KellyMoosje
-
Items
13 -
Registratiedatum
-
Laatst bezocht
KellyMoosje's prestaties
-
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Gelukt! Bedankt voor alle hulp Ik kan het zeker waarderen. -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ik kan het virus niet meer terug vinden. Ik hoop dat hij nu verwijderd is. En anders merk ik het vanzelf wel. In ieder geval heel erg bedankt voor de hulp! Daar heb ik veel aan gehad. m.v.g. Kelly -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ik blader weer bij jotti om een printscreen te maken en ik zie het bestand er niet meer tussen staan! Ik laat AVG nog eens scannen. Kijken of avg het bestand nog kan vinden.. -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Hij kan het bestand niet selecteren. Hij kan wel andere bestanden selecteren maar de C:\Program Files\TOSHIBA\FlashCards\TfcRst.exe niet. -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ik heb het via Jotti's malware scan bestand kiezen geklikt en dan C:\Program Files\TOSHIBA\FlashCards\TfcRst.exe aangeklikt. Hoe zou ik dat met bladeren precies moeten doen? -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Als ik het bestand wil selecteren komt er een pop upje met: U bent niet bevoegd om dit bestand te openen. Ook heb ik, als in de map waar het bestand zich bevindt, dat er opeens nog een virus bij komt. Dus ipv 2 nu 3. -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ja klopt door AVG. Ja: http://i48.tinypic.com/zu6vd.jpg
-
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ja ik krijg nog steeds meldingen. De ene keer heb ik er 2, de andere keer 3(zelfs een keer 7) en soms geeft hij helemaal niets aan. -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Oke mapje verwijderd. De link van TDSSkiller deed het niet dus ik heb hem van deze site gehaald: How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?. 09:32:07.0059 5812 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 09:32:07.0278 5812 ============================================================ 09:32:07.0278 5812 Current date / time: 2012/11/24 09:32:07.0278 09:32:07.0278 5812 SystemInfo: 09:32:07.0278 5812 09:32:07.0278 5812 OS Version: 6.0.6001 ServicePack: 1.0 09:32:07.0293 5812 Product type: Workstation 09:32:07.0293 5812 ComputerName: PC_VAN_IRISKELL 09:32:07.0293 5812 UserName: iriskelly 09:32:07.0293 5812 Windows directory: C:\Windows 09:32:07.0293 5812 System windows directory: C:\Windows 09:32:07.0293 5812 Processor architecture: Intel x86 09:32:07.0293 5812 Number of processors: 1 09:32:07.0293 5812 Page size: 0x1000 09:32:07.0293 5812 Boot type: Normal boot 09:32:07.0293 5812 ============================================================ 09:32:08.0276 5812 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 09:32:08.0276 5812 ============================================================ 09:32:08.0276 5812 \Device\Harddisk0\DR0: 09:32:08.0276 5812 MBR partitions: 09:32:08.0276 5812 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x6F7A800 09:32:08.0276 5812 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x7269000, BlocksNum 0x6D2B3B0 09:32:08.0276 5812 ============================================================ 09:32:08.0370 5812 C: <-> \Device\Harddisk0\DR0\Partition1 09:32:08.0432 5812 E: <-> \Device\Harddisk0\DR0\Partition2 09:32:08.0432 5812 ============================================================ 09:32:08.0432 5812 Initialize success 09:32:08.0432 5812 ============================================================ 09:32:10.0710 4600 ============================================================ 09:32:10.0710 4600 Scan started 09:32:10.0710 4600 Mode: Manual; 09:32:10.0710 4600 ============================================================ 09:32:12.0207 4600 ================ Scan system memory ======================== 09:32:12.0207 4600 System memory - ok 09:32:12.0207 4600 ================ Scan services ============================= 09:32:12.0894 4600 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 09:32:12.0894 4600 ACPI - ok 09:32:13.0081 4600 [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs C:\Windows\system32\drivers\adfs.sys 09:32:13.0081 4600 adfs - ok 09:32:13.0253 4600 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 09:32:13.0268 4600 adp94xx - ok 09:32:13.0299 4600 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 09:32:13.0315 4600 adpahci - ok 09:32:13.0331 4600 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 09:32:13.0331 4600 adpu160m - ok 09:32:13.0377 4600 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 09:32:13.0377 4600 adpu320 - ok 09:32:13.0455 4600 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:32:13.0455 4600 AeLookupSvc - ok 09:32:13.0518 4600 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys 09:32:13.0533 4600 AFD - ok 09:32:13.0627 4600 [ 5D97943C128ED756D1B0A08302C1B1F8 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 09:32:13.0658 4600 AgereSoftModem - ok 09:32:13.0736 4600 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 09:32:13.0736 4600 agp440 - ok 09:32:13.0767 4600 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 09:32:13.0767 4600 aic78xx - ok 09:32:13.0892 4600 [ 14A9BA653838164A2AE148E362640197 ] aiptektp C:\Windows\system32\DRIVERS\aiptektp.sys 09:32:13.0892 4600 aiptektp - ok 09:32:13.0939 4600 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 09:32:13.0939 4600 ALG - ok 09:32:13.0970 4600 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 09:32:13.0970 4600 aliide - ok 09:32:14.0001 4600 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 09:32:14.0001 4600 amdagp - ok 09:32:14.0064 4600 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 09:32:14.0079 4600 amdide - ok 09:32:14.0111 4600 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 09:32:14.0111 4600 AmdK7 - ok 09:32:14.0142 4600 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 09:32:14.0157 4600 AmdK8 - ok 09:32:14.0235 4600 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 09:32:14.0235 4600 Appinfo - ok 09:32:14.0329 4600 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 09:32:14.0329 4600 arc - ok 09:32:14.0360 4600 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 09:32:14.0360 4600 arcsas - ok 09:32:14.0750 4600 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:32:14.0828 4600 aspnet_state - ok 09:32:14.0953 4600 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:32:14.0953 4600 AsyncMac - ok 09:32:14.0984 4600 [ 0D83C87A801A3DFCD1BF73893FE7518C ] atapi C:\Windows\system32\drivers\atapi.sys 09:32:14.0984 4600 atapi - ok 09:32:15.0062 4600 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:32:15.0078 4600 AudioEndpointBuilder - ok 09:32:15.0125 4600 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 09:32:15.0125 4600 Audiosrv - ok 09:32:15.0421 4600 [ D45B7995761253A92AB071D576114F28 ] AVG Security Toolbar Service C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe 09:32:15.0437 4600 AVG Security Toolbar Service - ok 09:32:15.0515 4600 [ B9AE3C63A53396CD669EF8AE9C9CBD85 ] avg8emc C:\PROGRA~1\AVG\AVG8\avgemc.exe 09:32:15.0530 4600 avg8emc - ok 09:32:15.0577 4600 [ DB338A6BD3976904EB0F8343F51E64EB ] avg8wd C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe 09:32:15.0577 4600 avg8wd - ok 09:32:15.0624 4600 [ BC12F2404BB6F2B6B2FF3C4C246CB752 ] AvgLdx86 C:\Windows\System32\Drivers\avgldx86.sys 09:32:15.0639 4600 AvgLdx86 - ok 09:32:15.0671 4600 [ 5903D729D4F0C5BCA74123C96A1B29E0 ] AvgMfx86 C:\Windows\System32\Drivers\avgmfx86.sys 09:32:15.0686 4600 AvgMfx86 - ok 09:32:15.0733 4600 [ 92D8E1E8502E649B60E70074EB29C380 ] AvgTdiX C:\Windows\System32\Drivers\avgtdix.sys 09:32:15.0733 4600 AvgTdiX - ok 09:32:15.0780 4600 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 09:32:15.0795 4600 Beep - ok 09:32:15.0889 4600 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 09:32:15.0889 4600 BFE - ok 09:32:15.0983 4600 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\system32\qmgr.dll 09:32:15.0998 4600 BITS - ok 09:32:16.0029 4600 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 09:32:16.0029 4600 blbdrive - ok 09:32:16.0107 4600 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:32:16.0107 4600 bowser - ok 09:32:16.0139 4600 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 09:32:16.0154 4600 BrFiltLo - ok 09:32:16.0170 4600 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 09:32:16.0185 4600 BrFiltUp - ok 09:32:16.0232 4600 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 09:32:16.0232 4600 Browser - ok 09:32:16.0279 4600 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 09:32:16.0279 4600 Brserid - ok 09:32:16.0295 4600 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 09:32:16.0295 4600 BrSerWdm - ok 09:32:16.0326 4600 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 09:32:16.0326 4600 BrUsbMdm - ok 09:32:16.0404 4600 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 09:32:16.0419 4600 BrUsbSer - ok 09:32:16.0451 4600 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 09:32:16.0451 4600 BTHMODEM - ok 09:32:16.0903 4600 catchme - ok 09:32:16.0965 4600 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:32:16.0981 4600 cdfs - ok 09:32:17.0012 4600 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 09:32:17.0012 4600 cdrom - ok 09:32:17.0090 4600 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 09:32:17.0090 4600 CertPropSvc - ok 09:32:17.0137 4600 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 09:32:17.0137 4600 circlass - ok 09:32:17.0184 4600 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 09:32:17.0184 4600 CLFS - ok 09:32:17.0262 4600 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:32:17.0277 4600 clr_optimization_v2.0.50727_32 - ok 09:32:17.0355 4600 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:32:17.0433 4600 clr_optimization_v4.0.30319_32 - ok 09:32:17.0511 4600 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:32:17.0511 4600 CmBatt - ok 09:32:17.0527 4600 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:32:17.0527 4600 cmdide - ok 09:32:17.0543 4600 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 09:32:17.0558 4600 Compbatt - ok 09:32:17.0574 4600 COMSysApp - ok 09:32:17.0699 4600 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe 09:32:17.0699 4600 ConfigFree Service - ok 09:32:17.0730 4600 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 09:32:17.0730 4600 crcdisk - ok 09:32:17.0745 4600 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 09:32:17.0745 4600 Crusoe - ok 09:32:17.0839 4600 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:32:17.0839 4600 CryptSvc - ok 09:32:17.0933 4600 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:32:17.0948 4600 DcomLaunch - ok 09:32:17.0995 4600 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:32:17.0995 4600 DfsC - ok 09:32:18.0151 4600 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 09:32:18.0229 4600 DFSR - ok 09:32:18.0307 4600 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 09:32:18.0307 4600 Dhcp - ok 09:32:18.0354 4600 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 09:32:18.0354 4600 disk - ok 09:32:18.0416 4600 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:32:18.0416 4600 Dnscache - ok 09:32:18.0463 4600 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 09:32:18.0479 4600 dot3svc - ok 09:32:18.0525 4600 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 09:32:18.0525 4600 DPS - ok 09:32:18.0572 4600 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:32:18.0572 4600 drmkaud - ok 09:32:18.0650 4600 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:32:18.0681 4600 DXGKrnl - ok 09:32:18.0728 4600 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 09:32:18.0744 4600 E1G60 - ok 09:32:18.0775 4600 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 09:32:18.0775 4600 EapHost - ok 09:32:18.0822 4600 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 09:32:18.0837 4600 Ecache - ok 09:32:18.0900 4600 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 09:32:18.0915 4600 elxstor - ok 09:32:19.0040 4600 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 09:32:19.0056 4600 EMDMgmt - ok 09:32:19.0118 4600 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:32:19.0118 4600 ErrDev - ok 09:32:19.0243 4600 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 09:32:19.0243 4600 EventSystem - ok 09:32:19.0305 4600 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 09:32:19.0305 4600 exfat - ok 09:32:19.0352 4600 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:32:19.0368 4600 fastfat - ok 09:32:19.0415 4600 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 09:32:19.0430 4600 fdc - ok 09:32:19.0477 4600 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 09:32:19.0477 4600 fdPHost - ok 09:32:19.0508 4600 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 09:32:19.0508 4600 FDResPub - ok 09:32:19.0555 4600 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:32:19.0571 4600 FileInfo - ok 09:32:19.0586 4600 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:32:19.0602 4600 Filetrace - ok 09:32:19.0727 4600 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 09:32:19.0742 4600 FLEXnet Licensing Service - ok 09:32:19.0789 4600 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 09:32:19.0789 4600 flpydisk - ok 09:32:19.0851 4600 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:32:19.0914 4600 FltMgr - ok 09:32:20.0132 4600 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:32:20.0132 4600 FontCache3.0.0.0 - ok 09:32:20.0210 4600 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 09:32:20.0210 4600 fssfltr - ok 09:32:20.0429 4600 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 09:32:20.0444 4600 fsssvc - ok 09:32:20.0507 4600 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:32:20.0507 4600 Fs_Rec - ok 09:32:20.0569 4600 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys 09:32:20.0585 4600 FwLnk - ok 09:32:20.0616 4600 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 09:32:20.0616 4600 gagp30kx - ok 09:32:20.0772 4600 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 09:32:20.0787 4600 GoogleDesktopManager-051210-111108 - ok 09:32:20.0850 4600 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 