Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

D is niet te openen/benaderbaar

None
33 antwoorden
  • Op een laptop verschijnen de meldingen:
    1. hard drive clusters are partly damaged- segment load failure
    2. windows detected a hard disk problem.

    Laptop is vervolgens niet meer op te starten. In veilige modes heb ik via systeemherstel een oude setting kunnen terughalen. Boel draait nu weer naar behoren ………………………….. behalve dan dat de D-schijf niet meer benaderbaar is. Windows verkenner geeft wel 34 GB opslag weer, Malwarebyte's en Norton 360 scannen bestanden, maar ik kan ze niet benaderen.

    Kan iemand eens even naar het volgende overzicht kijken misschien?

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 13:24:48, on 16-2-2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
    C:\Windows\SysWOW64\msiexec.exe
    C:\Users\Bert Groen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJFOBQM3\HijackThis.exe
    C:\Windows\syswow64\MsiExec.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_7715z&r=273611090425l03h4z155t48l2c82o
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_7715z&r=273611090425l03h4z155t48l2c82o
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_7715z&r=273611090425l03h4z155t48l2c82o
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\IPS\IPSBHO.DLL
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\coIEPlg.dll
    O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
    O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
    O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 11014 bytes
  • Windows geeft niet voor niks die waarschuwingen!

    [b:125693c3cf]Welk programma[/b:125693c3cf]: CrystalDiskInfo
    [b:125693c3cf]Waarvoor/waarom[/b:125693c3cf]: controle van van SMART-gegevens van de harddisk(s)
    [b:125693c3cf]Moeilijkheidsgraad[/b:125693c3cf]: geen.
    [b:125693c3cf]Download CrystalDiskInfo[/b:125693c3cf] [b:125693c3cf]hier[/b:125693c3cf]


    [img:125693c3cf]http://www.imgdumper.nl/uploads4/4df870efec9f5/4df870efeba86-CrystalDiskInfo.png[/img:125693c3cf]


    Installeer het tool en start vervolgens CrystalDiskInfo

    Het tool leest daarop de SMART-gegevens van de aangesloten harddisks.
    Is de kleur Blauw - dan volledig gezond.
    Is de kleur Geel - dan zijn er problemen.
    Is de kleur Rood - dan de HD z.s.m. vervangen.

    Bij SSD's wordt ook de gezondheidstoestand van de SSD's vermeld (Health)
  • Ga ik proberen. C en D zijn overigens partities op één en dezelfde HD ……………. C geeft geen probleem.
  • Indien er clusters kapot zijn, worden deze steeds groter en de inhoud van die kapotte clusters wordt over de rest van de HD uitgesmeerd.
    Net zolang, totdat de HD het opgeeft!
  • Uitslag = BLAUW
  • Verrassend.

    [b:1c7e546f56]Stap •1•[/b:1c7e546f56][/color:1c7e546f56]
    Sluit alle openstaande webvensters - behalve dit venster, dat je sluit voor het moment, dat je op de knop [b:1c7e546f56]Fix checked[/b:1c7e546f56] klikt!

    Start nu HijackThis middels rechtsklik met Administratorrechten (lukt dat niet ga dan naar de installatielokatie van HijackThis en start "hijackthis.exe" vervolgens met administratorrechten.)en klik op de knop [b:1c7e546f56]Do a Scan only,

    O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
    [/b:1c7e546f56]
    [list:1c7e546f56][*:1c7e546f56] zet een vinkje voor die regel(s) welke met de bovenstaande regels corresponderen
    [*:1c7e546f56] Sluit nu de webbrowser en vervolgens klik je daarna op de knop [b:1c7e546f56]Fix checked[/b:1c7e546f56]
    [*:1c7e546f56] Klik hierna HijackThis op uit.[/list:u:1c7e546f56]

    [b:1c7e546f56]Stap •2•[/b:1c7e546f56][/color:1c7e546f56]
    [b:1c7e546f56]Welk programma[/b:1c7e546f56]: [b:1c7e546f56]TDSSStarter.exe[/b:1c7e546f56]
    [b:1c7e546f56]Waarvoor/waarom[/b:1c7e546f56]: Rootkitscanner
    [b:1c7e546f56]Moeilijkheidsgraad[/b:1c7e546f56]: geen
    Download [b:1c7e546f56]TDSSStarter[/b:1c7e546f56] naar het bureaublad.
    Tijdelijk downloadlink: [b:1c7e546f56]TDSSStarter[/b:1c7e546f56]

    [b:1c7e546f56]"TDSSSStarter.exe" gebruiken[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56] [b:1c7e546f56]Sluit nu eerst alle nog openstaande programmavensters![/color:1c7e546f56][/b:1c7e546f56]
    [list:1c7e546f56][*:1c7e546f56][b:1c7e546f56]Windows 2000[/color:1c7e546f56][/b:1c7e546f56] en [b:1c7e546f56]Windows XP[/b:1c7e546f56][/color:1c7e546f56]: start het tool middels dubbelklik op "[i:1c7e546f56] TDSSStarter .exe[/i:1c7e546f56]".
    [*:1c7e546f56][b:1c7e546f56]Windows Vista[/b:1c7e546f56][/color:1c7e546f56] en [b:1c7e546f56]Windows 7[/b:1c7e546f56][/color:1c7e546f56]: start het tool middels rechtsklik op "[i:1c7e546f56]TDSSStarter.exe[/i:1c7e546f56]" en dan kiezen voor [i:1c7e546f56][b:1c7e546f56]Als Administrator uitvoeren[/b:1c7e546f56][/i:1c7e546f56].[/list:u:1c7e546f56]

    [*:1c7e546f56]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
    [*:1c7e546f56]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:1c7e546f56]


