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:06:03.0186 5352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:06:03.0256 5352 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:06:03.0386 5352 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
12:06:03.0476 5352 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:03.0586 5352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:06:03.0656 5352 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:06:03.0786 5352 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:06:03.0866 5352 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:06:03.0936 5352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:06:04.0036 5352 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:06:04.0106 5352 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:04.0206 5352 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:06:04.0316 5352 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:06:04.0396 5352 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:06:04.0486 5352 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:06:04.0616 5352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:06:04.0796 5352 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:06:05.0006 5352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:05.0066 5352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:06:05.0176 5352 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:06:05.0226 5352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:06:05.0286 5352 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:06:05.0366 5352 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:06:05.0456 5352 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:06:05.0566 5352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:06:05.0736 5352 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:06:06.0016 5352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:06:06.0096 5352 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:06:06.0186 5352 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:06:06.0276 5352 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:06:06.0416 5352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:06:06.0476 5352 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:06:06.0556 5352 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:06:06.0726 5352 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:06:07.0007 5352 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:06:07.0307 5352 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:06:07.0417 5352 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:06:07.0517 5352 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:06:07.0617 5352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:06:07.0727 5352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:06:07.0837 5352 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:06:07.0947 5352 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:06:08.0027 5352 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:06:08.0207 5352 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:06:08.0317 5352 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:06:08.0397 5352 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:06:08.0497 5352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:06:08.0577 5352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:06:08.0697 5352 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:06:08.0937 5352 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:06:09.0297 5352 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:06:09.0427 5352 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:06:09.0757 5352 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:06:10.0027 5352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:06:10.0127 5352 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:06:10.0277 5352 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:06:10.0347 5352 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:06:10.0417 5352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:06:10.0507 5352 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:06:10.0757 5352 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:06:11.0027 5352 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:06:11.0157 5352 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:06:11.0307 5352 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:06:11.0407 5352 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:06:11.0507 5352 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
12:06:11.0617 5352 MBR (0x1B8) (8da629ea6f0b633d49623895eba245ce) \Device\Harddisk0\DR0
12:06:11.0917 5352 Boot (0x1200) (5ec757c1b50197eac8774e4149210fe7) \Device\Harddisk0\DR0\Partition0
12:06:11.0937 5352 Boot (0x1200) (f35ff6fc92557a65570b3569d6e877b1) \Device\Harddisk0\DR0\Partition1
12:06:11.0967 5352 Boot (0x1200) (3f83d8ad28671d515899c241c65a2f42) \Device\Harddisk0\DR0\Partition2
12:06:11.0987 5352 Boot (0x1200) (857b9ccb3e0dc15f07c91359bdc62b33) \Device\Harddisk0\DR0\Partition3
12:06:11.0987 5352 ============================================================
12:06:11.0987 5352 Scan finished
12:06:11.0987 5352 ============================================================
12:06:12.0527 1844 Deinitialize success
.
==============================================
System Restore Point Check:
.
TDSSKiller Starter Restore Point Created Succesfully
==============================================
Registry Export
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile\GloballyOpenPorts\List]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
==============================================
EOF


en ik zal er voor uitkijken
 
We gaan door:

Welk programma: ComboFix
Waarvoor/waarom: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen.
Moeilijkheidsgraad: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden!
Download ComboFix via n van deze locaties:
Hier zie je hoe je ComboFix moet gebruiken.

Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
ComboFix opstarten:
  • Windows 2000 en Windows XP: dubbelklik op ComboFix.exe.
  • Windows Vista en Windows 7: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".
ComboFix is opgestart:
  • Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  • Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
  • Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  • Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  • Post de inhoud van dit logbestand via DDRMMR's kleurcodeerder in je volgende bericht.
  • Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt
Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
Laatst bewerkt:
is ook uitgevoerd maar een logje krijg ik maar niet. Hij blijft hangen op een logje maken. Doe ik iets verkeerd? Venster,waar staat dat hij en rapport aan het maken is, staat wel een uur open

---------- Bericht toegevoegd op 17:08 ---------- Vorige bericht was op 16:25 ----------