09:32:20.0881 4600 gpsvc - ok 09:32:20.0975 4600 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 09:32:20.0990 4600 gusvc - ok 09:32:21.0131 4600 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 09:32:21.0146 4600 HdAudAddService - ok 09:32:21.0193 4600 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 09:32:21.0193 4600 HDAudBus - ok 09:32:21.0224 4600 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 09:32:21.0224 4600 HidBth - ok 09:32:21.0255 4600 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 09:32:21.0255 4600 HidIr - ok 09:32:21.0318 4600 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll 09:32:21.0318 4600 hidserv - ok 09:32:21.0349 4600 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 09:32:21.0349 4600 HidUsb - ok 09:32:21.0443 4600 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:32:21.0443 4600 hkmsvc - ok 09:32:21.0474 4600 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 09:32:21.0474 4600 HpCISSs - ok 09:32:21.0599 4600 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS 09:32:21.0614 4600 HSFHWAZL - ok 09:32:21.0739 4600 [ CC267848CB3508E72762BE65734E764D ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys 09:32:21.0786 4600 HSF_DPV - ok 09:32:21.0833 4600 [ A2882945CC4B6E3E4E9E825590438888 ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys 09:32:21.0833 4600 HSXHWAZL - ok 09:32:21.0895 4600 [ 33B02459E86D0A2B86A6B9FE19139390 ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:32:21.0926 4600 HTTP - ok 09:32:21.0973 4600 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 09:32:21.0989 4600 i2omp - ok 09:32:22.0176 4600 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 09:32:22.0176 4600 i8042prt - ok 09:32:22.0316 4600 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:32:22.0332 4600 iaStor - ok 09:32:22.0379 4600 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 09:32:22.0394 4600 iaStorV - ok 09:32:22.0535 4600 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 09:32:22.0535 4600 IDriverT - ok 09:32:22.0659 4600 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:32:22.0691 4600 idsvc - ok 09:32:22.0893 4600 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 09:32:22.0987 4600 igfx - ok 09:32:23.0096 4600 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 09:32:23.0096 4600 iirsp - ok 09:32:23.0174 4600 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 09:32:23.0174 4600 IKEEXT - ok 09:32:23.0393 4600 [ B9CBD3DEA7CA02868621173BF7A2AF9F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 09:32:23.0533 4600 IntcAzAudAddService - ok 09:32:23.0689 4600 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 09:32:23.0705 4600 intelide - ok 09:32:23.0736 4600 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:32:23.0736 4600 intelppm - ok 09:32:23.0798 4600 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:32:23.0798 4600 IPBusEnum - ok 09:32:23.0876 4600 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:32:23.0876 4600 IpFilterDriver - ok 09:32:23.0954 4600 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:32:23.0954 4600 iphlpsvc - ok 09:32:23.0985 4600 IpInIp - ok 09:32:24.0079 4600 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 09:32:24.0095 4600 IPMIDRV - ok 09:32:24.0126 4600 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 09:32:24.0141 4600 IPNAT - ok 09:32:24.0157 4600 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:32:24.0173 4600 IRENUM - ok 09:32:24.0204 4600 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:32:24.0219 4600 isapnp - ok 09:32:24.0282 4600 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 09:32:24.0282 4600 iScsiPrt - ok 09:32:24.0313 4600 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 09:32:24.0329 4600 iteatapi - ok 09:32:24.0360 4600 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 09:32:24.0360 4600 iteraid - ok 09:32:24.0375 4600 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 09:32:24.0391 4600 kbdclass - ok 09:32:24.0438 4600 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 09:32:24.0438 4600 kbdhid - ok 09:32:24.0516 4600 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 09:32:24.0516 4600 KeyIso - ok 09:32:24.0594 4600 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:32:24.0625 4600 KSecDD - ok 09:32:24.0703 4600 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 09:32:24.0719 4600 KtmRm - ok 09:32:24.0797 4600 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\System32\srvsvc.dll 09:32:24.0797 4600 LanmanServer - ok 09:32:24.0890 4600 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:32:24.0890 4600 LanmanWorkstation - ok 09:32:24.0984 4600 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:32:24.0999 4600 lltdio - ok 09:32:25.0249 4600 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:32:25.0280 4600 lltdsvc - ok 09:32:25.0358 4600 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:32:25.0374 4600 lmhosts - ok 09:32:25.0452 4600 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 09:32:25.0452 4600 LSI_FC - ok 09:32:25.0608 4600 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 09:32:25.0608 4600 LSI_SAS - ok 09:32:25.0670 4600 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 09:32:25.0670 4600 LSI_SCSI - ok 09:32:25.0748 4600 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 09:32:25.0764 4600 luafv - ok 09:32:25.0873 4600 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys 09:32:25.0889 4600 LVRS - ok 09:32:25.0951 4600 [ A730FC8671A60666D6E877C544DD7CD4 ] LVUSBSta C:\Windows\system32\drivers\lvusbsta.sys 09:32:25.0967 4600 LVUSBSta - ok 09:32:26.0138 4600 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 09:32:26.0154 4600 MBAMProtector - ok 09:32:26.0372 4600 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 09:32:26.0372 4600 MBAMScheduler - ok 09:32:26.0591 4600 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 09:32:26.0622 4600 MBAMService - ok 09:32:26.0684 4600 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys 09:32:26.0684 4600 mdmxsdk - ok 09:32:26.0747 4600 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 09:32:26.0762 4600 megasas - ok 09:32:26.0793 4600 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 09:32:26.0793 4600 MegaSR - ok 09:32:26.0965 4600 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 09:32:26.0965 4600 Microsoft Office Groove Audit Service - ok 09:32:27.0059 4600 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 09:32:27.0059 4600 MMCSS - ok 09:32:27.0137 4600 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 09:32:27.0137 4600 Modem - ok 09:32:27.0168 4600 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:32:27.0168 4600 monitor - ok 09:32:27.0199 4600 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 09:32:27.0199 4600 mouclass - ok 09:32:27.0230 4600 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:32:27.0230 4600 mouhid - ok 09:32:27.0277 4600 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 09:32:27.0277 4600 MountMgr - ok 09:32:27.0308 4600 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 09:32:27.0324 4600 mpio - ok 09:32:27.0355 4600 