    [b:1c7e546f56]Stap •3•[/b:1c7e546f56][/color:1c7e546f56]
    [b:1c7e546f56]Welk programma[/b:1c7e546f56]: ComboFix
    [b:1c7e546f56]Waarvoor/waarom[/b:1c7e546f56]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:1c7e546f56]Moeilijkheidsgraad[/b:1c7e546f56]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:1c7e546f56]Downloadlokatie[/b:1c7e546f56]: Dit programma absoluut naar het bureaublad downloaden!
    [b:1c7e546f56]Download ComboFix via één van deze locaties[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56][b:1c7e546f56]Bleepingcomputer[/b:1c7e546f56]
    [*:1c7e546f56][b:1c7e546f56]ForoSpyware[/b:1c7e546f56]
    [*:1c7e546f56][b:1c7e546f56]Geekstogo[/b:1c7e546f56][/list:u:1c7e546f56]
    [b:1c7e546f56]Hier[/b:1c7e546f56] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:1c7e546f56]Hier[/b:1c7e546f56] en [b:1c7e546f56]hier[/b:1c7e546f56] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:1c7e546f56]Voor alle duidelijkheid nogmaals[/b:1c7e546f56]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:1c7e546f56]Opmerkingen[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:1c7e546f56]
    [b:1c7e546f56]ComboFix opstarten[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56] [b:1c7e546f56]Sluit nu eerst alle nog openstaande programmavensters![/color:1c7e546f56][/b:1c7e546f56]
    [list:1c7e546f56][*:1c7e546f56][b:1c7e546f56]Windows 2000[/color:1c7e546f56][/b:1c7e546f56] en [b:1c7e546f56]Windows XP[/b:1c7e546f56][/color:1c7e546f56]: start ComboFix.exe middels dubbelklik op ComboFix.exe.
    [*:1c7e546f56][b:1c7e546f56]Windows Vista[/b:1c7e546f56][/color:1c7e546f56] en [b:1c7e546f56]Windows 7[/b:1c7e546f56][/color:1c7e546f56]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:1c7e546f56][b:1c7e546f56]Als Administrator uitvoeren[/b:1c7e546f56][/i:1c7e546f56].[/list:u:1c7e546f56][/list:u:1c7e546f56]
    [b:1c7e546f56]ComboFix is opgestart[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:1c7e546f56]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:1c7e546f56]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:1c7e546f56]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:1c7e546f56]Post de inhoud van dit logbestand in je volgende bericht.
    [*:1c7e546f56]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:1c7e546f56]
    [b:1c7e546f56]Belangrijke opmerking[/b:1c7e546f56]:
    [list:1c7e546f56][*:1c7e546f56][b:1c7e546f56]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:1c7e546f56][/b:1c7e546f56]
    [*:1c7e546f56][b:1c7e546f56]Illegal operation attempted on a registery key that has been marked for deletion.[/color:1c7e546f56][/b:1c7e546f56]
    [*:1c7e546f56][b:1c7e546f56]Start dan de computer opnieuw op.[/color:1c7e546f56][/b:1c7e546f56][/list:u:1c7e546f56]

    [b:1c7e546f56]Stap •4•[/b:1c7e546f56][/color:1c7e546f56]
    [b:1c7e546f56]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:1c7e546f56]
    [list:1c7e546f56][*:1c7e546f56] TDSSKStarter-log
    [*:1c7e546f56] ComboFix.txt-log
    [/list:u:1c7e546f56]
  • Zo … duurt even, maar dan heb je ook wat:

    19:38:19.0736 4184 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
    19:38:19.0736 4184 ============================================================
    19:38:19.0736 4184 Current date / time: 2012/02/16 19:38:19.0736
    19:38:19.0736 4184 SystemInfo:
    19:38:19.0736 4184
    19:38:19.0736 4184 OS Version: 6.1.7601 ServicePack: 1.0
    19:38:19.0736 4184 Product type: Workstation
    19:38:19.0736 4184 ComputerName: BERTGROEN-PC
    19:38:19.0736 4184 UserName: Bert Groen
    19:38:19.0736 4184 Windows directory: C:\Windows
    19:38:19.0736 4184 System windows directory: C:\Windows
    19:38:19.0736 4184 Running under WOW64
    19:38:19.0736 4184 Processor architecture: Intel x64
    19:38:19.0736 4184 Number of processors: 2
    19:38:19.0736 4184 Page size: 0x1000
    19:38:19.0736 4184 Boot type: Normal boot
    19:38:19.0736 4184 ============================================================
    19:38:28.0550 4184 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    19:38:28.0596 4184 Drive \Device\Harddisk1\DR6 - Size: 0x3C780000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
    19:38:28.0612 4184 \Device\Harddisk0\DR0:
    19:38:28.0643 4184 MBR used
    19:38:28.0643 4184 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
    19:38:28.0643 4184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0xDEE4A44
    19:38:28.0706 4184 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF71A800, BlocksNum 0xDAAA800
    19:38:28.0706 4184 \Device\Harddisk1\DR6:
    19:38:28.0706 4184 MBR used
    19:38:28.0706 4184 \Device\Harddisk1\DR6\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x1E3BC1
    19:38:29.0236 4184 Initialize success
    19:38:29.0236 4184 ============================================================
    19:38:29.0267 4228 ============================================================
    19:38:29.0267 4228 Scan started
    19:38:29.0267 4228 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    19:38:29.0267 4228 ============================================================
    19:38:36.0428 4228 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    19:38:37.0130 4228 1394ohci - ok
    19:38:38.0066 4228 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    19:38:38.0081 4228 ACPI - ok
    19:38:38.0830 4228 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    19:38:39.0236 4228 AcpiPmi - ok
    19:38:40.0796 4228 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    19:38:40.0858 4228 adp94xx - ok
    19:38:42.0012 4228 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    19:38:42.0090 4228 adpahci - ok
    19:38:43.0058 4228 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    19:38:43.0120 4228 adpu320 - ok
    19:38:44.0118 4228 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
    19:38:44.0290 4228 AFD - ok
    19:38:45.0164 4228 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    19:38:45.0195 4228 agp440 - ok
    19:38:46.0271 4228 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    19:38:46.0318 4228 aliide - ok
    19:38:47.0535 4228 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    19:38:47.0597 4228 amdide - ok
    19:38:49.0032 4228 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    19:38:49.0454 4228 AmdK8 - ok
    19:38:50.0686 4228 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    19:38:50.0920 4228 AmdPPM - ok
    19:38:52.0106 4228 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    19:38:52.0121 4228 amdsata - ok
    19:38:53.0026 4228 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    19:38:53.0120 4228 amdsbs - ok
    19:38:53.0962 4228 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    19:38:54.0056 4228 amdxata - ok
    19:38:55.0257 4228 ApfiltrService (c79c86a0395689045710e24d64e5e086) C:\Windows\system32\DRIVERS\Apfiltr.sys
    19:38:56.0708 4228 ApfiltrService - ok
    19:38:57.0534 4228 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    19:39:04.0008 4228 AppID - ok
    19:39:05.0116 4228 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    19:39:05.0163 4228 arc - ok
    19:39:06.0177 4228 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    19:39:06.0208 4228 arcsas - ok
    19:39:07.0300 4228 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    19:39:14.0211 4228 AsyncMac - ok
    19:39:15.0194 4228 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    19:39:15.0240 4228 atapi - ok
    19:39:17.0409 4228 athr (e8e1ae3caa4c7286d40715336d8a11d4) C:\Windows\system32\DRIVERS\athrx.sys
    19:39:17.0690 4228 athr - ok
    19:39:19.0140 4228 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    19:39:19.0421 4228 b06bdrv - ok
    19:39:20.0373 4228 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    19:39:20.0560 4228 b57nd60a - ok
    19:39:22.0526 4228 BCM43XX (fb4fda64f2e8552eaeb5986c3f34462c) C:\Windows\system32\DRIVERS\bcmwl664.sys
    19:39:22.0635 4228 BCM43XX - ok
    19:39:23.0555 4228 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    19:39:23.0758 4228 Beep - ok
    19:39:25.0802 4228 BHDrvx64 (1d757a7e020c577c4259a755f21b7152) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys
    19:39:25.0911 4228 BHDrvx64 - ok
    19:39:26.0722 4228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    19:39:26.0847 4228 blbdrive - ok
    19:39:27.0954 4228 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    19:39:28.0048 4228 bowser - ok
    19:39:28.0594 4228 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    19:39:29.0249 4228 BrFiltLo - ok
    19:39:29.0936 4228 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    19:39:30.0045 4228 BrFiltUp - ok
    19:39:30.0887 4228 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    19:39:31.0152 4228 Brserid - ok
    19:39:32.0073 4228 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    19:39:32.0198 4228 BrSerWdm - ok
    19:39:32.0853 4228 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    19:39:32.0993 4228 BrUsbMdm - ok
    19:39:33.0836 4228 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    19:39:33.0960 4228 BrUsbSer - ok
    19:39:34.0631 4228 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    19:39:34.0740 4228 BTHMODEM - ok
    19:39:35.0770 4228 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    19:39:35.0926 4228 cdfs - ok
    19:39:36.0940 4228 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    19:39:37.0158 4228 cdrom - ok
    19:39:38.0188 4228 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    19:39:38.0406 4228 circlass - ok
    19:39:39.0280 4228 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    19:39:39.0420 4228 CLFS - ok
    19:39:40.0824 4228 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    19:39:40.0856 4228 CmBatt - ok
    19:39:41.0714 4228 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    19:39:41.0807 4228 cmdide - ok
    19:39:42.0884 4228 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    19:39:43.0118 4228 CNG - ok
    19:39:44.0116 4228 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    19:39:44.0194 4228 Compbatt - ok
    19:39:45.0177 4228 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    19:39:45.0380 4228 CompositeBus - ok
    19:39:46.0394 4228 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    19:39:46.0472 4228 crcdisk - ok
    19:39:47.0782 4228 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    19:39:47.0923 4228 DfsC - ok
    19:39:48.0905 4228 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    19:39:49.0046 4228 discache - ok
    19:39:49.0982 4228 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    19:39:50.0013 4228 Disk - ok
    19:39:50.0153 4228 DKbFltr - ok
    19:39:51.0199 4228 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    19:39:51.0323 4228 drmkaud - ok
    19:39:52.0571 4228 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    19:39:52.0665 4228 DXGKrnl - ok
    19:39:54.0350 4228 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    19:39:54.0537 4228 ebdrv - ok
    19:39:55.0660 4228 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    19:39:55.0723 4228 eeCtrl - ok
    19:39:56.0846 4228 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    19:39:56.0924 4228 elxstor - ok
    19:39:57.0875 4228 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    19:39:57.0891 4228 EraserUtilRebootDrv - ok