na een keer opnieuw opstarten is het de 3e keer wel gelukt

hier dan het logje

[hjt]
combofix 12-08-04.02 - hp 04-08-2012 17:01:51.4.4 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.4023.2499 [gmt 2:00]
gestart vanuit: c:\users\hp\desktop\combofix.exe
av: f-secure internet security 2011 10.51 *disabled/updated* {15414183-282e-d62c-ca37-ef24860a2f17}
fw: f-secure internet security 2011 10.51 *disabled* {2d7ac0a6-6241-d774-e168-461178d9686c}
sp: f-secure internet security 2011 10.51 *disabled/updated* {ae20a067-0e14-d9a2-f087-d456fd8d65aa}
sp: windows defender *disabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((( bestanden gemaakt van 2012-07-04 to 2012-08-04 ))))))))))))))))))))))))))))))
.
.
2012-08-04 15:09 . 2012-08-04 15:09 -------- d-----w- c:\users\updatususer\appdata\local\temp
2012-08-04 15:09 . 2012-08-04 15:09 -------- d-----w- c:\users\default\appdata\local\temp
2012-08-04 10:04 . 2012-08-04 10:06 -------- d-----w- c:\tdssstarter
2012-08-03 19:34 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-03 14:55 . 2012-08-03 14:55 -------- d-----w- c:\users\hp\appdata\local\unity
2012-08-03 14:47 . 2012-08-03 16:43 -------- d-----w- c:\programdata\spybot - search & destroy
2012-08-03 14:47 . 2012-08-03 14:49 -------- d-----w- c:\program files (x86)\spybot - search & destroy
2012-08-03 13:41 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{66d60fb0-7657-4699-86d1-cf0320f145b4}\mpengine.dll
2012-08-03 12:45 . 2012-08-03 13:37 70344 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2012-08-03 12:45 . 2012-08-03 13:37 426184 ----a-w- c:\windows\syswow64\flashplayerapp.exe
2012-08-02 17:34 . 2012-08-02 17:34 955888 ----a-w- c:\windows\system32\npdeployjava1.dll
2012-08-02 17:34 . 2012-08-02 17:34 839152 ----a-w- c:\windows\system32\deployjava1.dll
2012-08-02 17:34 . 2012-08-02 17:34 268784 ----a-w- c:\windows\system32\javaws.exe
2012-08-02 17:34 . 2012-08-02 17:34 189424 ----a-w- c:\windows\system32\javaw.exe
2012-08-02 17:34 . 2012-08-02 17:34 188912 ----a-w- c:\windows\system32\java.exe
2012-08-02 17:28 . 2012-08-02 17:28 -------- d-----w- c:\program files\microsoft silverlight
2012-08-02 17:28 . 2012-08-02 17:28 -------- d-----w- c:\program files (x86)\microsoft silverlight
2012-07-22 17:28 . 2012-08-04 08:07 -------- d-----w- c:\program files (x86)\1clickdownload
2012-07-11 20:45 . 2012-07-11 20:45 -------- d-----w- c:\program files (x86)\common files\java
2012-07-11 18:11 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 18:08 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 18:08 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 18:08 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\syswow64\msxml6.dll
2012-07-11 18:08 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\syswow64\msxml3.dll
2012-07-11 18:08 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 18:08 . 2010-06-26 03:24 2048 ----a-w- c:\windows\syswow64\msxml3r.dll
2012-07-11 18:08 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-11 18:07 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 18:07 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 18:07 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 18:07 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 18:09 . 2010-12-01 16:33 59701280 ----a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-22 04:44 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 04:44 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 04:44 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 04:44 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 04:44 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 04:44 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 04:44 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 04:43 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 04:43 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-11-30 16:56 279656 ------w- c:\windows\system32\mpsigstub.exe
2012-05-15 10:48 . 2012-05-22 19:02 25743168 ----a-w- c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-05-22 19:02 19607872 ----a-w- c:\windows\syswow64\nvoglv32.dll
2012-05-15 10:48 . 2012-05-22 19:02 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2012-05-22 19:02 8139072 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-05-22 19:02 5982528 ----a-w- c:\windows\syswow64\nvcuda.dll
2012-05-15 10:48 . 2012-05-22 19:02 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-22 19:02 2681664 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-05-22 19:02 2524992 ----a-w- c:\windows\syswow64\nvcuvid.dll
2012-05-15 10:48 . 2012-05-22 19:02 2445120 ----a-w- c:\windows\syswow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-22 19:02 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-05-22 19:02 25248064 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-05-22 19:02 2368832 ----a-w- c:\windows\syswow64\nvapi.dll
2012-05-15 10:48 . 2012-05-22 19:02 17551680 ----a-w- c:\windows\syswow64\nvcompiler.dll
2012-05-15 10:48 . 2012-02-21 20:48 68928 ----a-w- c:\windows\system32\opencl.dll
2012-05-15 10:48 . 2012-02-21 20:48 61248 ----a-w- c:\windows\syswow64\opencl.dll
2012-05-15 10:48 . 2011-11-08 19:18 8105280 ----a-w- c:\windows\syswow64\nvwgf2um.dll
2012-05-15 10:48 . 2011-11-08 19:18 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-08 19:18 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2009-11-29 17:20 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2009-11-29 17:20 15322432 ----a-w- c:\windows\syswow64\nvd3dum.dll
2012-05-15 10:48 . 2009-11-29 17:20 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-05-15 09:29 . 2009-11-28 20:56 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2009-11-28 20:55 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2009-11-28 20:55 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2009-11-28 20:55 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2009-11-28 20:55 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2009-11-28 20:55 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 04:01 . 2012-06-13 19:47 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 19:47 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 19:47 981504 ----a-w- c:\windows\syswow64\wininet.dll
2012-05-09 15:34 . 2012-05-09 15:34 55960 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-05-09 10:21 . 2012-06-11 20:44 476936 ----a-w- c:\windows\syswow64\npdeployjava1.dll
2012-05-09 10:21 . 2010-11-30 16:28 472840 ----a-w- c:\windows\syswow64\deployjava1.dll
.
.
((((((((((((((((((((((((((((( snapshot@2012-08-04_13.27.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2012-08-04 14:43 48066 c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin
- 2010-11-29 13:35 . 2012-08-04 05:15 17204 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-3442539709-156371235-3733390187-1000_userdata.bin
+ 2010-11-29 13:35 . 2012-08-04 14:43 17204 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-3442539709-156371235-3733390187-1000_userdata.bin
- 2010-11-30 16:16 . 2012-08-04 05:15 16384 c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-30 16:16 . 2012-08-04 14:43 16384 c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
- 2010-11-30 16:16 . 2012-08-04 05:15 32768 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
+ 2010-11-30 16:16 . 2012-08-04 14:43 32768 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
- 2010-11-30 16:16 . 2012-08-04 05:15 16384 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
+ 2010-11-30 16:16 . 2012-08-04 14:43 16384 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 12:47 . 2012-08-04 13:12 16384 c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-29 12:47 . 2012-08-04 15:07 16384 c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-29 12:47 . 2012-08-04 15:07 16384 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 12:47 . 2012-08-04 13:12 16384 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 10:46 . 2012-08-03 20:44 8670 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\bluetooth\bthservsdp.dat
+ 2010-11-29 10:46 . 2012-08-04 14:40 8670 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\bluetooth\bthservsdp.dat
+ 2012-08-04 14:41 . 2012-08-04 14:41 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
- 2012-08-04 05:12 . 2012-08-04 05:12 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
- 2012-08-04 05:12 . 2012-08-04 05:12 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
+ 2012-08-04 14:41 . 2012-08-04 14:41 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
+ 2009-07-14 05:01 . 2012-08-04 14:40 374172 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
- 2009-07-14 05:01 . 2012-08-03 20:44 374172 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
+ 2010-11-29 13:56 . 2012-08-04 14:40 60086968 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-s-1-5-21-3442539709-156371235-3733390187-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_local_machine\wow6432node\~\browser helper objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll [bu]
.
[hkey_local_machine\software\wow6432node\microsoft\internet explorer\toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll [bu]
.
[hkey_classes_root\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"lightscribe control panel"=c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe [2009-08-20 2363392]
"restart_sticky_notes"=c:\windows\system32\stikynot.exe [bu]
"hpadvisor"=c:\program files (x86)\hewlett-packard\hp advisor\hpadvisor.exe [bu]
"tomtomhome.exe"=c:\program files (x86)\tomtom home 2\tomtomhomerunner.exe [2012-01-23 247728]
"isuspm"=c:\program files (x86)\common files\installshield\updateservice\isuspm.exe [bu]
"superantispyware"=c:\program files\superantispyware\superantispyware.exe [2012-07-24 5661056]
"ea core"=c:\program files (x86)\electronic arts\eadm\core.exe [bu]
"hp photosmart 7510 series (net)"=c:\program files\hp\hp photosmart 7510 series\bin\scantopcactivationapp.exe [2011-08-31 2676584]
"daemon tools lite"=c:\program files (x86)\daemon tools lite\dtlite.exe [2012-02-13 3481408]
"skype"=c:\program files (x86)\skype\phone\skype.exe [2012-07-13 17418928]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"corel file shell monitor"=c:\program files (x86)\corel\corel paint shop pro photo x2\coreliomonitor.exe [2009-08-25 15544]
"hpcam_menu"=c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe [2009-05-19 222504]
"qlbctrl.exe"=c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe [2009-08-20 322104]
"easybits recovery"=c:\program files (x86)\easybits for kids\ezrecover.exe [2009-09-02 60464]
"wirelessassistant"=c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe [2009-07-23 498744]
"f-secure manager"=c:\program files (x86)\f-secure\common\fsm32.exe [2010-11-30 201384]
"f-secure tnb"=c:\program files (x86)\f-secure\fsgui\tnbutil.exe [2010-11-30 1655464]
"divx download manager"=c:\program files (x86)\divx\divx plus web player\ddmservice.exe [bu]
"adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2012-01-03 843712]
"apsdaemon"=c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe [2012-02-20 59240]
"ituneshelper"=c:\program files (x86)\itunes\ituneshelper.exe [2011-10-09 421736]
"hp software update"=c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2011-05-10 49208]
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2012-01-18 254696]
"quicktime task"=c:\program files (x86)\quicktime\qttask.exe [2012-04-18 421888]
"malwarebytes' anti-malware"=c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe [2012-07-03 462920]
.
c:\users\hp\appdata\roaming\microsoft\windows\start menu\programs\startup\
inktwaarschuwingen controleren - hp photosmart 7510 series (netwerk).lnk - c:\windows\system32\rundll32.exe [2009-7-14 45568]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
bluetooth.lnk - c:\program files\widcomm\bluetooth software\bttray.exe [2009-9-4 1081632]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 5 (0x5)
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
"hidefastuserswitching"= 0 (0x0)
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shellexecutehooks]
.
[hkey_local_machine\system\currentcontrolset\control\lsa]
security packages reg_multi_sz kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\!sascore]
@=""
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wdf01000.sys]
@="driver"
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
r2 ezsharedsvc;easybits shared services for windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
r2 gupdate;google update-service (gupdate);c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 136176]
r2 nvupdatusservice;nvidia update service daemon;c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe [2012-05-15 1262400]
r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe [2012-07-03 160944]
r3 adobeflashplayerupdatesvc;adobe flash player update service;c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2012-08-03 250056]
r3 flexnet licensing service 64;flexnet licensing service 64;c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe [2012-03-12 1431888]
r3 gamesappservice;gamesappservice;c:\program files (x86)\wildtangent games\app\gamesappservice.exe [2010-10-12 206072]
r3 gupdatem;google update-service (gupdatem);c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 136176]
r3 mozillamaintenance;mozilla maintenance service;c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe [2012-07-20 113120]
r3 netw5v64;intel(r) wireless wifi link 5000 series adapter driver for windows vista 64 bit;c:\windows\system32\drivers\netw5v64.sys [2009-06-10 5434368]