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:32:27.0355 4600 mpsdrv - ok 09:32:27.0417 4600 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 09:32:27.0433 4600 MpsSvc - ok 09:32:27.0449 4600 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 09:32:27.0449 4600 Mraid35x - ok 09:32:27.0480 4600 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:32:27.0495 4600 MRxDAV - ok 09:32:27.0542 4600 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:32:27.0558 4600 mrxsmb - ok 09:32:27.0620 4600 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:32:27.0620 4600 mrxsmb10 - ok 09:32:27.0714 4600 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:32:27.0714 4600 mrxsmb20 - ok 09:32:27.0823 4600 [ F70590424EEFBF5C27A40C67AFDB8383 ] msahci C:\Windows\system32\drivers\msahci.sys 09:32:27.0823 4600 msahci - ok 09:32:27.0932 4600 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:32:27.0932 4600 msdsm - ok 09:32:27.0979 4600 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 09:32:27.0995 4600 MSDTC - ok 09:32:28.0088 4600 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:32:28.0088 4600 Msfs - ok 09:32:28.0151 4600 [ 1E00B9B8601F24A96AD71A7D0FC5F136 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:32:28.0151 4600 msisadrv - ok 09:32:28.0229 4600 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:32:28.0229 4600 MSiSCSI - ok 09:32:28.0275 4600 msiserver - ok 09:32:28.0338 4600 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:32:28.0338 4600 MSKSSRV - ok 09:32:28.0385 4600 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:32:28.0385 4600 MSPCLOCK - ok 09:32:28.0416 4600 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:32:28.0416 4600 MSPQM - ok 09:32:28.0447 4600 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:32:28.0463 4600 MsRPC - ok 09:32:28.0525 4600 [ 215634CF935B696E3EBCA813D02E9165 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 09:32:28.0525 4600 mssmbios - ok 09:32:28.0556 4600 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:32:28.0556 4600 MSTEE - ok 09:32:28.0603 4600 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 09:32:28.0603 4600 Mup - ok 09:32:28.0665 4600 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 09:32:28.0697 4600 napagent - ok 09:32:28.0759 4600 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:32:28.0775 4600 NativeWifiP - ok 09:32:28.0837 4600 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 09:32:28.0853 4600 NDIS - ok 09:32:28.0899 4600 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:32:28.0899 4600 NdisTapi - ok 09:32:28.0931 4600 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:32:28.0931 4600 Ndisuio - ok 09:32:28.0962 4600 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:32:28.0962 4600 NdisWan - ok 09:32:29.0040 4600 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:32:29.0040 4600 NDProxy - ok 09:32:29.0102 4600 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:32:29.0102 4600 NetBIOS - ok 09:32:29.0133 4600 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 09:32:29.0133 4600 netbt - ok 09:32:29.0180 4600 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 09:32:29.0196 4600 Netlogon - ok 09:32:29.0258 4600 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 09:32:29.0258 4600 Netman - ok 09:32:29.0352 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:32:29.0414 4600 NetMsmqActivator - ok 09:32:29.0461 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:32:29.0461 4600 NetPipeActivator - ok 09:32:29.0555 4600 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 09:32:29.0570 4600 netprofm - ok 09:32:29.0664 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:32:29.0664 4600 NetTcpActivator - ok 09:32:29.0711 4600 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:32:29.0726 4600 NetTcpPortSharing - ok 09:32:29.0789 4600 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 09:32:29.0789 4600 nfrd960 - ok 09:32:29.0867 4600 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 09:32:29.0867 4600 NlaSvc - ok 09:32:29.0898 4600 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:32:29.0898 4600 Npfs - ok 09:32:29.0929 4600 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 09:32:29.0929 4600 nsi - ok 09:32:29.0960 4600 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:32:29.0960 4600 nsiproxy - ok 09:32:30.0179 4600 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:32:30.0210 4600 Ntfs - ok 09:32:30.0257 4600 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 09:32:30.0257 4600 ntrigdigi - ok 09:32:30.0288 4600 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 09:32:30.0303 4600 Null - ok 09:32:30.0319 4600 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:32:30.0335 4600 nvraid - ok 09:32:30.0381 4600 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:32:30.0381 4600 nvstor - ok 09:32:30.0428 4600 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:32:30.0428 4600 nv_agp - ok 09:32:30.0459 4600 NwlnkFlt - ok 09:32:30.0491 4600 NwlnkFwd - ok 09:32:30.0678 4600 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:32:30.0693 4600 odserv - ok 09:32:30.0865 4600 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 09:32:30.0865 4600 ohci1394 - ok 09:32:31.0083 4600 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:32:31.0099 4600 ose - ok 09:32:31.0193 4600 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 09:32:31.0224 4600 p2pimsvc - ok 09:32:31.0271 4600 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 09:32:31.0271 4600 p2psvc - ok 09:32:31.0333 4600 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 09:32:31.0333 4600 Parport - ok 09:32:31.0364 4600 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:32:31.0364 4600 partmgr - ok 09:32:31.0395 4600 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 09:32:31.0395 4600 Parvdm - ok 09:32:31.0427 4600 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 09:32:31.0427 4600 PcaSvc - ok 09:32:31.0473 4600 [ ECA39351296D905BAA4FA3244C152B00 ] pci C:\Windows\system32\drivers\pci.sys 09:32:31.0489 4600 pci - ok 09:32:31.0505 4600 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\DRIVERS\pciide.sys 09:32:31.0520 4600 pciide - ok 09:32:31.0551 4600 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 09:32:31.0551 4600 pcmcia - ok 09:32:31.0645 4600 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:32:31.0692 4600 PEAUTH - ok 09:32:31.0832 4600 [ 5BD2C6D982481D548107C602E7CCFBBC ] PID_0928 C:\Windows\system32\DRIVERS\LV561AV.SYS 09:32:31.0832 4600 PID_0928 - ok 09:32:31.0957 4600 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 09:32:31.0988 4600 pla - ok 09:32:32.0129 4600 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:32:32.0144 4600 PlugPlay - ok 09:32:32.0222 4600 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 09:32:32.0238 4600 PNRPAutoReg - ok 09:32:32.0269 4600 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 09:32:32.0300 4600 PNRPsvc - ok 09:32:32.0363 4600 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:32:32.0394 4600 PolicyAgent - ok 09:32:32.0456 4600 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:32:32.0456 4600 