    19:39:58.0733 4228 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    19:39:58.0905 4228 ErrDev - ok
    19:39:59.0701 4228 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    19:39:59.0872 4228 exfat - ok
    19:40:00.0621 4228 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    19:40:00.0808 4228 fastfat - ok
    19:40:01.0541 4228 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    19:40:01.0635 4228 fdc - ok
    19:40:02.0477 4228 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    19:40:02.0555 4228 FileInfo - ok
    19:40:03.0429 4228 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    19:40:03.0554 4228 Filetrace - ok
    19:40:04.0381 4228 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    19:40:04.0505 4228 flpydisk - ok
    19:40:05.0488 4228 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    19:40:05.0566 4228 FltMgr - ok
    19:40:06.0315 4228 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    19:40:06.0409 4228 FsDepends - ok
    19:40:07.0313 4228 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    19:40:07.0345 4228 fssfltr - ok
    19:40:08.0265 4228 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
    19:40:08.0312 4228 Fs_Rec - ok
    19:40:09.0139 4228 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    19:40:09.0185 4228 fvevol - ok
    19:40:09.0934 4228 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    19:40:09.0965 4228 gagp30kx - ok
    19:40:10.0745 4228 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    19:40:10.0855 4228 GEARAspiWDM - ok
    19:40:12.0649 4228 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    19:40:12.0883 4228 hcw85cir - ok
    19:40:14.0006 4228 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    19:40:14.0162 4228 HdAudAddService - ok
    19:40:15.0160 4228 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    19:40:15.0316 4228 HDAudBus - ok
    19:40:16.0096 4228 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    19:40:16.0237 4228 HidBatt - ok
    19:40:17.0017 4228 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    19:40:17.0188 4228 HidBth - ok
    19:40:17.0953 4228 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    19:40:18.0062 4228 HidIr - ok
    19:40:18.0811 4228 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
    19:40:18.0904 4228 HidUsb - ok
    19:40:19.0700 4228 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    19:40:19.0715 4228 HpSAMD - ok
    19:40:20.0527 4228 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    19:40:20.0745 4228 HTTP - ok
    19:40:21.0634 4228 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    19:40:21.0697 4228 hwpolicy - ok
    19:40:22.0523 4228 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    19:40:22.0570 4228 i8042prt - ok
    19:40:23.0600 4228 iaStor (8180a2392e732e8871589b54fab6991f) C:\Windows\system32\DRIVERS\iaStor.sys
    19:40:23.0631 4228 iaStor - ok
    19:40:24.0926 4228 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    19:40:24.0957 4228 iaStorV - ok
    19:40:26.0564 4228 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120215.002\IDSvia64.sys
    19:40:26.0657 4228 IDSVia64 - ok
    19:40:30.0433 4228 igfx (2d18c9e1f23970de32d78d3b1cdda0a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
    19:40:30.0838 4228 igfx - ok
    19:40:31.0509 4228 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    19:40:31.0681 4228 iirsp - ok
    19:40:34.0005 4228 IntcAzAudAddService (f2744fd54be1580be05916d1c755c92a) C:\Windows\system32\drivers\RTKVHD64.sys
    19:40:34.0333 4228 IntcAzAudAddService - ok
    19:40:34.0925 4228 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    19:40:34.0988 4228 intelide - ok
    19:40:35.0612 4228 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    19:40:35.0768 4228 intelppm - ok
    19:40:36.0392 4228 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    19:40:36.0501 4228 IpFilterDriver - ok
    19:40:37.0125 4228 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    19:40:37.0234 4228 IPMIDRV - ok
    19:40:37.0874 4228 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    19:40:37.0967 4228 IPNAT - ok
    19:40:38.0779 4228 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    19:40:39.0153 4228 IRENUM - ok
    19:40:39.0777 4228 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    19:40:39.0855 4228 isapnp - ok
    19:40:40.0573 4228 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    19:40:40.0666 4228 iScsiPrt - ok
    19:40:41.0290 4228 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    19:40:41.0462 4228 kbdclass - ok
    19:40:42.0086 4228 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    19:40:42.0304 4228 kbdhid - ok
    19:40:42.0913 4228 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    19:40:42.0944 4228 KSecDD - ok
    19:40:43.0396 4228 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    19:40:43.0412 4228 KSecPkg - ok
    19:40:44.0051 4228 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    19:40:44.0129 4228 ksthunk - ok
    19:40:44.0948 4228 L1C (fc010c7814ddac17389a7d87ea2ebb39) C:\Windows\system32\DRIVERS\L1C62x64.sys
    19:40:44.0979 4228 L1C - ok
    19:40:46.0055 4228 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
    19:40:46.0086 4228 LHidFilt - ok
    19:40:47.0116 4228 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    19:40:54.0074 4228 lltdio - ok
    19:40:54.0900 4228 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
    19:40:54.0932 4228 LMouFilt - ok
    19:40:55.0602 4228 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    19:40:55.0634 4228 LSI_FC - ok
    19:40:56.0460 4228 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    19:40:56.0616 4228 LSI_SAS - ok
    19:40:57.0287 4228 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    19:40:57.0334 4228 LSI_SAS2 - ok
    19:40:57.0942 4228 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    19:40:57.0974 4228 LSI_SCSI - ok
    19:40:58.0722 4228 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    19:40:58.0878 4228 luafv - ok
    19:40:59.0814 4228 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
    19:40:59.0846 4228 MBAMProtector - ok
    19:41:01.0156 4228 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    19:41:01.0234 4228 megasas - ok
    19:41:02.0186 4228 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    19:41:02.0217 4228 MegaSR - ok
    19:41:03.0449 4228 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    19:41:03.0653 4228 Modem - ok
    19:41:04.0402 4228 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    19:41:04.0464 4228 monitor - ok
    19:41:05.0182 4228 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
    19:41:05.0229 4228 mouclass - ok
    19:41:06.0274 4228 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    19:41:06.0383 4228 mouhid - ok
    19:41:07.0163 4228 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    19:41:07.0272 4228 mountmgr - ok
    19:41:07.0990 4228 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    19:41:08.0005 4228 mpio - ok
    19:41:08.0817 4228 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    19:41:08.0941 4228 mpsdrv - ok
    19:41:09.0612 4228 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    19:41:10.0891 4228 MRxDAV - ok
    19:41:11.0718 4228 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    19:41:11.0859 4228 mrxsmb - ok
    19:41:12.0935 4228 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    19:41:13.0107 4228 mrxsmb10 - ok
    19:41:14.0089 4228 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    19:41:14.0136 4228 mrxsmb20 - ok
    19:41:15.0571 4228 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    19:41:15.0587 4228 msahci - ok
    19:41:16.0273 4228 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    19:41:16.0289 4228 msdsm - ok
    19:41:16.0897 4228 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    19:41:16.0960 4228 Msfs - ok
    19:41:17.0537 4228 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    19:41:17.0662 4228 mshidkmdf - ok
    19:41:18.0301 4228 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    19:41:18.0333 4228 msisadrv - ok
    19:41:18.0988 4228 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    19:41:19.0081 4228 MSKSSRV - ok