r3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt64win7.sys [2009-10-03 258560]
r3 srvhsfhda;srvhsfhda;c:\windows\system32\drivers\vstazl6.sys [2009-06-10 292864]
r3 srvhsfv92;srvhsfv92;c:\windows\system32\drivers\vstdpv6.sys [2009-06-10 1485312]
r3 srvhsfwinac;srvhsfwinac;c:\windows\system32\drivers\vstcnxt6.sys [2009-06-10 740864]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
r3 usbaapl64;apple mobile usb driver;c:\windows\system32\drivers\usbaapl64.sys [2011-05-10 51712]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe [2010-12-01 1255736]
r3 yukonw7;ndis6.2 miniport driver for marvell yukon ethernet controller;c:\windows\system32\drivers\yk62x64.sys [2009-06-10 389120]
s0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-05-09 55960]
s1 a2dda;a2 direct disk access support driver;c:\users\hp\desktop\run\a2ddax64.sys [2012-08-04 23208]
s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-03-12 283200]
s1 f-secure hips;f-secure hips driver;c:\program files (x86)\f-secure\hips\drivers\fshs.sys [2010-11-30 61960]
s1 fses;f-secure email scanning driver;c:\windows\system32\drivers\fses.sys [2010-11-30 46664]
s1 fsfw;f-secure firewall driver;c:\windows\system32\drivers\fsdfw.sys [2010-11-30 95784]
s1 fsvista;f-secure vista support driver;c:\program files (x86)\f-secure\anti-virus\minifilter\fsvista.sys [2010-11-30 15016]
s1 sasdifsv;sasdifsv;c:\program files\superantispyware\sasdifsv64.sys [2011-07-22 14928]
s1 saskutil;saskutil;c:\program files\superantispyware\saskutil64.sys [2011-07-12 12368]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [2009-07-14 59904]
s2 !sascore;sas core service;c:\program files\superantispyware\sascore64.exe [2011-08-11 140672]
s2 adobearmservice;adobe acrobat update service;c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe [2012-01-03 63928]
s2 aestfilters;andrea st filters service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe [2009-03-02 89600]
s2 autodesk content service;autodesk content service;c:\program files (x86)\autodesk\content service\connect.service.contentservice.exe [2011-02-02 18656]
s2 hp support assistant service;hp support assistant service;c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe [2011-09-09 86072]
s2 hpdrvmntsvc.exe;hp quick synchronization service;c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe [2011-03-28 94264]
s2 hpsrv;hp service;c:\windows\system32\hpservice.exe [2011-05-13 30520]
s2 mbamservice;mbamservice;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2012-07-03 655944]
s2 tomtomhomeservice;tomtomhomeservice;c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe [2012-01-23 92592]
s3 btwl2cap;bluetooth l2cap service;c:\windows\system32\drivers\btwl2cap.sys [2009-09-17 35104]
s3 com4qlbex;com4qlbex;c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe [2009-05-05 228408]
s3 enecir;ene cir receiver;c:\windows\system32\drivers\enecir.sys [2009-06-29 70656]
s3 f-secure gatekeeper;f-secure gatekeeper;c:\program files (x86)\f-secure\anti-virus\minifilter\fsgk.sys [2012-05-29 199848]
s3 fsorspclient;f-secure orsp client;c:\program files (x86)\f-secure\orsp client\fsorsp.exe [2011-05-23 61088]
s3 impcd;impcd;c:\windows\system32\drivers\impcd.sys [2009-10-13 151040]
s3 jmcr;jmcr;c:\windows\system32\drivers\jmcr.sys [2009-07-21 140712]
s3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
s3 nvhda;service for nvidia high definition audio driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
s3 vwifimp;microsoft virtual wifi miniport service;c:\windows\system32\drivers\vwifimp.sys [2009-07-14 17920]
.
.
--- andere services/drivers in geheugen ---
.
*newlycreated* - ws2ifsl
.
hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\svchost - netsvcs
ezsharedsvc
.
[hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{10880d85-aad9-4558-abdc-2ab1552d831f}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\common files\lightscribe\lsrunonce.exe
.
inhoud van de 'gedeelde taken' map
.
2012-08-04 c:\windows\tasks\adobe flash player updater.job
- c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2012-08-03 13:37]
.
2012-08-04 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 21:34]
.
2012-08-04 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 21:34]
.
2012-08-03 c:\windows\tasks\googleupdatetaskusers-1-5-21-3442539709-156371235-3733390187-1000core.job
- c:\users\hp\appdata\local\google\update\googleupdate.exe [2011-08-15 20:20]
.
2012-08-04 c:\windows\tasks\googleupdatetaskusers-1-5-21-3442539709-156371235-3733390187-1000ua.job
- c:\users\hp\appdata\local\google\update\googleupdate.exe [2011-08-15 20:20]
.
2012-08-04 c:\windows\tasks\hp photo creations messager.job
- c:\programdata\hp photo creations\messagecheck.exe [2011-02-15 10:11]
.
2012-07-27 c:\windows\tasks\hpceescheduleforhp-pc$.job
- c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe [2009-10-07 03:22]
.
2012-07-31 c:\windows\tasks\hpceescheduleforhp.job
- c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe [2009-10-07 03:22]
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"smartmenu"=c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe [2009-08-25 610872]
"sunjavaupdatesched"=c:\program files\java\jre6\bin\jusched.exe [2010-01-08 171520]
"systrayapp"=c:\program files\idt\wdm\sttray64.exe [2010-03-23 487424]
.
[hkey_local_machine\software\microsoft\windows nt\currentversion\windows]
"loadappinit_dlls"=0x1
.
------- bijkomende scan -------
.
ustart page = hxxp://search.imesh.net
ulocal page = c:\windows\system32\blank.htm
mlocal page = c:\windows\syswow64\blank.htm
uinternet settings,proxyoverride = *.local
ie: afbeelding verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
ie: e&xporteren naar microsoft excel - c:\progra~2\micros~1\office12\excel.exe/3000
ie: pagina verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
lsp: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
tcp: dhcpnameserver = 192.168.0.1
ff - profilepath - c:\users\hp\appdata\roaming\mozilla\firefox\profiles\w29d0adv.default-1343927698593\
.
- - - - orphans verwijderd - - - -
.
toolbar-10 - (no file)
toolbar-10 - (no file)
hklm-run-syntpenh - c:\program files (x86)\synaptics\syntp\syntpenh.exe
addremove-easybits magic desktop - c:\windows\system32\ezmduninstall.exe
addremove-{6f44af95-3cde-4513-ad3f-6d45f17bf324} - c:\program files (x86)\installshield installation information\{6f44af95-3cde-4513-ad3f-6d45f17bf324}\setup.exe
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
voltooingstijd: 2012-08-04 17:11:43
combofix-quarantined-files.txt 2012-08-04 15:11
.
pre-run: 241.808.228.352 bytes beschikbaar
post-run: 241.494.380.544 bytes beschikbaar
.
- - end of file - - 869e0c1d704ce464780d2994248f56e9