PptpMiniport - ok 09:32:32.0503 4600 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 09:32:32.0519 4600 Processor - ok 09:32:32.0565 4600 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 09:32:32.0581 4600 ProfSvc - ok 09:32:32.0612 4600 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 09:32:32.0628 4600 ProtectedStorage - ok 09:32:32.0675 4600 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 09:32:32.0675 4600 PSched - ok 09:32:32.0799 4600 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 09:32:32.0862 4600 ql2300 - ok 09:32:32.0940 4600 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 09:32:32.0940 4600 ql40xx - ok 09:32:33.0080 4600 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 09:32:33.0111 4600 QWAVE - ok 09:32:33.0143 4600 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:32:33.0174 4600 QWAVEdrv - ok 09:32:33.0205 4600 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:32:33.0205 4600 RasAcd - ok 09:32:33.0314 4600 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 09:32:33.0330 4600 RasAuto - ok 09:32:33.0408 4600 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:32:33.0408 4600 Rasl2tp - ok 09:32:33.0564 4600 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 09:32:33.0595 4600 RasMan - ok 09:32:33.0626 4600 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:32:33.0642 4600 RasPppoe - ok 09:32:33.0798 4600 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:32:33.0813 4600 RasSstp - ok 09:32:33.0860 4600 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:32:34.0094 4600 rdbss - ok 09:32:34.0141 4600 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:32:34.0141 4600 RDPCDD - ok 09:32:34.0203 4600 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 09:32:34.0219 4600 rdpdr - ok 09:32:34.0235 4600 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:32:34.0235 4600 RDPENCDD - ok 09:32:34.0297 4600 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:32:34.0297 4600 RDPWD - ok 09:32:34.0453 4600 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:32:34.0469 4600 RemoteAccess - ok 09:32:34.0515 4600 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:32:34.0531 4600 RemoteRegistry - ok 09:32:34.0609 4600 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 09:32:34.0609 4600 RpcLocator - ok 09:32:34.0687 4600 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 09:32:34.0718 4600 RpcSs - ok 09:32:34.0781 4600 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:32:34.0796 4600 rspndr - ok 09:32:34.0859 4600 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys 09:32:34.0874 4600 RTL8169 - ok 09:32:34.0937 4600 [ B71D269B9AB5417963E986126C12B9FC ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys 09:32:34.0952 4600 RTL8187B - ok 09:32:35.0155 4600 [ 0D60B8C10A2C5E8DD620B3FDEB1CDA64 ] RtlProt C:\Windows\system32\DRIVERS\rtlprot.sys 09:32:35.0171 4600 RtlProt - ok 09:32:35.0217 4600 [ 9FF7D9CF3A5F296613588B0E8DB83AFE ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS 09:32:35.0233 4600 RTSTOR - ok 09:32:35.0280 4600 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 09:32:35.0295 4600 SamSs - ok 09:32:35.0327 4600 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:32:35.0342 4600 sbp2port - ok 09:32:35.0420 4600 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:32:35.0420 4600 SCardSvr - ok 09:32:35.0514 4600 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll 09:32:35.0545 4600 Schedule - ok 09:32:35.0592 4600 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 09:32:35.0592 4600 SCPolicySvc - ok 09:32:35.0654 4600 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:32:35.0654 4600 SDRSVC - ok 09:32:35.0732 4600 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:32:35.0732 4600 secdrv - ok 09:32:35.0779 4600 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 09:32:35.0810 4600 seclogon - ok 09:32:35.0857 4600 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll 09:32:35.0873 4600 SENS - ok 09:32:35.0935 4600 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 09:32:35.0935 4600 Serenum - ok 09:32:35.0966 4600 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 09:32:35.0966 4600 Serial - ok 09:32:35.0997 4600 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 09:32:36.0044 4600 sermouse - ok 09:32:36.0169 4600 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 09:32:36.0169 4600 SessionEnv - ok 09:32:36.0200 4600 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:32:36.0200 4600 sffdisk - ok 09:32:36.0231 4600 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:32:36.0231 4600 sffp_mmc - ok 09:32:36.0263 4600 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:32:36.0263 4600 sffp_sd - ok 09:32:36.0278 4600 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 09:32:36.0294 4600 sfloppy - ok 09:32:36.0356 4600 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:32:36.0372 4600 SharedAccess - ok 09:32:36.0434 4600 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:32:36.0450 4600 ShellHWDetection - ok 09:32:36.0465 4600 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 09:32:36.0481 4600 sisagp - ok 09:32:36.0528 4600 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 09:32:36.0528 4600 SiSRaid2 - ok 09:32:36.0559 4600 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 09:32:36.0559 4600 SiSRaid4 - ok 09:32:36.0887 4600 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 09:32:37.0043 4600 slsvc - ok 09:32:37.0136 4600 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 09:32:37.0136 4600 SLUINotify - ok 09:32:37.0183 4600 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:32:37.0183 4600 Smb - ok 09:32:37.0245 4600 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:32:37.0245 4600 SNMPTRAP - ok 09:32:37.0277 4600 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 09:32:37.0277 4600 spldr - ok 09:32:37.0339 4600 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe 09:32:37.0339 4600 Spooler - ok 09:32:37.0479 4600 [ DC490AC319C4044318F17C8E14F64364 ] sprtsvc_KPN C:\Program Files\KPN\bin\sprtsvc.exe 09:32:37.0495 4600 sprtsvc_KPN - ok 09:32:37.0557 4600 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys 09:32:37.0573 4600 srv - ok 09:32:37.0635 4600 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:32:37.0651 4600 srv2 - ok 09:32:37.0713 4600 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:32:37.0713 4600 srvnet - ok 09:32:37.0807 4600 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:32:37.0838 4600 SSDPSRV - ok 09:32:37.0916 4600 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:32:37.0916 4600 SstpSvc - ok 09:32:38.0041 4600 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 09:32:38.0057 4600 stisvc - ok 09:32:38.0150 4600 [ 97E089971A6ABA49AD5592BD6298E416 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 09:32:38.0166 4600 swenum - ok 09:32:38.0228 4600 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 09:32:38.0228 4600 swprv - ok 09:32:38.0259 4600 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 09:32:38.0259 4600 Symc8xx - ok 09:32:38.0306 4600 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 