    19:41:19.0971 4228 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    19:41:20.0095 4228 MSPCLOCK - ok
    19:41:20.0688 4228 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    19:41:20.0813 4228 MSPQM - ok
    19:41:21.0468 4228 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    19:41:21.0515 4228 MsRPC - ok
    19:41:22.0155 4228 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    19:41:22.0170 4228 mssmbios - ok
    19:41:22.0888 4228 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    19:41:23.0075 4228 MSTEE - ok
    19:41:23.0715 4228 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    19:41:23.0824 4228 MTConfig - ok
    19:41:24.0417 4228 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    19:41:24.0463 4228 Mup - ok
    19:41:25.0072 4228 mwlPSDFilter (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
    19:41:25.0150 4228 mwlPSDFilter - ok
    19:41:25.0821 4228 mwlPSDNServ (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
    19:41:25.0852 4228 mwlPSDNServ - ok
    19:41:26.0507 4228 mwlPSDVDisk (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
    19:41:26.0538 4228 mwlPSDVDisk - ok
    19:41:27.0833 4228 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS
    wifi.sys
    19:41:27.0927 4228 NativeWifiP - ok
    19:41:29.0315 4228 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120216.004\ENG64.SYS
    19:41:29.0331 4228 NAVENG - ok
    19:41:31.0390 4228 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120216.004\EX64.SYS
    19:41:31.0483 4228 NAVEX15 - ok
    19:41:32.0451 4228 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers
    dis.sys
    19:41:32.0497 4228 NDIS - ok
    19:41:33.0059 4228 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS
    discap.sys
    19:41:33.0199 4228 NdisCap - ok
    19:41:33.0901 4228 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS
    distapi.sys
    19:41:34.0089 4228 NdisTapi - ok
    19:41:34.0993 4228 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS
    disuio.sys
    19:41:35.0149 4228 Ndisuio - ok
    19:41:35.0883 4228 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS
    diswan.sys
    19:41:36.0008 4228 NdisWan - ok
    19:41:36.0756 4228 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    19:41:36.0912 4228 NDProxy - ok
    19:41:37.0599 4228 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS
    etbios.sys
    19:41:37.0724 4228 NetBIOS - ok
    19:41:38.0504 4228 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS
    etbt.sys
    19:41:38.0613 4228 NetBT - ok
    19:41:39.0207 4228 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS
    frd960.sys
    19:41:39.0238 4228 nfrd960 - ok
    19:41:39.0971 4228 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    19:41:40.0080 4228 Npfs - ok
    19:41:40.0798 4228 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers
    siproxy.sys
    19:41:40.0860 4228 nsiproxy - ok
    19:41:42.0405 4228 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    19:41:42.0498 4228 Ntfs - ok
    19:41:43.0091 4228 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
    19:41:43.0122 4228 NTIDrvr - ok
    19:41:43.0933 4228 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    19:41:44.0152 4228 Null - ok
    19:41:45.0025 4228 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers
    vraid.sys
    19:41:45.0057 4228 nvraid - ok
    19:41:45.0899 4228 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers
    vstor.sys
    19:41:45.0915 4228 nvstor - ok
    19:41:46.0601 4228 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers
    v_agp.sys
    19:41:46.0632 4228 nv_agp - ok
    19:41:47.0490 4228 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    19:41:47.0553 4228 ohci1394 - ok
    19:41:48.0270 4228 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    19:41:48.0333 4228 Parport - ok
    19:41:48.0925 4228 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    19:41:48.0957 4228 partmgr - ok
    19:41:49.0674 4228 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    19:41:49.0721 4228 pci - ok
    19:41:50.0439 4228 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    19:41:50.0485 4228 pciide - ok
    19:41:51.0078 4228 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    19:41:51.0109 4228 pcmcia - ok
    19:41:51.0936 4228 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    19:41:51.0983 4228 pcw - ok
    19:41:52.0857 4228 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    19:41:52.0966 4228 PEAUTH - ok
    19:41:53.0808 4228 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    19:41:53.0902 4228 PptpMiniport - ok
    19:41:54.0541 4228 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    19:41:54.0619 4228 Processor - ok
    19:41:55.0337 4228 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    19:41:55.0555 4228 Psched - ok
    19:41:56.0819 4228 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    19:41:56.0975 4228 ql2300 - ok
    19:41:57.0708 4228 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    19:41:57.0739 4228 ql40xx - ok
    19:41:58.0317 4228 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    19:41:58.0379 4228 QWAVEdrv - ok
    19:41:58.0987 4228 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    19:41:59.0097 4228 RasAcd - ok
    19:41:59.0861 4228 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    19:41:59.0955 4228 RasAgileVpn - ok
    19:42:00.0657 4228 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    19:42:00.0766 4228 Rasl2tp - ok
    19:42:01.0624 4228 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    19:42:01.0795 4228 RasPppoe - ok
    19:42:02.0419 4228 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    19:42:02.0497 4228 RasSstp - ok
    19:42:03.0324 4228 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    19:42:03.0433 4228 rdbss - ok
    19:42:03.0964 4228 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    19:42:04.0026 4228 rdpbus - ok
    19:42:04.0713 4228 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    19:42:04.0791 4228 RDPCDD - ok
    19:42:05.0539 4228 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    19:42:05.0602 4228 RDPENCDD - ok
    19:42:06.0397 4228 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    19:42:06.0475 4228 RDPREFMP - ok
    19:42:07.0162 4228 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
    19:42:07.0224 4228 RDPWD - ok
    19:42:07.0739 4228 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    19:42:07.0770 4228 rdyboost - ok
    19:42:08.0316 4228 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    19:42:08.0410 4228 rspndr - ok
    19:42:09.0205 4228 RSUSBSTOR (fb39af63d6617f028ba0ebc21b83360d) C:\Windows\system32\Drivers\RtsUStor.sys
    19:42:09.0408 4228 RSUSBSTOR - ok
    19:42:10.0032 4228 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    19:42:10.0048 4228 sbp2port - ok
    19:42:10.0719 4228 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    19:42:10.0843 4228 scfilter - ok
    19:42:11.0577 4228 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    19:42:11.0670 4228 secdrv - ok
    19:42:12.0232 4228 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    19:42:12.0279 4228 Serenum - ok
    19:42:12.0981 4228 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    19:42:13.0059 4228 Serial - ok
    19:42:13.0745 4228 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    19:42:13.0823 4228 sermouse - ok
    19:42:14.0385 4228 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    19:42:14.0525 4228 sffdisk - ok
    19:42:15.0024 4228 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    19:42:15.0087 4228 sffp_mmc - ok
    19:42:15.0913 4228 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    19:42:16.0007 4228 sffp_sd - ok
    19:42:16.0725 4228 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    19:42:16.0756 4228 sfloppy - ok
    19:42:17.0442 4228 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    19:42:17.0489 4228 SiSRaid2 - ok
    19:42:18.0238 4228 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    19:42:18.0285 4228 SiSRaid4 - ok
    19:42:19.0033 4228 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    19:42:19.0408 4228 Smb - ok