[/hjt]


en ook nog een dankje erbij voor de moeite die je doet
 
Ik help jou graag hoor.
Overigens dat heropstarten wat jij zelf gedaan hebt was een prima idee van jou.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".

Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


ClearJavaCache::

Folder::
c:\progra~2\imesha~1


Registry::
[-hkey_local_machine\wow6432node\~\browser helper objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll [bu]
.
[-hkey_local_machine\software\wow6432node\microsoft\ internet explorer\toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= c:\progra~2\imesha~1\mediabar\datamngr\toolbar\wincoreimdtx.dll [bu]
.
[-hkey_classes_root\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]


Sla dit kladblokbestand op je bureaublad op als CFScript.txt.

Nu eerst de antivirus en eventuele spywarescanners deaktiveren!
Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.


Sleep CFScript.txt in ComboFix.exe


CFScript.gif


Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


Post het Combofix-log dat na het opnieuw starten wordt getoond via de kleurcodeerder!
Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in C:\Combofix.txt

Belangrijke opmerking:
  • Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:
  • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  • Start dan de computer opnieuw op.
 
en het nieuwste logje voor je

[hjt]
combofix 12-08-04.02 - hp 04-08-2012 19:04:02.5.4 - x64
microsoft windows 7 home premium 6.1.7601.1.1252.31.1043.18.4023.2339 [gmt 2:00]
gestart vanuit: c:\users\hp\desktop\combofix.exe
gebruikte opdracht switches :: c:\users\hp\desktop\cfscript.txt
av: f-secure internet security 2011 10.51 *disabled/updated* {15414183-282e-d62c-ca37-ef24860a2f17}
fw: f-secure internet security 2011 10.51 *disabled* {2d7ac0a6-6241-d774-e168-461178d9686c}
sp: f-secure internet security 2011 10.51 *disabled/updated* {ae20a067-0e14-d9a2-f087-d456fd8d65aa}
sp: windows defender *enabled/updated* {d68ddc3a-831f-4fae-9e44-da132c1acf46}
.
.
(((((((((((((((((((((((((((((((((( andere verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~2\imesha~1
.
.
(((((((((((((((((((( bestanden gemaakt van 2012-07-04 to 2012-08-04 ))))))))))))))))))))))))))))))
.
.
2012-08-04 17:11 . 2012-08-04 17:11 -------- d-----w- c:\users\updatususer\appdata\local\temp
2012-08-04 17:11 . 2012-08-04 17:11 -------- d-----w- c:\users\default\appdata\local\temp
2012-08-04 10:04 . 2012-08-04 10:06 -------- d-----w- c:\tdssstarter
2012-08-03 19:34 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-03 14:55 . 2012-08-03 14:55 -------- d-----w- c:\users\hp\appdata\local\unity
2012-08-03 14:47 . 2012-08-03 16:43 -------- d-----w- c:\programdata\spybot - search & destroy
2012-08-03 14:47 . 2012-08-03 14:49 -------- d-----w- c:\program files (x86)\spybot - search & destroy
2012-08-03 13:41 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{66d60fb0-7657-4699-86d1-cf0320f145b4}\mpengine.dll
2012-08-03 12:45 . 2012-08-03 13:37 70344 ----a-w- c:\windows\syswow64\flashplayercplapp.cpl
2012-08-03 12:45 . 2012-08-03 13:37 426184 ----a-w- c:\windows\syswow64\flashplayerapp.exe
2012-08-02 17:34 . 2012-08-02 17:34 955888 ----a-w- c:\windows\system32\npdeployjava1.dll
2012-08-02 17:34 . 2012-08-02 17:34 839152 ----a-w- c:\windows\system32\deployjava1.dll
2012-08-02 17:34 . 2012-08-02 17:34 268784 ----a-w- c:\windows\system32\javaws.exe
2012-08-02 17:34 . 2012-08-02 17:34 189424 ----a-w- c:\windows\system32\javaw.exe
2012-08-02 17:34 . 2012-08-02 17:34 188912 ----a-w- c:\windows\system32\java.exe
2012-08-02 17:28 . 2012-08-02 17:28 -------- d-----w- c:\program files\microsoft silverlight
2012-08-02 17:28 . 2012-08-02 17:28 -------- d-----w- c:\program files (x86)\microsoft silverlight
2012-07-22 17:28 . 2012-08-04 08:07 -------- d-----w- c:\program files (x86)\1clickdownload
2012-07-11 20:45 . 2012-07-11 20:45 -------- d-----w- c:\program files (x86)\common files\java
2012-07-11 18:11 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 18:08 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-11 18:08 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-07-11 18:08 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\syswow64\msxml6.dll
2012-07-11 18:08 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\syswow64\msxml3.dll
2012-07-11 18:08 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-07-11 18:08 . 2010-06-26 03:24 2048 ----a-w- c:\windows\syswow64\msxml3r.dll
2012-07-11 18:08 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-07-11 18:07 . 2012-06-02 05:50 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-07-11 18:07 . 2012-06-02 05:45 340992 ----a-w- c:\windows\system32\schannel.dll
2012-07-11 18:07 . 2012-06-02 05:44 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-07-11 18:07 . 2012-06-02 05:48 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( find3m rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 18:09 . 2010-12-01 16:33 59701280 ----a-w- c:\windows\system32\mrt.exe
2012-06-02 22:19 . 2012-06-22 04:44 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 04:44 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 04:44 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 04:44 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 04:44 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 04:44 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 04:44 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-22 04:43 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-22 04:43 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-05-31 10:25 . 2010-11-30 16:56 279656 ------w- c:\windows\system32\mpsigstub.exe
2012-05-15 10:48 . 2012-05-22 19:02 25743168 ----a-w- c:\windows\system32\nvoglv64.dll
2012-05-15 10:48 . 2012-05-22 19:02 19607872 ----a-w- c:\windows\syswow64\nvoglv32.dll
2012-05-15 10:48 . 2012-05-22 19:02 14298944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-05-15 10:48 . 2012-05-22 19:02 8139072 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:48 . 2012-05-22 19:02 5982528 ----a-w- c:\windows\syswow64\nvcuda.dll
2012-05-15 10:48 . 2012-05-22 19:02 2881856 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-22 19:02 2681664 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:48 . 2012-05-22 19:02 2524992 ----a-w- c:\windows\syswow64\nvcuvid.dll
2012-05-15 10:48 . 2012-05-22 19:02 2445120 ----a-w- c:\windows\syswow64\nvcuvenc.dll
2012-05-15 10:48 . 2012-05-22 19:02 18044224 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-05-15 10:48 . 2012-05-22 19:02 25248064 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:48 . 2012-05-22 19:02 2368832 ----a-w- c:\windows\syswow64\nvapi.dll
2012-05-15 10:48 . 2012-05-22 19:02 17551680 ----a-w- c:\windows\syswow64\nvcompiler.dll
2012-05-15 10:48 . 2012-02-21 20:48 68928 ----a-w- c:\windows\system32\opencl.dll
2012-05-15 10:48 . 2012-02-21 20:48 61248 ----a-w- c:\windows\syswow64\opencl.dll
2012-05-15 10:48 . 2011-11-08 19:18 8105280 ----a-w- c:\windows\syswow64\nvwgf2um.dll
2012-05-15 10:48 . 2011-11-08 19:18 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
2012-05-15 10:48 . 2011-11-08 19:18 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
2012-05-15 10:48 . 2009-11-29 17:20 2741568 ----a-w- c:\windows\system32\nvapi64.dll
2012-05-15 10:48 . 2009-11-29 17:20 15322432 ----a-w- c:\windows\syswow64\nvd3dum.dll
2012-05-15 10:48 . 2009-11-29 17:20 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-05-15 09:29 . 2009-11-28 20:56 889664 ----a-w- c:\windows\system32\nvvsvc.exe
2012-05-15 09:29 . 2009-11-28 20:55 63296 ----a-w- c:\windows\system32\nvshext.dll
2012-05-15 09:29 . 2009-11-28 20:55 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