09:32:38.0306 4600 Sym_hi - ok 09:32:38.0337 4600 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 09:32:38.0353 4600 Sym_u3 - ok 09:32:38.0415 4600 [ 55F6E55CC2430CA8713387106FA79817 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 09:32:38.0415 4600 SynTP - ok 09:32:38.0509 4600 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 09:32:38.0540 4600 SysMain - ok 09:32:38.0571 4600 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:32:38.0587 4600 TabletInputService - ok 09:32:38.0634 4600 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 09:32:38.0634 4600 TapiSrv - ok 09:32:38.0681 4600 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 09:32:38.0681 4600 TBS - ok 09:32:38.0790 4600 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:32:38.0837 4600 Tcpip - ok 09:32:38.0915 4600 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 09:32:38.0930 4600 Tcpip6 - ok 09:32:39.0039 4600 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:32:39.0039 4600 tcpipreg - ok 09:32:39.0149 4600 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys 09:32:39.0149 4600 tdcmdpst - ok 09:32:39.0180 4600 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:32:39.0180 4600 TDPIPE - ok 09:32:39.0211 4600 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:32:39.0211 4600 TDTCP - ok 09:32:39.0258 4600 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:32:39.0258 4600 tdx - ok 09:32:39.0320 4600 [ CE0B5D587839614A16480D7B8395FFE9 ] TempoMonitoringService C:\Program Files\Toshiba TEMPRO\TempoSVC.exe 09:32:39.0320 4600 TempoMonitoringService - ok 09:32:39.0383 4600 [ 718B2F4355CD8EB2844741ADDAC0E622 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 09:32:39.0383 4600 TermDD - ok 09:32:39.0445 4600 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 09:32:39.0461 4600 TermService - ok 09:32:39.0617 4600 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll 09:32:39.0617 4600 Themes - ok 09:32:39.0663 4600 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 09:32:39.0663 4600 THREADORDER - ok 09:32:39.0804 4600 [ 89F74C86523F5E334628DBCE66E6D165 ] TNaviSrv C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe 09:32:39.0804 4600 TNaviSrv - ok 09:32:39.0929 4600 [ C5AC715B65B01788ABC22D10749DDDD8 ] TODDSrv C:\Windows\system32\TODDSrv.exe 09:32:39.0929 4600 TODDSrv - ok 09:32:40.0100 4600 [ DA6903958CBDC091FFCBBCA70CCFF34C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 09:32:40.0116 4600 TosCoSrv - ok 09:32:40.0163 4600 [ DCA621CE31CA604C762001883E385DF8 ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe 09:32:40.0163 4600 TOSHIBA SMART Log Service - ok 09:32:40.0225 4600 [ 4399A9BF7D8F49991A07FD86590A1619 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys 09:32:40.0241 4600 tos_sps32 - ok 09:32:40.0287 4600 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 09:32:40.0303 4600 TrkWks - ok 09:32:40.0365 4600 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:32:40.0365 4600 TrustedInstaller - ok 09:32:40.0412 4600 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:32:40.0428 4600 tssecsrv - ok 09:32:40.0475 4600 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 09:32:40.0475 4600 tunmp - ok 09:32:40.0553 4600 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:32:40.0553 4600 tunnel - ok 09:32:40.0615 4600 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS 09:32:40.0615 4600 TVALZ - ok 09:32:40.0662 4600 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 09:32:40.0662 4600 uagp35 - ok 09:32:40.0693 4600 [ C985B36E127EA9B8A92396120BFF52D8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:32:40.0709 4600 udfs - ok 09:32:40.0771 4600 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:32:40.0787 4600 UI0Detect - ok 09:32:41.0099 4600 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe 09:32:41.0114 4600 UleadBurningHelper - ok 09:32:41.0161 4600 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:32:41.0161 4600 uliagpkx - ok 09:32:41.0208 4600 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 09:32:41.0208 4600 uliahci - ok 09:32:41.0239 4600 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 09:32:41.0255 4600 UlSata - ok 09:32:41.0286 4600 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 09:32:41.0286 4600 ulsata2 - ok 09:32:41.0317 4600 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 09:32:41.0317 4600 umbus - ok 09:32:41.0379 4600 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 09:32:41.0395 4600 upnphost - ok 09:32:41.0457 4600 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 09:32:41.0457 4600 usbaudio - ok 09:32:41.0504 4600 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:32:41.0520 4600 usbccgp - ok 09:32:41.0535 4600 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:32:41.0551 4600 usbcir - ok 09:32:41.0598 4600 [ CEBE90821810E76320155BEBA722FCF9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 09:32:41.0598 4600 usbehci - ok 09:32:41.0676 4600 [ CC6B28E4CE39951357963119CE47B143 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:32:41.0676 4600 usbhub - ok 09:32:41.0707 4600 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:32:41.0707 4600 usbohci - ok 09:32:41.0738 4600 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys 09:32:41.0738 4600 usbprint - ok 09:32:41.0769 4600 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:32:41.0769 4600 USBSTOR - ok 09:32:41.0801 4600 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 09:32:41.0801 4600 usbuhci - ok 09:32:41.0832 4600 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 09:32:41.0847 4600 usbvideo - ok 09:32:41.0925 4600 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 09:32:41.0925 4600 UxSms - ok 09:32:42.0050 4600 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 09:32:42.0113 4600 vds - ok 09:32:42.0144 4600 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:32:42.0144 4600 vga - ok 09:32:42.0191 4600 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 09:32:42.0206 4600 VgaSave - ok 09:32:42.0222 4600 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 09:32:42.0237 4600 viaagp - ok 09:32:42.0269 4600 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 09:32:42.0284 4600 ViaC7 - ok 09:32:42.0315 4600 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 09:32:42.0315 4600 viaide - ok 09:32:42.0347 4600 [ BDD98BBE7323FC0975A26373D8050471 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:32:42.0362 4600 volmgr - ok 09:32:42.0393 4600 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:32:42.0409 4600 volmgrx - ok 09:32:42.0471 4600 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:32:42.0471 4600 volsnap - ok 09:32:42.0518 4600 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 09:32:42.0534 4600 vsmraid - ok 09:32:42.0627 4600 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 09:32:42.0659 4600 VSS - ok 09:32:42.0705 4600 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 09:32:42.0721 4600 W32Time - ok 09:32:42.0752 4600 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 09:32:42.0768 4600 WacomPen - ok 09:32:42.0830 4600 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 09:32:42.0830 4600 Wanarp - ok 09:32:42.0846 4600 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:32:42.0846 4600 Wanarpv6 - ok 09:32:42.0971 4600 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:32:42.0986 4600 wcncsvc - ok 09:32:43.0111 4600 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:32:43.0111 4600 WcsPlugInService - ok 09:32:43.0173 4600 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 09:32:43.0189 4600 Wd - ok 09:32:43.0267 4600 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:32:43.0283 4600 Wdf01000 - ok 09:32:43.0345 4600 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:32:43.0345 4600 WdiServiceHost - ok 09:32:43.0376 4600 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:32:43.0392 4600 WdiSystemHost - ok 09:32:43.0439 4600 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 09:32:43.0454 4600 WebClient - ok 09:32:43.0517 4600 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:32:43.0517 4600 Wecsvc - ok 09:32:43.0579 4600 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:32:43.0579 4600 wercplsupport - ok 09:32:43.0641 4600 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 09:32:43.0657 4600 WerSvc - ok 09:32:43.0719 4600 [ 0ACD399F5DB3DF1B58903CF4949AB5A8 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys 09:32:43.0735 4600 winachsf - ok 09:32:43.0829 4600 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 09:32:43.0844 4600 WinDefend - ok 09:32:43.0891 4600 WinHttpAutoProxySvc - ok 09:32:44.0078 4600 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:32:44.0094 4600 Winmgmt - ok 09:32:44.0234 4600 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 09:32:44.0281 4600 WinRM - ok 09:32:44.0375 4600 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 09:32:44.0406 4600 Wlansvc - ok 09:32:44.0468 4600 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 09:32:44.0468 4600 WmiAcpi - ok 09:32:44.0546 4600 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:32:44.0562 4600 wmiApSrv - ok 09:32:44.0687 4600 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 09:32:44.0702 4600 WMPNetworkSvc - ok 09:32:44.0765 4600 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:32:44.0765 4600 WPCSvc - ok 09:32:44.0811 4600 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:32:44.0827 4600 WPDBusEnum - ok 09:32:44.0874 4600 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 09:32:44.0889 4600 WpdUsb - ok 09:32:45.0326 4600 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 09:32:45.0420 4600 WPFFontCache_v0400 - ok 09:32:45.0467 4600 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:32:45.0482 4600 ws2ifsl - ok 09:32:45.0529 4600 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\system32\wscsvc.dll 09:32:45.0545 4600 wscsvc - ok 09:32:45.0591 4600 WSearch - ok 09:32:45.0747 4600 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 09:32:45.0794 4600 wuauserv - ok 09:32:45.0872 4600 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:32:45.0888 4600 WUDFRd - ok 09:32:45.0966 4600 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:32:45.0981 4600 wudfsvc - ok 09:32:46.0059 4600 [ DAB33CFA9DD24251AAA389FF36B64D4B ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys 09:32:46.0059 4600 XAudio - ok 09:32:46.0257 4600 [ CD5F291A1161F15896D1A4D63DAFF5DF ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe 09:32:46.0272 4600 XAudioService - ok 09:32:46.0323 4600 ================ Scan global =============================== 09:32:46.0378 4600 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 09:32:46.0466 4600 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 09:32:46.0507 4600 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 09:32:46.0573 4600 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 09:32:46.0603 4600 [Global] - ok 09:32:46.0617 4600 ================ Scan MBR ================================== 09:32:46.0641 4600 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 09:32:46.0950 4600 \Device\Harddisk0\DR0 - ok 09:32:46.0961 4600 ================ Scan VBR ================================== 09:32:47.0065 4600 [ 2BC6ACE98749DDA574BD981F01E3705F ] \Device\Harddisk0\DR0\Partition1 09:32:47.0140 4600 \Device\Harddisk0\DR0\Partition1 - ok 09:32:47.0196 4600 [ EA985AA82BE8A2AB8AB0690A033D310C ] \Device\Harddisk0\DR0\Partition2 09:32:47.0200 4600 \Device\Harddisk0\DR0\Partition2 - ok 09:32:47.0209 4600 ============================================================ 09:32:47.0210 4600 Scan finished 09:32:47.0210 4600 ============================================================ 09:32:47.0246 5956 Detected object count: 0 09:32:47.0247 5956 Actual detected object count: 0 -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
ComboFix 12-11-23.02 - iriskelly 23-11-2012 20:38:56.1.1 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.31.1043.18.1915.680 [GMT 1:00] Gestart vanuit: c:\users\iriskelly\Downloads\ComboFix.exe AV: AVG Anti-Virus Free *Disabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82} SP: AVG Anti-Virus Free *Disabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\pt c:\windows\system32\pt\toscdspd.cpl.mui . . (((((((((((((((((((( Bestanden Gemaakt van 2012-10-23 to 2012-11-23 )))))))))))))))))))))))))))))) . . 2012-11-23 19:56 . 2012-11-23 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-11-23 18:37 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FAF956CF-9C81-4BDE-AF38-C6A70BBD47B4}\mpengine.dll 2012-11-18 11:18 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-13 21:58 . 2012-11-13 22:00 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP 2012-11-13 20:59 . 2012-11-13 20:59 -------- d-----w- c:\program files\Enigma Software Group 2012-11-02 09:10 . 2012-11-02 09:10 -------- d-----w- c:\users\iriskelly\AppData\Roaming\Malwarebytes 2012-11-02 09:09 . 2012-11-02 09:09 -------- d-----w- c:\programdata\Malwarebytes 2012-11-02 09:09 . 2012-11-18 11:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-11-01 19:56 . 2012-11-01 19:57 -------- d-----w- c:\program files\Trojan Remover 2012-11-01 19:56 . 2012-11-01 19:56 -------- d-----w- c:\users\iriskelly\AppData\Roaming\Simply Super Software 2012-11-01 19:56 . 2012-11-01 19:56 -------- d-----w- c:\programdata\Simply Super Software . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\iriskelly\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\iriskelly\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2012-06-30 04:19 94208 ----a-w- c:\users\iriskelly\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472] "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-04-24 430080] "EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-03-28 3325952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-14 68856] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "NDSTray.exe"="NDSTray.exe" [bU] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-12 30192] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480] "Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Skytel"="Skytel.exe" [2007-11-20 1826816] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864] "KPN"="c:\program files\KPN\bin\sprtcmd.exe" [2008-06-06 198184] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2011-10-17 2042208] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "KPNAssistentUpdater"="c:\program files\KPN\KPN Update\KPNAssistentUpdater.exe" [2010-09-13 1964928] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "atwtusb"="atwtusb.exe" [2007-05-15 323232] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-01-15 939872] "ROC_roc_dec12"="c:\program files\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-15 928096] "LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336] . c:\users\iriskelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] Dropbox.lnk - c:\users\iriskelly\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-25 26909544] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc . Inhoud van de 'Gedeelde Taken' map . 2012-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121688333-2044271472-2189710050-1000Core.job - c:\users\iriskelly\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 16:59] . 2012-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121688333-2044271472-2189710050-1000UA.job - c:\users\iriskelly\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 16:59] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.hyves.nl mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKCU-Run-AdobeBridge - (no file) HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe AddRemove-Google Chrome - c:\users\iriskelly\AppData\Local\Google\Chrome\Application\23.0.1271.64\Installer\setup.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-11-23 20:57 Windows 6.0.6001 Service Pack 1 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . HKCU\Software\Microsoft\Windows\CurrentVersion\Run TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????i?''???P?z?x?z???z???z?? . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-3121688333-2044271472-2189710050-1000\Software\SecuROM\License information*] "datasecu"=hex:20,7f,6c,41,fa,c2,eb,ba,84,f7,6e,6b,80,9b,29,f3,4e,d5,eb,6b,6d, 47,88,c4,8b,1d,1e,00,00,38,72,8e,8b,50,5d,14,03,e6,4e,aa,f8,14,8e,17,a3,bc,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-11-23 21:01:32 ComboFix-quarantined-files.txt 2012-11-23 20:01 . Pre-Run: 5.846.040.576 bytes beschikbaar Post-Run: 7.842.263.040 bytes beschikbaar . - - End Of File - - EED629E0F982F0A2C5C291312C8773A5 -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Ja bedankt voor de aanwijzingen! Ik krijg nog wel steeds de melding dat ik de Trojan heb... -
Trojan Horse Generic 30. HEH
KellyMoosje reageerde op KellyMoosje's topic in Archief Bestrijding malware & virussen
Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.11.18.01 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 iriskelly :: PC_VAN_IRISKELL [administrator] 18-11-2012 12:26:12 mbam-log-2012-11-18 (12-26-12).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 207870 Verstreken tijd: 45 minuut/minuten, 12 seconde(n) Geheugenprocessen gedetecteerd: 2 C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> 480 -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> 1340 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 5 C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> Zal worden verwijderd tijdens het herstarten. Registersleutels gedetecteerd: 119 HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 4 HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶» äG\Ê -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 13 C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\History (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Message (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 76 C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\Windows Live\Messenger\msimg32.dll (PUP.FunWebProducts) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Zal worden verwijderd tijdens het herstarten. C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\f3hkstub.dll.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\m3SrchMn.exe.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\mwsoemon.exe.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\mwsoestb.dll.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\mwssvc.exe.vir (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:36:51, on 18-11-2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\KPN\bin\sprtcmd.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\atwtusb.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Users\iriskelly\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Windows\system32\igfxext.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\iriskelly\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hyves R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [KPNAssistentUpdater] C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [atwtusb] atwtusb.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Google Update] "C:\Users\iriskelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Users\iriskelly\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 12273 bytes -
Trojan Horse Generic 30. HEH
KellyMoosje plaatste een topic in Archief Bestrijding malware & virussen
Heey! Zoals de titel al zegt heb ik last van Trojan horse. Ik heb al op internet gezocht en meerdere scanners geprobeerd. Maar ze werkte allemaal niet. Nu heb ik Hijackthis geprobeert en dit kwam er uit: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:30:15, on 17-11-2012 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\RtHDVCpl.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\KPN\bin\sprtcmd.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\atwtusb.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE C:\Users\iriskelly\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\igfxext.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\Users\iriskelly\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\iriskelly\Downloads\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hyves.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hyves.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O1 - Hosts: ::1 localhost O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [KPN] "C:\Program Files\KPN\bin\sprtcmd.exe" /P KPN O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [KPNAssistentUpdater] C:\Program Files\KPN\KPN Update\KPNAssistentUpdater.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [atwtusb] atwtusb.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\iriskelly\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\RunOnce: [KPN Assistent Update] C:\ProgramData\UpdateKPNAssistent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Dropbox.lnk = C:\Users\iriskelly\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCxdm914YYNL O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?NL (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe O23 - Service: SupportSoft Sprocket Service (KPN) (sprtsvc_KPN) - SupportSoft, Inc. - C:\Program Files\KPN\bin\sprtsvc.exe O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 14328 bytes En natuurlijk snap ik er helemaal niets van dus ik hoop dat jullie me kunnen helpen! Alvast bedankt!