    19:42:20.0094 4228 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    19:42:20.0141 4228 spldr - ok
    19:42:21.0514 4228 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\N360x64\0502000.00D\SRTSP64.SYS
    19:42:21.0592 4228 SRTSP - ok
    19:42:22.0575 4228 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\N360x64\0502000.00D\SRTSPX64.SYS
    19:42:22.0606 4228 SRTSPX - ok
    19:42:23.0448 4228 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    19:42:23.0557 4228 srv - ok
    19:42:24.0228 4228 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    19:42:24.0369 4228 srv2 - ok
    19:42:24.0930 4228 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    19:42:25.0008 4228 srvnet - ok
    19:42:25.0710 4228 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    19:42:25.0773 4228 stexstor - ok
    19:42:26.0428 4228 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    19:42:26.0475 4228 swenum - ok
    19:42:27.0551 4228 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS
    19:42:27.0645 4228 SymDS - ok
    19:42:28.0830 4228 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS
    19:42:28.0924 4228 SymEFA - ok
    19:42:29.0907 4228 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    19:42:30.0000 4228 SymEvent - ok
    19:42:30.0921 4228 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS
    19:42:30.0999 4228 SymIRON - ok
    19:42:32.0106 4228 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS
    19:42:32.0309 4228 SymNetS - ok
    19:42:33.0713 4228 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    19:42:33.0822 4228 Tcpip - ok
    19:42:35.0351 4228 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    19:42:35.0382 4228 TCPIP6 - ok
    19:42:36.0193 4228 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    19:42:36.0287 4228 tcpipreg - ok
    19:42:37.0067 4228 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    19:42:37.0207 4228 TDPIPE - ok
    19:42:37.0847 4228 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
    19:42:37.0925 4228 TDTCP - ok
    19:42:38.0455 4228 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    19:42:38.0518 4228 tdx - ok
    19:42:39.0220 4228 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    19:42:39.0267 4228 TermDD - ok
    19:42:40.0140 4228 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    19:42:40.0234 4228 tssecsrv - ok
    19:42:40.0889 4228 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    19:42:41.0029 4228 TsUsbFlt - ok
    19:42:41.0731 4228 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
    19:42:41.0747 4228 TuneUpUtilitiesDrv - ok
    19:42:42.0340 4228 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    19:42:42.0433 4228 tunnel - ok
    19:42:43.0089 4228 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    19:42:43.0135 4228 uagp35 - ok
    19:42:43.0759 4228 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
    19:42:43.0791 4228 UBHelper - ok
    19:42:44.0539 4228 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    19:42:44.0680 4228 udfs - ok
    19:42:45.0429 4228 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    19:42:45.0460 4228 uliagpkx - ok
    19:42:46.0053 4228 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    19:42:46.0099 4228 umbus - ok
    19:42:46.0848 4228 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    19:42:46.0911 4228 UmPass - ok
    19:42:47.0301 4228 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    19:42:47.0441 4228 USBAAPL64 - ok
    19:42:47.0550 4228 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    19:42:47.0644 4228 usbccgp - ok
    19:42:47.0691 4228 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    19:42:47.0753 4228 usbcir - ok
    19:42:47.0925 4228 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    19:42:48.0034 4228 usbehci - ok
    19:42:48.0330 4228 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    19:42:48.0408 4228 usbhub - ok
    19:42:48.0517 4228 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
    19:42:48.0580 4228 usbohci - ok
    19:42:48.0736 4228 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    19:42:48.0798 4228 usbprint - ok
    19:42:48.0861 4228 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    19:42:48.0939 4228 usbscan - ok
    19:42:49.0001 4228 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    19:42:49.0126 4228 USBSTOR - ok
    19:42:49.0251 4228 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    19:42:49.0469 4228 usbuhci - ok
    19:42:50.0218 4228 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
    19:42:50.0296 4228 usbvideo - ok
    19:42:50.0998 4228 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    19:42:51.0045 4228 vdrvroot - ok
    19:42:51.0544 4228 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    19:42:51.0591 4228 vga - ok
    19:42:52.0152 4228 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    19:42:52.0230 4228 VgaSave - ok
    19:42:52.0792 4228 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    19:42:52.0807 4228 vhdmp - ok
    19:42:53.0525 4228 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    19:42:53.0603 4228 viaide - ok
    19:42:54.0258 4228 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    19:42:54.0305 4228 volmgr - ok
    19:42:54.0976 4228 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    19:42:55.0023 4228 volmgrx - ok
    19:42:55.0522 4228 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    19:42:55.0553 4228 volsnap - ok
    19:42:56.0208 4228 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    19:42:56.0239 4228 vsmraid - ok
    19:42:56.0957 4228 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
    19:42:57.0082 4228 vwifibus - ok
    19:42:57.0737 4228 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
    19:42:57.0815 4228 vwififlt - ok
    19:42:58.0408 4228 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    19:42:58.0470 4228 WacomPen - ok
    19:42:59.0125 4228 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:42:59.0203 4228 WANARP - ok
    19:42:59.0297 4228 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    19:42:59.0328 4228 Wanarpv6 - ok
    19:43:00.0015 4228 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    19:43:00.0061 4228 Wd - ok
    19:43:00.0888 4228 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    19:43:00.0982 4228 Wdf01000 - ok
    19:43:01.0606 4228 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    19:43:01.0668 4228 WfpLwf - ok
    19:43:02.0245 4228 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    19:43:02.0292 4228 WIMMount - ok
    19:43:03.0119 4228 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    19:43:03.0291 4228 WinUsb - ok
    19:43:04.0008 4228 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    19:43:04.0086 4228 WmiAcpi - ok
    19:43:05.0038 4228 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    19:43:05.0178 4228 ws2ifsl - ok
    19:43:05.0896 4228 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    19:43:05.0974 4228 WudfPf - ok
    19:43:06.0738 4228 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    19:43:06.0879 4228 WUDFRd - ok
    19:43:06.0988 4228 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    19:43:15.0053 4228 \Device\Harddisk0\DR0 - ok
    19:43:15.0053 4228 MBR (0x1B8) (64f82c03c8d3785a7007db9840da5a8e) \Device\Harddisk1\DR6
    19:43:15.0365 4228 \Device\Harddisk1\DR6 - ok
    19:43:15.0427 4228 Boot (0x1200) (c5c2cbcf84451ef1ab544031ae942fe8) \Device\Harddisk0\DR0\Partition0
    19:43:15.0630 4228 \Device\Harddisk0\DR0\Partition0 - ok
    19:43:15.0677 4228 Boot (0x1200) (3ad980bbf1964e453234938613f1eda9) \Device\Harddisk0\DR0\Partition1
    19:43:15.0864 4228 \Device\Harddisk0\DR0\Partition1 - ok
    19:43:15.0958 4228 Boot (0x1200) (3fce3636f94549fc5fe161a8a6eb18c0) \Device\Harddisk0\DR0\Partition2
    19:43:16.0067 4228 \Device\Harddisk0\DR0\Partition2 - ok
    19:43:16.0067 4228 Boot (0x1200) (fc46ff570d0a24da4b3ec1d3862e2dcd) \Device\Harddisk1\DR6\Partition0
    19:43:16.0067 4228 \Device\Harddisk1\DR6\Partition0 - ok
    19:43:16.0067 4228 ============================================================
    19:43:16.0067 4228 Scan finished
    19:43:16.0067 4228 ============================================================
    19:43:17.0253 3364 Deinitialize success