2012-05-15 09:29 . 2009-11-28 20:55 118080 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-15 09:29 . 2009-11-28 20:55 3149632 ----a-w- c:\windows\system32\nvsvc64.dll
2012-05-15 09:28 . 2009-11-28 20:55 6151488 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 04:01 . 2012-06-13 19:47 1188864 ----a-w- c:\windows\system32\wininet.dll
2012-05-15 03:59 . 2012-06-13 19:47 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-05-15 03:03 . 2012-06-13 19:47 981504 ----a-w- c:\windows\syswow64\wininet.dll
2012-05-09 15:34 . 2012-05-09 15:34 55960 ----a-w- c:\windows\system32\drivers\fsbts.sys
2012-05-09 10:21 . 2012-06-11 20:44 476936 ----a-w- c:\windows\syswow64\npdeployjava1.dll
2012-05-09 10:21 . 2010-11-30 16:28 472840 ----a-w- c:\windows\syswow64\deployjava1.dll
.
.
((((((((((((((((((((((((((((( snapshot@2012-08-04_13.27.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-08 21:04 . 2012-08-04 17:00 61438 c:\windows\system32\wdi\shutdownperformancediagnostics_systemdata.bin
+ 2009-07-14 05:10 . 2012-08-04 17:00 48098 c:\windows\system32\wdi\bootperformancediagnostics_systemdata.bin
+ 2010-11-29 13:35 . 2012-08-04 17:00 17352 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\s-1-5-21-3442539709-156371235-3733390187-1000_userdata.bin
- 2010-11-30 16:16 . 2012-08-04 05:15 16384 c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-30 16:16 . 2012-08-04 15:27 16384 c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-30 16:16 . 2012-08-04 15:27 32768 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
- 2010-11-30 16:16 . 2012-08-04 05:15 32768 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
+ 2010-11-30 16:16 . 2012-08-04 15:27 16384 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-30 16:16 . 2012-08-04 05:15 16384 c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 12:47 . 2012-08-04 13:12 16384 c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-29 12:47 . 2012-08-04 17:00 16384 c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat
+ 2010-11-29 12:47 . 2012-08-04 17:00 16384 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 12:47 . 2012-08-04 13:12 16384 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
- 2010-11-29 10:46 . 2012-08-03 20:44 8670 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\bluetooth\bthservsdp.dat
+ 2010-11-29 10:46 . 2012-08-04 15:23 8670 c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\bluetooth\bthservsdp.dat
- 2012-08-04 05:12 . 2012-08-04 05:12 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
+ 2012-08-04 15:24 . 2012-08-04 15:24 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat
+ 2012-08-04 15:24 . 2012-08-04 15:24 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
- 2012-08-04 05:12 . 2012-08-04 05:12 2048 c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat
+ 2010-11-30 18:17 . 2012-08-04 16:58 387814 c:\windows\system32\wdi\suspendperformancediagnostics_systemdata_s3.bin
+ 2009-07-14 05:01 . 2012-08-04 15:23 374172 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
- 2009-07-14 05:01 . 2012-08-03 20:44 374172 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-system.dat
+ 2010-11-29 12:56 . 2012-08-04 15:23 1637560 c:\windows\serviceprofiles\localservice\appdata\local\fontcache3.0.0.0.dat
+ 2010-11-29 13:56 . 2012-08-04 15:23 60086968 c:\windows\serviceprofiles\localservice\appdata\local\fontcache-s-1-5-21-3442539709-156371235-3733390187-1000-8192.dat
.
((((((((((((((((((((((((((((((((((((( reg opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
regedit4
.
[hkey_current_user\software\microsoft\windows\currentversion\run]
"lightscribe control panel"=c:\program files (x86)\common files\lightscribe\lightscribecontrolpanel.exe [2009-08-20 2363392]
"restart_sticky_notes"=c:\windows\system32\stikynot.exe [bu]
"hpadvisor"=c:\program files (x86)\hewlett-packard\hp advisor\hpadvisor.exe [bu]
"tomtomhome.exe"=c:\program files (x86)\tomtom home 2\tomtomhomerunner.exe [2012-01-23 247728]
"isuspm"=c:\program files (x86)\common files\installshield\updateservice\isuspm.exe [bu]
"superantispyware"=c:\program files\superantispyware\superantispyware.exe [2012-07-24 5661056]
"ea core"=c:\program files (x86)\electronic arts\eadm\core.exe [bu]
"hp photosmart 7510 series (net)"=c:\program files\hp\hp photosmart 7510 series\bin\scantopcactivationapp.exe [2011-08-31 2676584]
"daemon tools lite"=c:\program files (x86)\daemon tools lite\dtlite.exe [2012-02-13 3481408]
"skype"=c:\program files (x86)\skype\phone\skype.exe [2012-07-13 17418928]
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\run]
"corel file shell monitor"=c:\program files (x86)\corel\corel paint shop pro photo x2\coreliomonitor.exe [2009-08-25 15544]
"hpcam_menu"=c:\program files (x86)\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe [2009-05-19 222504]
"qlbctrl.exe"=c:\program files (x86)\hewlett-packard\hp quick launch buttons\qlbctrl.exe [2009-08-20 322104]
"easybits recovery"=c:\program files (x86)\easybits for kids\ezrecover.exe [2009-09-02 60464]
"wirelessassistant"=c:\program files (x86)\hewlett-packard\hp wireless assistant\hpwamain.exe [2009-07-23 498744]
"f-secure manager"=c:\program files (x86)\f-secure\common\fsm32.exe [2010-11-30 201384]
"f-secure tnb"=c:\program files (x86)\f-secure\fsgui\tnbutil.exe [2010-11-30 1655464]
"divx download manager"=c:\program files (x86)\divx\divx plus web player\ddmservice.exe [bu]
"adobe arm"=c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe [2012-01-03 843712]
"apsdaemon"=c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe [2012-02-20 59240]
"ituneshelper"=c:\program files (x86)\itunes\ituneshelper.exe [2011-10-09 421736]
"hp software update"=c:\program files (x86)\hp\hp software update\hpwuschd2.exe [2011-05-10 49208]
"sunjavaupdatesched"=c:\program files (x86)\common files\java\java update\jusched.exe [2012-01-18 254696]
"quicktime task"=c:\program files (x86)\quicktime\qttask.exe [2012-04-18 421888]
"malwarebytes' anti-malware"=c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe [2012-07-03 462920]
.
c:\users\hp\appdata\roaming\microsoft\windows\start menu\programs\startup\
inktwaarschuwingen controleren - hp photosmart 7510 series (netwerk).lnk - c:\windows\system32\rundll32.exe [2009-7-14 45568]
.
c:\programdata\microsoft\windows\start menu\programs\startup\
bluetooth.lnk - c:\program files\widcomm\bluetooth software\bttray.exe [2009-9-4 1081632]
.
[hkey_local_machine\software\microsoft\windows\currentversion\policies\system]
"consentpromptbehavioradmin"= 5 (0x5)
"consentpromptbehavioruser"= 3 (0x3)
"enableuiadesktoptoggle"= 0 (0x0)
"hidefastuserswitching"= 0 (0x0)
.
[hkey_local_machine\software\wow6432node\microsoft\windows\currentversion\explorer\shellexecutehooks]
.
[hkey_local_machine\system\currentcontrolset\control\lsa]
security packages reg_multi_sz kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\!sascore]
@=""
.
[hkey_local_machine\system\currentcontrolset\control\safeboot\minimal\wdf01000.sys]
@="driver"
.
r2 clr_optimization_v4.0.30319_64;microsoft .net framework ngen v4.0.30319_x64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
r2 ezsharedsvc;easybits shared services for windows;c:\windows\system32\svchost.exe [2009-07-14 27136]
r2 gupdate;google update-service (gupdate);c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 136176]
r2 nvupdatusservice;nvidia update service daemon;c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe [2012-05-15 1262400]
r2 skypeupdate;skype updater;c:\program files (x86)\skype\updater\updater.exe [2012-07-03 160944]
r3 flexnet licensing service 64;flexnet licensing service 64;c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice64.exe [2012-03-12 1431888]
r3 gamesappservice;gamesappservice;c:\program files (x86)\wildtangent games\app\gamesappservice.exe [2010-10-12 206072]
r3 gupdatem;google update-service (gupdatem);c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 136176]
r3 mozillamaintenance;mozilla maintenance service;c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe [2012-07-20 113120]
r3 netw5v64;intel(r) wireless wifi link 5000 series adapter driver for windows vista 64 bit;c:\windows\system32\drivers\netw5v64.sys [2009-06-10 5434368]
r3 rtl8167;realtek 8167 nt driver;c:\windows\system32\drivers\rt64win7.sys [2009-10-03 258560]
r3 srvhsfhda;srvhsfhda;c:\windows\system32\drivers\vstazl6.sys [2009-06-10 292864]
r3 srvhsfv92;srvhsfv92;c:\windows\system32\drivers\vstdpv6.sys [2009-06-10 1485312]
r3 srvhsfwinac;srvhsfwinac;c:\windows\system32\drivers\vstcnxt6.sys [2009-06-10 740864]
r3 tsusbflt;tsusbflt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
r3 usbaapl64;apple mobile usb driver;c:\windows\system32\drivers\usbaapl64.sys [2011-05-10 51712]
r3 watadminsvc;windows activation technologies-service;c:\windows\system32\wat\watadminsvc.exe [2010-12-01 1255736]
r3 yukonw7;ndis6.2 miniport driver for marvell yukon ethernet controller;c:\windows\system32\drivers\yk62x64.sys [2009-06-10 389120]
s0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-05-09 55960]
s1 a2dda;a2 direct disk access support driver;c:\users\hp\desktop\run\a2ddax64.sys [2012-08-04 23208]
s1 dtsoftbus01;daemon tools virtual bus driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-03-12 283200]
s1 f-secure hips;f-secure hips driver;c:\program files (x86)\f-secure\hips\drivers\fshs.sys [2010-11-30 61960]
s1 fses;f-secure email scanning driver;c:\windows\system32\drivers\fses.sys [2010-11-30 46664]
s1 fsfw;f-secure firewall driver;c:\windows\system32\drivers\fsdfw.sys [2010-11-30 95784]
s1 fsvista;f-secure vista support driver;c:\program files (x86)\f-secure\anti-virus\minifilter\fsvista.sys [2010-11-30 15016]
s1 sasdifsv;sasdifsv;c:\program files\superantispyware\sasdifsv64.sys [2011-07-22 14928]
s1 saskutil;saskutil;c:\program files\superantispyware\saskutil64.sys [2011-07-12 12368]
s1 vwififlt;virtual wifi filter driver;c:\windows\system32\drivers\vwififlt.sys [2009-07-14 59904]
s2 !sascore;sas core service;c:\program files\superantispyware\sascore64.exe [2011-08-11 140672]
s2 adobearmservice;adobe acrobat update service;c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe [2012-01-03 63928]
s2 aestfilters;andrea st filters service;c:\windows\system32\driverstore\filerepository\stwrt64.inf_amd64_neutral_960c1f056a541068\aestsr64.exe [2009-03-02 89600]
s2 autodesk content service;autodesk content service;c:\program files (x86)\autodesk\content service\connect.service.contentservice.exe [2011-02-02 18656]
s2 hp support assistant service;hp support assistant service;c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe [2011-09-09 86072]
s2 hpdrvmntsvc.exe;hp quick synchronization service;c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe [2011-03-28 94264]
s2 hpsrv;hp service;c:\windows\system32\hpservice.exe [2011-05-13 30520]
s2 mbamservice;mbamservice;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2012-07-03 655944]
s2 tomtomhomeservice;tomtomhomeservice;c:\program files (x86)\tomtom home 2\tomtomhomeservice.exe [2012-01-23 92592]
s3 adobeflashplayerupdatesvc;adobe flash player update service;c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2012-08-03 250056]
s3 btwl2cap;bluetooth l2cap service;c:\windows\system32\drivers\btwl2cap.sys [2009-09-17 35104]
s3 com4qlbex;com4qlbex;c:\program files (x86)\hewlett-packard\hp quick launch buttons\com4qlbex.exe [2009-05-05 228408]
s3 enecir;ene cir receiver;c:\windows\system32\drivers\enecir.sys [2009-06-29 70656]
s3 f-secure gatekeeper;f-secure gatekeeper;c:\program files (x86)\f-secure\anti-virus\minifilter\fsgk.sys [2012-05-29 199848]
s3 fsorspclient;f-secure orsp client;c:\program files (x86)\f-secure\orsp client\fsorsp.exe [2011-05-23 61088]
s3 impcd;impcd;c:\windows\system32\drivers\impcd.sys [2009-10-13 151040]
s3 jmcr;jmcr;c:\windows\system32\drivers\jmcr.sys [2009-07-21 140712]
s3 mbamprotector;mbamprotector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
s3 nvhda;service for nvidia high definition audio driver;c:\windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
s3 vwifimp;microsoft virtual wifi miniport service;c:\windows\system32\drivers\vwifimp.sys [2009-07-14 17920]
.
.
hkey_local_machine\software\wow6432node\microsoft\windows nt\currentversion\svchost - netsvcs
ezsharedsvc
.
[hkey_local_machine\software\wow6432node\microsoft\active setup\installed components\{10880d85-aad9-4558-abdc-2ab1552d831f}]
2009-08-20 12:24 451872 ----a-w- c:\program files (x86)\common files\lightscribe\lsrunonce.exe
.
inhoud van de 'gedeelde taken' map
.
2012-08-04 c:\windows\tasks\adobe flash player updater.job
- c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2012-08-03 13:37]
.
2012-08-04 c:\windows\tasks\googleupdatetaskmachinecore.job
- c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 21:34]
.
2012-08-04 c:\windows\tasks\googleupdatetaskmachineua.job
- c:\program files (x86)\google\update\googleupdate.exe [2011-11-05 21:34]
.
2012-08-03 c:\windows\tasks\googleupdatetaskusers-1-5-21-3442539709-156371235-3733390187-1000core.job
- c:\users\hp\appdata\local\google\update\googleupdate.exe [2011-08-15 20:20]
.
2012-08-04 c:\windows\tasks\googleupdatetaskusers-1-5-21-3442539709-156371235-3733390187-1000ua.job
- c:\users\hp\appdata\local\google\update\googleupdate.exe [2011-08-15 20:20]
.
2012-08-04 c:\windows\tasks\hp photo creations messager.job
- c:\programdata\hp photo creations\messagecheck.exe [2011-02-15 10:11]
.
2012-07-27 c:\windows\tasks\hpceescheduleforhp-pc$.job
- c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe [2009-10-07 03:22]
.
2012-07-31 c:\windows\tasks\hpceescheduleforhp.job
- c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe [2009-10-07 03:22]
.
.
--------- x64 entries -----------
.
.
[hkey_local_machine\software\microsoft\windows\currentversion\run]
"syntpenh"=c:\program files (x86)\synaptics\syntp\syntpenh.exe [bu]
"smartmenu"=c:\program files\hewlett-packard\hp mediasmart\smartmenu.exe [2009-08-25 610872]
"sunjavaupdatesched"=c:\program files\java\jre6\bin\jusched.exe [2010-01-08 171520]
"systrayapp"=c:\program files\idt\wdm\sttray64.exe [2010-03-23 487424]
.
------- bijkomende scan -------
.
ustart page = hxxp://search.imesh.net
ulocal page = c:\windows\system32\blank.htm
mlocal page = c:\windows\syswow64\blank.htm
uinternet settings,proxyoverride = *.local
ie: afbeelding verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
ie: e&xporteren naar microsoft excel - c:\progra~2\micros~1\office12\excel.exe/3000
ie: pagina verzenden naar &bluetooth-apparaat... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
lsp: c:\program files (x86)\f-secure\fsps\program\fslsp.dll
tcp: dhcpnameserver = 192.168.0.1
ff - profilepath - c:\users\hp\appdata\roaming\mozilla\firefox\profiles\w29d0adv.default-1343927698593\
.
- - - - orphans verwijderd - - - -
.
toolbar-10 - (no file)
.
.
.
--------------------- vergrendelde register sleutels ---------------------
.
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
[hkey_local_machine\system\controlset001\control\class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\allusersettings]
@denied: (a) (users)
@denied: (a) (everyone)
@allowed: (b 1 2 3 4 5) (s-1-5-20)
"blinddial"=dword:00000000
.
[hkey_local_machine\system\controlset001\control\pcw\security]
@denied: (full) (everyone)
.
voltooingstijd: 2012-08-04 19:13:18
combofix-quarantined-files.txt 2012-08-04 17:13
combofix2.txt 2012-08-04 15:11
.
pre-run: 241.564.672.000 bytes beschikbaar
post-run: 241.507.532.800 bytes beschikbaar
.
- - end of file - - e76d7450c5dec384bc527ed929e85e5e