    ==============================================
    Last Created System Restore Point
    ==============================================
    RP625: 16-2-2012 13:24:29 - Installed HiJackThis
    ==============================================
    EOF





    ComboFix 12-02-16.02 - Bert Groen 16-02-2012 19:51:15.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3002.1597 [GMT 1:00]
    Gestart vanuit: c:\users\Bert Groen\Desktop\ComboFix.exe
    AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Common Files\Acer GameZone online.ico
    c:\programdata\~7QTQtCRQmcDZKJ
    c:\programdata\~7QTQtCRQmcDZKJr
    c:\programdata\7QTQtCRQmcDZKJ
    c:\users\Bert Groen\AppData\Roaming\.#
    c:\windows\system32\GroupPolicy\Machine\Registry.pol
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-01-16 to 2012-02-16 ))))))))))))))))))))))))))))))
    .
    .
    2012-02-16 19:09 . 2012-02-16 19:09 ——– d—–w- c:\users\Default\AppData\Local\temp
    2012-02-16 18:38 . 2012-02-16 18:43 ——– d—–w- C:\TDSSStarter
    2012-02-16 18:15 . 2012-02-16 18:16 ——– d—–w- c:\program files (x86)\CrystalDiskInfo
    2012-02-16 12:44 . 2012-02-16 12:44 414368 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-02-16 12:27 . 2012-02-16 12:27 ——– d—–w- c:\users\Bert Groen\AppData\Roaming\Malwarebytes
    2012-02-16 12:26 . 2012-02-16 12:26 ——– d—–w- c:\programdata\Malwarebytes
    2012-02-16 12:26 . 2011-07-06 18:52 41272 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2012-02-16 12:26 . 2012-02-16 12:28 ——– d—–w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-02-16 12:26 . 2011-12-10 14:24 23152 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-02-16 12:25 . 2012-02-16 12:25 388096 —-a-r- c:\users\Bert Groen\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-02-16 12:25 . 2012-02-16 12:25 ——– d—–w- c:\program files (x86)\Trend Micro
    2012-02-15 21:53 . 2012-02-15 21:53 ——– d—–w- c:\program files\iTunes
    2012-02-15 21:53 . 2012-02-15 21:53 ——– d—–w- c:\program files (x86)\iTunes
    2012-02-15 21:53 . 2012-02-15 21:53 ——– d—–w- c:\program files\iPod
    2012-02-15 21:46 . 2011-11-17 06:35 340992 —-a-w- c:\windows\system32\schannel.dll
    2012-02-15 21:46 . 2011-11-17 06:49 95600 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-02-15 21:46 . 2011-11-17 06:49 152432 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-02-15 21:46 . 2011-11-17 06:44 459232 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-02-15 21:46 . 2011-11-17 06:35 395776 —-a-w- c:\windows\system32\webio.dll
    2012-02-15 21:46 . 2011-11-17 06:35 1447936 —-a-w- c:\windows\system32\lsasrv.dll
    2012-02-15 21:46 . 2011-11-17 06:33 31232 —-a-w- c:\windows\system32\lsass.exe
    2012-02-15 21:46 . 2011-11-17 05:35 314880 —-a-w- c:\windows\SysWow64\webio.dll
    2012-02-15 21:46 . 2011-11-17 05:34 224768 —-a-w- c:\windows\SysWow64\schannel.dll
    2012-02-15 21:46 . 2011-11-17 06:35 28160 —-a-w- c:\windows\system32\secur32.dll
    2012-02-15 21:46 . 2011-11-17 05:34 22016 —-a-w- c:\windows\SysWow64\secur32.dll
    2012-02-15 21:42 . 2010-08-21 04:59 34152 —-a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
    2012-02-15 21:42 . 2012-02-15 21:51 ——– d—–w- c:\program files\Symantec
    2012-02-15 21:42 . 2012-02-15 21:50 174200 —-a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
    2012-02-15 21:42 . 2012-02-15 21:42 ——– d—–w- c:\program files\Common Files\Symantec Shared
    2012-02-15 21:41 . 2012-02-15 22:05 ——– d—–w- c:\windows\system32\drivers\N360x64
    2012-02-15 21:41 . 2012-02-15 21:41 ——– d—–w- c:\program files (x86)\Norton 360
    2012-02-15 21:40 . 2012-02-15 21:40 ——– d—–w- c:\program files (x86)\NortonInstaller
    2012-02-15 21:33 . 2012-02-15 21:33 ——– d—–w- c:\users\Bert Groen\AppData\Roaming\Tific
    2012-02-15 21:33 . 2012-02-15 21:33 ——– d—–w- c:\users\Bert Groen\AppData\Local\Symantec
    2012-02-15 21:32 . 2012-01-06 05:15 8602168 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F42CE71-6467-4D99-9096-8AD8D76153EF}\mpengine.dll
    2012-02-07 19:22 . 2012-02-07 19:22 ——– d—–we c:\windows\system64
    2012-01-29 00:04 . 2011-11-17 06:35 29184 —-a-w- c:\windows\system32\sspisrv.dll
    2012-01-29 00:04 . 2011-11-17 06:35 136192 —-a-w- c:\windows\system32\sspicli.dll
    2012-01-29 00:04 . 2011-11-17 05:28 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
    2012-01-17 22:46 . 2012-02-15 21:39 ——– d—–w- c:\program files (x86)\McAfee Security Scan
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-07 09:39 . 2009-11-22 13:23 279096 —-a-w- c:\windows\system32\MpSigStub.exe
    2011-12-05 07:43 . 2011-11-20 10:51 18960 —-a-w- c:\windows\system32\drivers\LNonPnP.sys
    2011-12-01 23:00 . 2009-11-23 19:41 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
    2011-12-01 23:00 . 2009-11-23 19:41 882496 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-11-27 14:43 . 2009-11-25 19:00 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
    2011-11-25 16:18 . 2009-11-25 19:00 882496 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2011-11-24 04:52 . 2011-12-14 16:47 3145216 —-a-w- c:\windows\system32\win32k.sys
    2011-11-20 10:52 . 2011-11-20 10:52 53248 —-a-r- c:\users\Bert Groen\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2011-11-19 14:58 . 2012-01-11 16:31 77312 —-a-w- c:\windows\system32\packager.dll
    2011-11-19 14:01 . 2012-01-11 16:31 67072 —-a-w- c:\windows\SysWow64\packager.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-08-06 17:18 120104 —-a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-03 39408]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 135664]
    R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502000.00D\SYMDS64.SYS [x]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502000.00D\SYMEFA64.SYS [x]
    S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120215.001\BHDrvx64.sys [2012-02-07 1157240]
    S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120215.002\IDSvia64.sys [2012-02-14 488568]
    S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
    S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
    S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
    S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502000.00D\Ironx64.SYS [x]
    S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502000.00D\SYMNETS.SYS [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
    S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
    S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-06 311592]
    S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe [2011-04-17 130008]
    S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
    S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-11-07 2072896]
    S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-02-15 138360]
    S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-10-31 11856]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 97926758
    *Deregistered* - 97926758
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 20:14]
    .
    2012-02-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-01 20:14]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
    @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
    [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
    2009-08-06 17:19 137512 —-a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.startpagina.nl/
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://homepage.acer.com
    dr.aspx?b=ACAW&l=0413&m=aspire_7715z&r=273611090425l03h4z155t48l2c82o
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.0.1
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    SafeBoot-mcmscsvc
    SafeBoot-MCODS
    Toolbar-Locked - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360]
    "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2012-02-16 20:15:32
    ComboFix-quarantined-files.txt 2012-02-16 19:15
    .
    Pre-Run: 75.553.112.064 bytes beschikbaar
    Post-Run: 75.155.779.584 bytes beschikbaar
    .
    - - End Of File - - 1979657E1462DC4828C5D9C4510EF7C9
  • D is er weer !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  • hmmmmm iets te vroeg gejuigt.
    Ik zie op D wel alle mappen maar die schijnen leeg te zijn (hetgeen volgens mij niet zo is)
  • Bij eigenschappen in Verkenner zie ik wel de omvang van de inhoud en het aantal bestanden, maar zichtbaar krijg ik ze nog niet.
  • Ik wacht nog rustig af ………….
  • Dan proberen we nu het volgende:

    het onderstaande te maken "batch" bestand zet de atributen terug waardoor de door de besmetting onzichtbare mappen weer zichtbaar worden.


    Open kladblok, en kopieer de onderstaande vetgedrukte blauwe tekst daarin en kies opslaan als "alle bestanden" onder de naam fix.bat en klik op opslaan.

    Plaats dit bestand dus op de partitie D waar de mappen staan.

    [b:d41d5c54e1]@echo off
    attrib -r -a -s -h /s /d[/color:d41d5c54e1][/b:d41d5c54e1]

    [b:d41d5c54e1]fix.bat opstarten[/b:d41d5c54e1]:
    Windows 2000 en Windows XP: middels dubbelklik [b:d41d5c54e1]fix.bat[/b:d41d5c54e1] starten.
    Windows Vista en Windows 7: middels rechtsklik op de snelkoppeling en dan kiezen voor "Als Administrator uitvoeren" [b:d41d5c54e1]fix.bat[/b:d41d5c54e1] starten.
  • Primaire reactie:

    BRILJANT

    Ik ga nog ff dubbelchecken ………….
  • Ziet er perfect uit Abraham, heel erg bedankt voor je adequate hulp.

    Een 10 met een griffel, en een zoen van de juffrouw.
  • Fijn hoor dat je alles terug hebt.

    Maar ik denk niet dat we er al zijn.
    Doe daarom het volgende: download de [b:b85a9c76ce]Emsisoft Emergency Kit[/color:b85a9c76ce][/b:b85a9c76ce] naar het bureaublad en pak het [b:b85a9c76ce]ZIP[/b:b85a9c76ce] bestand uit.
    [list:b85a9c76ce]
    [*:b85a9c76ce] Open de map "[b:b85a9c76ce]EmsisoftEmergencyKit[/b:b85a9c76ce]" en dubbelklik op "[b:b85a9c76ce]Start.exe[/b:b85a9c76ce]"
    [*:b85a9c76ce] Klik nu op "[b:b85a9c76ce]Emergency Kit Scanner[/b:b85a9c76ce]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:b85a9c76ce]Ja[/b:b85a9c76ce]"
    [img:b85a9c76ce]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:b85a9c76ce]
    [*:b85a9c76ce] Als de update gereed is en de melding "[b:b85a9c76ce]Update process is succesvol afgerond[/b:b85a9c76ce]" verschijnt klikt u op "[b:b85a9c76ce]menu[/b:b85a9c76ce]" en dan op "[b:b85a9c76ce]Scan PC[/b:b85a9c76ce]"
    [*:b85a9c76ce] Selecteer de optie "[b:b85a9c76ce]Diep[/b:b85a9c76ce]" als deze niet standaard al zo is ingesteld.
    [*:b85a9c76ce] Klik Nu op de knop "[b:b85a9c76ce]Scan[/b:b85a9c76ce]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:b85a9c76ce] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

    Opmerking:

    Als u deze melding ziet.

    [b:b85a9c76ce]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:b85a9c76ce]

    Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:b85a9c76ce] "Versturen als vals alarm (False Positive)".[/b:b85a9c76ce]


    [*:b85a9c76ce] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:b85a9c76ce]verwijder geselecteerde[/b:b85a9c76ce]" u zal nu de volgende melding krijgen maar klik hier op "[b:b85a9c76ce]Ja[/b:b85a9c76ce]"
    [img:b85a9c76ce]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:b85a9c76ce]
    [*:b85a9c76ce] Als het verwijderen gereed is klikt u op de knop "[b:b85a9c76ce]View report[/b:b85a9c76ce]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:b85a9c76ce]a2scan_110730-111615.txt[/b:b85a9c76ce]
    [*:b85a9c76ce] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:b85a9c76ce] Herstart nu de computer.[/list:u:b85a9c76ce]
  • Oké, ben bezig ……….
  • hmmm, kzie intussen dat munnuh handtekening niet helemaal (lees: helemaal niet meer) klopt. Zal ik binnenkort updaten.
  • Huidige configuratie.
  • [quote:ffa71c7462="Abraham54"]Fijn hoor dat je alles terug hebt.

    Maar ik denk niet dat we er al zijn.
    Doe daarom het volgende: download de [b:ffa71c7462]Emsisoft Emergency Kit[/color:ffa71c7462][/b:ffa71c7462] naar het bureaublad en pak het [b:ffa71c7462]ZIP[/b:ffa71c7462] bestand uit.
    [list:ffa71c7462]
    [*:ffa71c7462] Open de map "[b:ffa71c7462]EmsisoftEmergencyKit[/b:ffa71c7462]" en dubbelklik op "[b:ffa71c7462]Start.exe[/b:ffa71c7462]"
    [*:ffa71c7462] Klik nu op "[b:ffa71c7462]Emergency Kit Scanner[/b:ffa71c7462]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:ffa71c7462]Ja[/b:ffa71c7462]"
    [img:ffa71c7462]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:ffa71c7462]
    [*:ffa71c7462] Als de update gereed is en de melding "[b:ffa71c7462]Update process is succesvol afgerond[/b:ffa71c7462]" verschijnt klikt u op "[b:ffa71c7462]menu[/b:ffa71c7462]" en dan op "[b:ffa71c7462]Scan PC[/b:ffa71c7462]"
    [*:ffa71c7462] Selecteer de optie "[b:ffa71c7462]Diep[/b:ffa71c7462]" als deze niet standaard al zo is ingesteld.
    [*:ffa71c7462] Klik Nu op de knop "[b:ffa71c7462]Scan[/b:ffa71c7462]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:ffa71c7462] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

    Opmerking:

    Als u deze melding ziet.

    [b:ffa71c7462]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:ffa71c7462]

    Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:ffa71c7462] "Versturen als vals alarm (False Positive)".[/b:ffa71c7462]


    [*:ffa71c7462] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:ffa71c7462]verwijder geselecteerde[/b:ffa71c7462]" u zal nu de volgende melding krijgen maar klik hier op "[b:ffa71c7462]Ja[/b:ffa71c7462]"
    [img:ffa71c7462]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:ffa71c7462]
    [*:ffa71c7462] Als het verwijderen gereed is klikt u op de knop "[b:ffa71c7462]View report[/b:ffa71c7462]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:ffa71c7462]a2scan_110730-111615.txt[/b:ffa71c7462]
    [*:ffa71c7462] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:ffa71c7462] Herstart nu de computer.[/list:u:ffa71c7462][/quote:ffa71c7462]

    Ik zou hier eerst nog een stap voor plaatsen: [b:ffa71c7462]Maak eerst een backup!
    [/b:ffa71c7462]

    Het is leuk dat smart aangeeft dat er niets aan de hand is, maar dat hoeft niet te betekenen dat de schijf echt betrouwbaar is.
  • Mark schrijft: "Ik zou hier eerst nog een stap voor plaatsen: Maak eerst een backup!".

    Niet duidelijk is wat hij nu precies bedoeld.
    Namelijk: een back-up waarvan.
    Of bedoelt hij een systeem-image.

    Wat ook niet bekend is: heeft de TS wel een externe opslagmogelijkheid voor die back-up en weet de TS hoe dat moet?


    En waar Mark geen rekening mee houdt: is er nog steeds malware aktief, dan is de gemaakte back-up of systeem image gewoon waardeloos!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.