[/hjt]
 
Vertel maar in hoeverre jouw Windows momentel draait.
 
Lijkt me wel beter te werken ja. Alleen werken de video's op Firefox nog steeds niet geweldig, maar denk dat ik daarvoor ergens anders moet zijn
 
Laten dan naar de hardware in jouw PC kijken:

Welk programma: Speccy van Piriform
Waarvoor/waarom: specialistisch tool om een grondige analyse van jouw Windows PC te geven.
Moeilijkheidsgraad: geen.
Download: Speccy

Bij de installatie van "Speccy" wordt gevraagd om de Google Chrome webbrowser mee te installeren.
Indien je dit niet wenst, verwijder dan de vinkjes.

Speccy van Piriform opstarten:
  • Windows 2000 en Windows XP: start "Speccy" middels dubbelklikken.
  • Windows Vista en Windows 7: start "Speccy" middels rechtsklik en dan kiezen voor Als Administrator uitvoeren.

Speccy van Piriform gebruiken:
  • nadat de analyse van Windows klaar is, plaatst "Speccy" de uitkomst daarvan in een nieuw venster.
  • Klik nu in de menubalk op Bestand(File) en kies voor Publiceren(Publish Snapshot)
  • Bevestig het publiceren door JA(Yes) te klikken.
  • Nu zal een pop-upvenster openen met daarin de link waar de "snapshot" te zien is.
    [*]Kopieer nu de link in dat venster en plak die link in jouw volgende bericht.
 
Ik vind de temperaturen een beetje aan de hoge kant!

Heb je na de installatie van Windows 7 wel de drivers voor de videokaart genstalleerd?
 
ik heb de laptop al met Windows 7 gekocht en volgens mij zijn de drivers van de videokaart ook genstalleerd. Waar kan ik dat zo kijken?



is up to date

GeForce G105M

This product has been detected as your primary device

Your driver is up to date with version 301.42.
 
Laatst bewerkt door een moderator:
Dan vind ik het vreemd dat jij problemen met de videoweergave in Firefox hebt.
En hoe gaat het inmiddels met de traagheid?

Doe de volgende test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is.

Download naar je bureaublad Security Check.
  • Klik/dubbelklik op SecurityCheck.exe en let op de instrukties in het zwarte venster.
  • Een Kladblok document genaamd checkup.txt dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
  • Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.
Post de inhoud van checkup.txt in je volgende post.
 
de traagheid is nu nog bij opstarten van programma's, verder is het echt al stukken beter.

Ben er vanmiddag achter gekomen dat hij de site van slapshot.ch ook heel traag opstart. Verder nog steeds het probleem met de video's

hier het logje weer

Results of screen317's Security Check version 0.99.43
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
F-Secure Internet Security 2011 10.51
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware versie 1.62.0.1300
Java(TM) 6 Update 33
Java version out of Date!
Adobe Reader X (10.1.3)
Mozilla Firefox (14.0.1)
Google Chrome 20.0.1132.57
Google Chrome 21.0.1180.60
Google Chrome VisualElementsManifest.xml..
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
F-Secure Anti-Virus fsgk32st.exe
F-Secure Anti-Virus FSGK32.EXE
F-Secure Anti-Virus fssm32.exe
F-Secure Anti-Virus fsav32.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 
is hij er nu al zo slecht aan toe :D. Maar het zal denk ik aan Firefox liggen. Met Google Chrome gaat het wel normaal
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan