Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

BrowserCompanium

Anoniem
w.g.b.
42 antwoorden
  • In eens staat BrowserCompanium in de software lijst die je via Configuratie scherm kan oproepen. Windows XP.
    Volgens de datum zou deze 3 dagen geleden zijn geinstalleerd.
    Maar het ziet er zo armzalig uit dus geen bedrijfslogo geeft verder geen info in de blauwe balk.
    Ik vertrouw het niet als je als bedrijf zo armetierige bezig bent. Kan ik deze software wissen.
    Alvast bedankt.
  • Hallo w.g.b., om je te kunnen helpen heb ik wel meer informatie nodig.

    [b:64ac65af91]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:64ac65af91]
  • Bedankt voor het aanbod Abraham54. Ik was misschien iets te voorbarig. Via de de Verkenner kwam ik een bestand Uninstall……exe tegen en daarmee heb ik deze software verwijdert.
    Zal wel zien wat voor een stukje onmisbaar stukje software heb gewist. Met de cursor over een bestand de maker is Blabbers Communication LTD.
  • Indien jij Blabbers niet gewild erbij hebt genomen dan is dit meegelift met een software installatie.
    Mogelijk dat jij daardoor nog meer meelifters als toolbar e.d. in de browsers hebt zitten.

    En dat kan dan toch beteken, dat je alsnog met de fix bezig gaat.
    Kan namelijk zeer verhelderend zijn!
  • Hierbij de uitslag van HiJackthis.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:11:45, on 19-1-2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
    C:\PROGRA~1\NORTON~4\NORTON~1\NPROTECT.EXE
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\PROGRA~1\NORTON~4\NORTON~1\SPEEDD~1\NOPDB.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\UPHClean\uphclean.exe
    C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\UPC\bin\sprtcmd.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    C:\Program Files\Microsoft Office\Office\OSA.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer aangeboden door chello broadband n.v.
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
    O2 - BHO: IEComLS Class - {BFE90A83-BE7F-465F-BF14-FEBB82B76369} - C:\Program Files\Easy Computing\Multi Talen Woordenboek Pro 3\TTLSComIE.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll
    O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
    O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
    O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [UPC] "C:\Program Files\UPC\bin\sprtcmd.exe" /P UPC
    O4 - HKLM\..\Run: [NSWosCheck] "C:\Program Files\Norton SystemWorks Basic Edition\osCheck.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [Google Updater] "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -check_deprecation
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Startup: Office Opstarten.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\MIJNDO~1\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
    O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
    O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks Basic Edition\Norton Cleanup\WCQuick.lnk
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
    O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1263149547500
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1260302211343
    O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton Internet Security. (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
    O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~4\NORTON~1\NPROTECT.EXE
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~4\NORTON~1\SPEEDD~1\NOPDB.EXE
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe


    End of file - 12904 bytes

    Stap twee heb ik ook geprobeerd maar dat lukte van gaan kanten. Ik zag steeds iets van PRGT en geen MBAM :oops:

  • Hallo w.g.b. je hebt dus ook de vieze Babylon Toolbar in jouw Windows.

  • Hoi Abraham54. In het Configuratiescherm, Software staat bij mij geen Babylon vermeld. Ik zie het wel in de Verkenner staan. Is het effect hetzelfde als ik Babylon daar verwijder. Zit er in Windows geen optie om een bestand te uninstallen. Lijkt mij beter dan verwijderen.
    Waar is dit programma voor en van wie zou ik het gekregen kunnen hebben.
  • Babylon is oorspronkelijk een onlinehulpmiddel om te kunnen vertalen.
    In de huidige vorm is het feitelijk een obscure en diep in Windows zetelende toolbar geworden.

    Meegkomen als meelifter met andere software.
    Het verdient dan ook altijd voorkeur om geavanceerde- dan custom optie te kiezen bij installeren.
    Dan kan je meelifters of aanpassingen aan je browsers uitschakelen!

    Je mag het volgende gaan doen:

    [b:8a4fec0a05]Ik wil graag dat jij je tijdens de fix aan onderstaande regels houdt:[/b:8a4fec0a05]
  • Hoi Abraham54 Met klotsende oxels toch maar begonnen.
    19:14:59.0734 4092 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
    19:14:59.0734 4092 ============================================================
    19:14:59.0734 4092 Current date / time: 2012/01/21 19:14:59.0734
    19:14:59.0734 4092 SystemInfo:
    19:14:59.0734 4092
    19:14:59.0734 4092 OS Version: 5.1.2600 ServicePack: 3.0
    19:14:59.0734 4092 Product type: Workstation
    19:14:59.0734 4092 ComputerName: WIM
    19:14:59.0734 4092 UserName: xxxxxxxx
    19:14:59.0734 4092 Windows directory: C:\WINDOWS
    19:14:59.0734 4092 System windows directory: C:\WINDOWS
    19:14:59.0734 4092 Processor architecture: Intel x86
    19:14:59.0734 4092 Number of processors: 2
    19:14:59.0734 4092 Page size: 0x1000
    19:14:59.0734 4092 Boot type: Normal boot
    19:14:59.0734 4092 ============================================================
    19:15:02.0234 4092 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E34000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058
    19:15:02.0343 4092 Initialize success
    19:15:02.0531 3352 ============================================================
    19:15:02.0531 3352 Scan started
    19:15:02.0531 3352 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    19:15:02.0531 3352 ============================================================
    19:15:04.0031 3352 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys
    19:15:09.0234 3352 61883 - ok
    19:15:09.0328 3352 Abiosdsk - ok
    19:15:09.0359 3352 abp480n5 - ok
    19:15:09.0406 3352 acedrv10 (553ba53445795cbc0d4f9fa37eb855a6) C:\WINDOWS\system32\drivers\acedrv10.sys
    19:15:10.0328 3352 acedrv10 - ok
    19:15:10.0640 3352 acehlp10 (8ce00b6a46962a1808b19cd1dae5170c) C:\WINDOWS\system32\drivers\acehlp10.sys
    19:15:10.0703 3352 acehlp10 - ok
    19:15:10.0875 3352 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    19:15:11.0203 3352 ACPI - ok
    19:15:11.0531 3352 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    19:15:11.0750 3352 ACPIEC - ok
    19:15:11.0984 3352 adpu160m - ok
    19:15:12.0093 3352 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys
    19:15:12.0171 3352 aeaudio - ok
    19:15:12.0296 3352 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    19:15:12.0500 3352 aec - ok
    19:15:13.0234 3352 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
    19:15:13.0375 3352 AFD - ok
    19:15:13.0812 3352 Aha154x - ok
    19:15:14.0562 3352 aic78u2 - ok
    19:15:14.0875 3352 aic78xx - ok
    19:15:14.0921 3352 ALCXSENS - ok
    19:15:14.0953 3352 ALCXWDM - ok
    19:15:15.0000 3352 AliIde - ok
    19:15:15.0046 3352 amsint - ok
    19:15:15.0125 3352 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    19:15:15.0296 3352 Arp1394 - ok
    19:15:15.0562 3352 ASAPIW2k (4f9cbbf95e8f7a0d4c0edcfe3b78102e) C:\WINDOWS\system32\drivers\ASAPIW2k.sys
    19:15:15.0656 3352 ASAPIW2k ( UnsignedFile.Multi.Generic ) - warning
    19:15:15.0656 3352 ASAPIW2k - detected UnsignedFile.Multi.Generic (1)
    19:15:15.0812 3352 asc - ok
    19:15:15.0859 3352 asc3350p - ok
    19:15:15.0906 3352 asc3550 - ok
    19:15:16.0000 3352 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    19:15:16.0171 3352 AsyncMac - ok
    19:15:16.0390 3352 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    19:15:16.0578 3352 atapi - ok
    19:15:16.0781 3352 Atdisk - ok
    19:15:16.0875 3352 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    19:15:17.0046 3352 Atmarpc - ok
    19:15:17.0328 3352 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    19:15:17.0500 3352 audstub - ok
    19:15:17.0828 3352 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys
    19:15:17.0984 3352 Avc - ok
    19:15:18.0296 3352 AVCSTRM (e625773d7b950842d582f713656859c0) C:\WINDOWS\system32\DRIVERS\avcstrm.sys
    19:15:18.0484 3352 AVCSTRM - ok
    19:15:18.0687 3352 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    19:15:18.0843 3352 Beep - ok
    19:15:19.0062 3352 BHDrvx86 (e685ba3267c5a4ec4ce9e2b4a1481725) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys
    19:15:19.0140 3352 BHDrvx86 - ok
    19:15:19.0203 3352 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    19:15:19.0343 3352 Bridge - ok
    19:15:19.0375 3352 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
    19:15:19.0500 3352 BridgeMP - ok
    19:15:19.0671 3352 bsaspi32 - ok
    19:15:19.0843 3352 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
    19:15:20.0046 3352 BthEnum - ok
    19:15:20.0437 3352 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
    19:15:20.0593 3352 BTHMODEM - ok
    19:15:20.0906 3352 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
    19:15:21.0078 3352 BthPan - ok
    19:15:21.0390 3352 BTHPORT (29ff6a865782d0f5b8e7fa1ffab4182b) C:\WINDOWS\system32\Drivers\BTHport.sys
    19:15:21.0546 3352 BTHPORT - ok
    19:15:21.0656 3352 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
    19:15:21.0859 3352 BTHUSB - ok
    19:15:22.0046 3352 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    19:15:22.0218 3352 cbidf2k - ok
    19:15:22.0265 3352 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    19:15:22.0468 3352 CCDECODE - ok
    19:15:22.0500 3352 cd20xrnt - ok
    19:15:22.0546 3352 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    19:15:22.0703 3352 Cdaudio - ok
    19:15:22.0796 3352 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    19:15:22.0968 3352 Cdfs - ok
    19:15:23.0421 3352 cdrbsvsd (3fbf4ef2723b3c49dd5b13a9e35c3810) C:\WINDOWS\system32\drivers\cdrbsvsd.sys
    19:15:23.0500 3352 cdrbsvsd ( UnsignedFile.Multi.Generic ) - warning
    19:15:23.0500 3352 cdrbsvsd - detected UnsignedFile.Multi.Generic (1)
    19:15:23.0593 3352 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    19:15:23.0765 3352 Cdrom - ok
    19:15:24.0500 3352 Changer - ok
    19:15:24.0671 3352 CmdIde - ok
    19:15:24.0875 3352 Cpqarray - ok
    19:15:24.0921 3352 dac2w2k - ok
    19:15:24.0968 3352 dac960nt - ok
    19:15:25.0015 3352 DC21x4 (bb005cb49d0638039703ac4f67fe0a05) C:\WINDOWS\system32\DRIVERS\dc21x4.sys
    19:15:25.0156 3352 DC21x4 - ok
    19:15:25.0203 3352 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    19:15:25.0343 3352 Disk - ok
    19:15:25.0406 3352 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    19:15:25.0625 3352 dmboot - ok
    19:15:25.0640 3352 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    19:15:25.0781 3352 dmio - ok
    19:15:25.0828 3352 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    19:15:26.0000 3352 dmload - ok
    19:15:26.0031 3352 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    19:15:26.0156 3352 DMusic - ok
    19:15:26.0171 3352 dpti2o - ok
    19:15:26.0171 3352 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    19:15:26.0328 3352 drmkaud - ok
    19:15:26.0468 3352 eeCtrl (75e8b69f28c813675b16db357f20720f) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
    19:15:26.0515 3352 eeCtrl - ok
    19:15:26.0593 3352 EraserUtilRebootDrv (720b18d76de9e603b626dfcd6f1fca7c) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
    19:15:26.0609 3352 EraserUtilRebootDrv - ok
    19:15:26.0984 3352 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    19:15:27.0140 3352 Fastfat - ok
    19:15:27.0281 3352 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
    19:15:27.0375 3352 fasttx2k - ok
    19:15:27.0718 3352 FCParPnP (98444637059dee0d6d2450875364a915) C:\WINDOWS\system32\Drivers\FCParPnP.sys
    19:15:27.0750 3352 FCParPnP ( UnsignedFile.Multi.Generic ) - warning
    19:15:27.0750 3352 FCParPnP - detected UnsignedFile.Multi.Generic (1)
    19:15:27.0859 3352 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
    19:15:28.0031 3352 Fdc - ok
    19:15:28.0062 3352 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    19:15:28.0203 3352 Fips - ok
    19:15:28.0218 3352 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    19:15:28.0343 3352 Flpydisk - ok
    19:15:28.0375 3352 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    19:15:28.0515 3352 FltMgr - ok
    19:15:28.0546 3352 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    19:15:28.0703 3352 Fs_Rec - ok
    19:15:28.0718 3352 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    19:15:28.0843 3352 Ftdisk - ok
    19:15:28.0890 3352 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
    19:15:29.0015 3352 gameenum - ok
    19:15:29.0046 3352 giveio (77ebf3e9386daa51551af429052d88d0) C:\WINDOWS\system32\giveio.sys
    19:15:29.0093 3352 giveio ( UnsignedFile.Multi.Generic ) - warning
    19:15:29.0093 3352 giveio - detected UnsignedFile.Multi.Generic (1)
    19:15:29.0125 3352 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    19:15:29.0265 3352 Gpc - ok
    19:15:29.0296 3352 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    19:15:29.0437 3352 HidUsb - ok
    19:15:29.0437 3352 hpn - ok
    19:15:29.0484 3352 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    19:15:29.0609 3352 HTTP - ok
    19:15:29.0625 3352 i2omgmt - ok
    19:15:29.0625 3352 i2omp - ok
    19:15:29.0656 3352 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    19:15:29.0796 3352 i8042prt - ok
    19:15:29.0984 3352 IDSxpx86 (e72d3894d42355e9cd5fd77e1e4fea11) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSxpx86.sys
    19:15:30.0000 3352 IDSxpx86 - ok
    19:15:30.0046 3352 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    19:15:30.0187 3352 Imapi - ok
    19:15:30.0203 3352 ini910u - ok
    19:15:30.0234 3352 IntelIde (72c63ad984d427d34bd5b9db838d88eb) C:\WINDOWS\system32\DRIVERS\intelide.sys
    19:15:30.0390 3352 IntelIde - ok
    19:15:30.0421 3352 intelppm (2d2254fac267e6b1c7865e8ebef60c6d) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    19:15:30.0562 3352 intelppm - ok
    19:15:30.0609 3352 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    19:15:30.0750 3352 Ip6Fw - ok
    19:15:30.0781 3352 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    19:15:30.0921 3352 IpFilterDriver - ok
    19:15:30.0937 3352 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    19:15:31.0078 3352 IpInIp - ok
    19:15:31.0109 3352 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    19:15:31.0234 3352 IpNat - ok
    19:15:31.0265 3352 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    19:15:31.0390 3352 IPSec - ok
    19:15:31.0453 3352 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    19:15:31.0578 3352 IRENUM - ok
    19:15:31.0625 3352 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    19:15:31.0765 3352 isapnp - ok
    19:15:31.0812 3352 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    19:15:31.0953 3352 Kbdclass - ok
    19:15:31.0984 3352 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    19:15:32.0140 3352 kmixer - ok
    19:15:32.0156 3352 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    19:15:32.0250 3352 KSecDD - ok
    19:15:32.0296 3352 L8042PR2 (0f8b7bf7097d1e8d78f2f52a2bea03cd) C:\WINDOWS\system32\Drivers\l8042pr2.sys
    19:15:32.0359 3352 L8042PR2 - ok
    19:15:32.0390 3352 lbrtfdc - ok
    19:15:32.0421 3352 LHidFlt2 (3c357dfdbbf2b4b01aa4b9c8a26e4416) C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
    19:15:32.0453 3352 LHidFlt2 - ok
    19:15:32.0484 3352 LHidUsb (ffb851b1b2f6596b7d3182b977a85206) C:\WINDOWS\system32\Drivers\LHidUsb.Sys
    19:15:32.0531 3352 LHidUsb - ok
    19:15:32.0562 3352 LMouFlt2 (aef09673376a4d93c09e8341854f1bf4) C:\WINDOWS\system32\Drivers\LMouFlt2.sys
    19:15:32.0593 3352 LMouFlt2 - ok
    19:15:32.0640 3352 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
    19:15:32.0656 3352 MASPINT ( UnsignedFile.Multi.Generic ) - warning
    19:15:32.0656 3352 MASPINT - detected UnsignedFile.Multi.Generic (1)
    19:15:32.0750 3352 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    19:15:32.0921 3352 mnmdd - ok
    19:15:32.0953 3352 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    19:15:33.0093 3352 Modem - ok
    19:15:33.0125 3352 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    19:15:33.0265 3352 Mouclass - ok
    19:15:33.0312 3352 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    19:15:33.0453 3352 mouhid - ok
    19:15:33.0484 3352 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    19:15:33.0640 3352 MountMgr - ok
    19:15:33.0656 3352 mraid35x - ok
    19:15:33.0656 3352 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    19:15:33.0828 3352 MRxDAV - ok
    19:15:33.0890 3352 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    19:15:34.0000 3352 MRxSmb - ok
    19:15:34.0031 3352 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys
    19:15:34.0171 3352 MSDV - ok
    19:15:34.0187 3352 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    19:15:34.0312 3352 Msfs - ok
    19:15:34.0359 3352 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    19:15:34.0484 3352 MSKSSRV - ok
    19:15:34.0546 3352 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    19:15:34.0671 3352 MSPCLOCK - ok
    19:15:34.0687 3352 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    19:15:34.0828 3352 MSPQM - ok
    19:15:34.0890 3352 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    19:15:35.0015 3352 mssmbios - ok
    19:15:35.0062 3352 MSTAPE (5c3f9bdf4db23b75306388fc26a0a8e5) C:\WINDOWS\system32\DRIVERS\mstape.sys
    19:15:35.0187 3352 MSTAPE - ok
    19:15:35.0234 3352 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    19:15:35.0375 3352 MSTEE - ok
    19:15:35.0437 3352 ms_mpu401 (ca3e22598f411199adc2dfee76cd0ae0) C:\WINDOWS\system32\drivers\msmpu401.sys
    19:15:35.0578 3352 ms_mpu401 - ok
    19:15:35.0625 3352 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
    19:15:35.0750 3352 Mup - ok
    19:15:35.0796 3352 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    19:15:35.0921 3352 NABTSFEC - ok
    19:15:36.0093 3352 NAVENG (862f55824ac81295837b0ab63f91071f) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20120120.035\NAVENG.SYS
    19:15:36.0109 3352 NAVENG - ok
    19:15:36.0203 3352 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20120120.035\NAVEX15.SYS
    19:15:36.0406 3352 NAVEX15 - ok
    19:15:36.0453 3352 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    19:15:36.0593 3352 NDIS - ok
    19:15:36.0640 3352 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    19:15:36.0750 3352 NdisIP - ok
    19:15:36.0781 3352 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS
    distapi.sys
    19:15:36.0921 3352 NdisTapi - ok
    19:15:36.0968 3352 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
    disuio.sys
    19:15:37.0109 3352 Ndisuio - ok
    19:15:37.0125 3352 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
    diswan.sys
    19:15:37.0265 3352 NdisWan - ok
    19:15:37.0296 3352 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
    19:15:37.0421 3352 NDProxy - ok
    19:15:37.0437 3352 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
    etbios.sys
    19:15:37.0562 3352 NetBIOS - ok
    19:15:37.0609 3352 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
    etbt.sys
    19:15:37.0750 3352 NetBT - ok
    19:15:37.0796 3352 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    19:15:37.0921 3352 NIC1394 - ok
    19:15:37.0968 3352 NPDriver (57883a0c8ab1d93fce74d79b5fe8b4ff) C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
    19:15:38.0015 3352 NPDriver ( UnsignedFile.Multi.Generic ) - warning
    19:15:38.0015 3352 NPDriver - detected UnsignedFile.Multi.Generic (1)
    19:15:38.0015 3352 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    19:15:38.0156 3352 Npfs - ok
    19:15:38.0187 3352 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    19:15:38.0328 3352 Ntfs - ok
    19:15:38.0359 3352 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    19:15:38.0515 3352 Null - ok
    19:15:38.0781 3352 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS
    v4_mini.sys
    19:15:39.0250 3352 nv - ok
    19:15:39.0328 3352 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    19:15:39.0468 3352 NwlnkFlt - ok
    19:15:39.0500 3352 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    19:15:39.0640 3352 NwlnkFwd - ok
    19:15:39.0687 3352 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    19:15:39.0828 3352 ohci1394 - ok
    19:15:39.0859 3352 OlCamudp (23f6b9e6d3a6f27571885d27f292fd91) C:\WINDOWS\system32\Drivers\olcamudp.sys
    19:15:39.0890 3352 OlCamudp ( UnsignedFile.Multi.Generic ) - warning
    19:15:39.0890 3352 OlCamudp - detected UnsignedFile.Multi.Generic (1)
    19:15:39.0906 3352 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    19:15:40.0046 3352 Parport - ok
    19:15:40.0062 3352 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    19:15:40.0187 3352 PartMgr - ok
    19:15:40.0234 3352 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    19:15:40.0437 3352 ParVdm - ok
    19:15:40.0453 3352 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    19:15:40.0625 3352 PCI - ok
    19:15:40.0625 3352 PCIDump - ok
    19:15:40.0640 3352 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    19:15:40.0781 3352 PCIIde - ok
    19:15:40.0796 3352 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    19:15:40.0921 3352 Pcmcia - ok
    19:15:40.0968 3352 pctvvbi (e388120616e1a104202bbf9dfab35bd2) C:\WINDOWS\system32\DRIVERS\pctvvbi.sys
    19:15:41.0015 3352 pctvvbi ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0015 3352 pctvvbi - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0031 3352 PDCOMP - ok
    19:15:41.0031 3352 PDFRAME - ok
    19:15:41.0046 3352 PDRELI - ok
    19:15:41.0062 3352 PDRFRAME - ok
    19:15:41.0078 3352 perc2 - ok
    19:15:41.0078 3352 perc2hib - ok
    19:15:41.0125 3352 pfc (f2b3785d7282bac66d4b644fc88749f0) C:\WINDOWS\system32\drivers\pfc.sys
    19:15:41.0156 3352 pfc ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0156 3352 pfc - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0187 3352 PIXMC10 (a8b092017375e0f290cefd2814f02f9d) C:\WINDOWS\system32\Drivers\pixmc10c.sys
    19:15:41.0234 3352 PIXMC10 ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0234 3352 PIXMC10 - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0281 3352 PIXMC10A (a64872667b2271c9c14c4a889d32146c) C:\WINDOWS\system32\Drivers\pixmc10a.sys
    19:15:41.0328 3352 PIXMC10A ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0328 3352 PIXMC10A - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0375 3352 PIXMC10V (d734d6eff8790881d005fa18d1a92b80) C:\WINDOWS\system32\Drivers\pixmc10v.sys
    19:15:41.0390 3352 PIXMC10V ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0390 3352 PIXMC10V - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0437 3352 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    19:15:41.0562 3352 PptpMiniport - ok
    19:15:41.0578 3352 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    19:15:41.0718 3352 PSched - ok
    19:15:41.0750 3352 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    19:15:41.0890 3352 Ptilink - ok
    19:15:41.0921 3352 PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
    19:15:41.0953 3352 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
    19:15:41.0953 3352 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
    19:15:41.0968 3352 ql1080 - ok
    19:15:41.0968 3352 Ql10wnt - ok
    19:15:41.0984 3352 ql12160 - ok
    19:15:42.0000 3352 ql1240 - ok
    19:15:42.0000 3352 ql1280 - ok
    19:15:42.0046 3352 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    19:15:42.0203 3352 RasAcd - ok
    19:15:42.0234 3352 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    19:15:42.0359 3352 Rasl2tp - ok
    19:15:42.0375 3352 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    19:15:42.0515 3352 RasPppoe - ok
    19:15:42.0515 3352 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    19:15:42.0671 3352 Raspti - ok
    19:15:42.0703 3352 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    19:15:42.0828 3352 Rdbss - ok
    19:15:42.0859 3352 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    19:15:43.0000 3352 RDPCDD - ok
    19:15:43.0046 3352 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
    19:15:43.0203 3352 RDPWD - ok
    19:15:43.0234 3352 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    19:15:43.0375 3352 redbook - ok
    19:15:43.0421 3352 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
    19:15:43.0578 3352 RFCOMM - ok
    19:15:43.0609 3352 ROB_A (a83370a87efc242f37855b9a82de8bc8) C:\WINDOWS\system32\DRIVERS\rob_a.sys
    19:15:43.0625 3352 ROB_A ( UnsignedFile.Multi.Generic ) - warning
    19:15:43.0625 3352 ROB_A - detected UnsignedFile.Multi.Generic (1)
    19:15:43.0640 3352 ROB_V (28aa8e68b43df0954979565044fb8fd0) C:\WINDOWS\system32\drivers\rob_v.sys
    19:15:43.0671 3352 ROB_V ( UnsignedFile.Multi.Generic ) - warning
    19:15:43.0671 3352 ROB_V - detected UnsignedFile.Multi.Generic (1)
    19:15:43.0718 3352 SDdriver (ac2e5fa94155bc0c4c7ab8f97e181f6f) C:\WINDOWS\system32\Drivers\sddriver.sys
    19:15:43.0750 3352 SDdriver ( UnsignedFile.Multi.Generic ) - warning
    19:15:43.0750 3352 SDdriver - detected UnsignedFile.Multi.Generic (1)
    19:15:43.0781 3352 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    19:15:43.0906 3352 Secdrv - ok
    19:15:43.0937 3352 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    19:15:44.0078 3352 serenum - ok
    19:15:44.0125 3352 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    19:15:44.0265 3352 Serial - ok
    19:15:44.0281 3352 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    19:15:44.0406 3352 Sfloppy - ok
    19:15:44.0421 3352 Simbad - ok
    19:15:44.0453 3352 SISAGP (61ca562def09a782d26b3e7edec5369a) C:\WINDOWS\system32\DRIVERS\SISAGPX.sys
    19:15:44.0484 3352 SISAGP - ok
    19:15:44.0500 3352 sisidex (ebe8e50647d0efef0abc8c2f717405d9) C:\WINDOWS\system32\drivers\sisidex.sys
    19:15:44.0515 3352 sisidex ( UnsignedFile.Multi.Generic ) - warning
    19:15:44.0515 3352 sisidex - detected UnsignedFile.Multi.Generic (1)
    19:15:44.0546 3352 SISNIC (8204c49cde112f7b9c2f15707fe2cc5a) C:\WINDOWS\system32\DRIVERS\sisnic.sys
    19:15:44.0593 3352 SISNIC - ok
    19:15:44.0593 3352 SiSRaid (4c597e4de6edf6453990059ba0eac7d0) C:\WINDOWS\system32\drivers\SiSRaid.sys
    19:15:44.0656 3352 SiSRaid - ok
    19:15:44.0671 3352 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    19:15:44.0796 3352 SLIP - ok
    19:15:44.0843 3352 SMR250 (ecc0db3be1589dbb7e0fa7c1e0dda0e4) C:\WINDOWS\system32\drivers\SMR250.SYS
    19:15:44.0859 3352 SMR250 - ok
    19:15:44.0921 3352 smwdm (bf208c85119770e6a9b6577019a3d810) C:\WINDOWS\system32\drivers\smwdm.sys
    19:15:44.0953 3352 smwdm - ok
    19:15:44.0984 3352 Sparrow - ok
    19:15:45.0109 3352 SPBBCDrv (cb5a4e90451d80d415f0a6dbb86d1d9f) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
    19:15:45.0156 3352 SPBBCDrv - ok
    19:15:45.0187 3352 speedfan (d703f972d23867dfd4ee9a9ef9cb767e) C:\WINDOWS\system32\speedfan.sys
    19:15:45.0281 3352 speedfan ( UnsignedFile.Multi.Generic ) - warning
    19:15:45.0281 3352 speedfan - detected UnsignedFile.Multi.Generic (1)
    19:15:45.0312 3352 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    19:15:45.0437 3352 splitter - ok
    19:15:45.0468 3352 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    19:15:45.0609 3352 sr - ok
    19:15:45.0687 3352 SRTSP (83726cf02eced69138948083e06b6eac) C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SRTSP.SYS
    19:15:45.0718 3352 SRTSP - ok
    19:15:45.0750 3352 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SRTSPX.SYS
    19:15:45.0765 3352 SRTSPX - ok
    19:15:45.0812 3352 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
    19:15:45.0937 3352 Srv - ok
    19:15:45.0953 3352 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    19:15:46.0078 3352 streamip - ok
    19:15:46.0125 3352 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    19:15:46.0250 3352 swenum - ok
    19:15:46.0281 3352 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    19:15:46.0421 3352 swmidi - ok
    19:15:46.0437 3352 symc810 - ok
    19:15:46.0453 3352 symc8xx - ok
    19:15:46.0468 3352 SYMDNS - ok
    19:15:46.0500 3352 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMDS.SYS
    19:15:46.0515 3352 SymDS - ok
    19:15:46.0593 3352 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\WINDOWS\system32\drivers\NIS\1206000.01D\SYMEFA.SYS
    19:15:46.0640 3352 SymEFA - ok
    19:15:46.0687 3352 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
    19:15:46.0703 3352 SymEvent - ok
    19:15:46.0703 3352 SYMFW - ok
    19:15:46.0718 3352 SYMIDS - ok
    19:15:46.0734 3352 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\WINDOWS\system32\drivers\NIS\1206000.01D\Ironx86.SYS
    19:15:46.0750 3352 SymIRON - ok
    19:15:46.0765 3352 SYMNDIS - ok
    19:15:46.0781 3352 SYMREDRV - ok
    19:15:46.0796 3352 SYMTDI (dec35ccaf7a222df918306cd2fdfbd39) C:\WINDOWS\System32\Drivers\NIS\1206000.01D\SYMTDI.SYS
    19:15:46.0828 3352 SYMTDI - ok
    19:15:46.0843 3352 sym_hi - ok
    19:15:46.0843 3352 sym_u3 - ok
    19:15:46.0875 3352 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    19:15:47.0015 3352 sysaudio - ok
    19:15:47.0062 3352 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    19:15:47.0125 3352 Tcpip - ok
    19:15:47.0156 3352 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    19:15:47.0281 3352 TDPIPE - ok
    19:15:47.0312 3352 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    19:15:47.0437 3352 TDTCP - ok
    19:15:47.0468 3352 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    19:15:47.0625 3352 TermDD - ok
    19:15:47.0640 3352 TosIde - ok
    19:15:47.0671 3352 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
    19:15:47.0796 3352 uagp35 - ok
    19:15:47.0828 3352 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    19:15:47.0968 3352 Udfs - ok
    19:15:47.0984 3352 ultra - ok
    19:15:47.0984 3352 UnlockerDriver5 - ok
    19:15:48.0031 3352 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    19:15:48.0187 3352 Update - ok
    19:15:48.0250 3352 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    19:15:48.0359 3352 usbaudio - ok
    19:15:48.0406 3352 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    19:15:48.0562 3352 usbccgp - ok
    19:15:48.0593 3352 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    19:15:48.0718 3352 usbehci - ok
    19:15:48.0750 3352 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    19:15:48.0890 3352 usbhub - ok
    19:15:48.0984 3352 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    19:15:49.0140 3352 usbohci - ok
    19:15:49.0156 3352 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    19:15:49.0296 3352 usbprint - ok
    19:15:49.0343 3352 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    19:15:49.0500 3352 usbscan - ok
    19:15:49.0531 3352 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    19:15:49.0671 3352 USBSTOR - ok
    19:15:49.0703 3352 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    19:15:49.0828 3352 usbuhci - ok
    19:15:49.0875 3352 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
    19:15:50.0000 3352 usbvideo - ok
    19:15:50.0031 3352 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    19:15:50.0156 3352 VgaSave - ok
    19:15:50.0156 3352 ViaIde - ok
    19:15:50.0187 3352 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    19:15:50.0296 3352 VolSnap - ok
    19:15:50.0343 3352 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    19:15:50.0453 3352 Wanarp - ok
    19:15:50.0468 3352 WDICA - ok
    19:15:50.0484 3352 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    19:15:50.0640 3352 wdmaud - ok
    19:15:50.0687 3352 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    19:15:50.0812 3352 WSTCODEC - ok
    19:15:50.0859 3352 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    19:15:50.0968 3352 WudfPf - ok
    19:15:50.0984 3352 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    19:15:51.0015 3352 WudfRd - ok
    19:15:51.0062 3352 yukonx86 (24143e06d15db866dea29258f77fd89d) C:\WINDOWS\system32\DRIVERS\yukonx86.sys
    19:15:51.0093 3352 yukonx86 ( UnsignedFile.Multi.Generic ) - warning
    19:15:51.0093 3352 yukonx86 - detected UnsignedFile.Multi.Generic (1)
    19:15:51.0125 3352 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    19:15:51.0359 3352 \Device\Harddisk0\DR0 - ok
    19:15:51.0359 3352 Boot (0x1200) (2bea655a191566f69e252d8a5750aafa) \Device\Harddisk0\DR0\Partition0
    19:15:51.0359 3352 \Device\Harddisk0\DR0\Partition0 - ok
    19:15:51.0359 3352 ============================================================
    19:15:51.0359 3352 Scan finished
    19:15:51.0359 3352 ============================================================
    19:15:52.0015 2772 Deinitialize success

    ==============================================
    Last Created System Restore Point
    ==============================================
    RP1591: 21-1-2012 19:14:18 - TDSSKiller Starter Restore Point
    ==============================================
    EOF

    Bij het uitvoeren van Combofix kreeg ik de melding dat er een fout was met Internet Explorer ik kreeg heel even te zien dat scherm of ik het aan Windows wil vermelden dat viel ook weg.

    20.26 Ik zie dat Norton uit staat ik zet hem gelijk weer aan.








  • Download ComboFix opnieuw naar het buraublad, nadat je de oude versie naar de prullenbak hebt verwijderd en deze vervolgens hebt leeggemaakt.

    Herstart vervolgens naar Veilige modus, zorg ervoor dat Norton gedeaktiveerd is en probeer dan ComboFix nogmaals.
  • Pfff bijna een half uur verder ik hoop dat het allemaal is gelukt. Kreeg voor mij gevoel nogal wat meldingen of ik het aan Microsoft, Logitech en Symantic wilden melden.

    ComboFix 12-01-21.02 - xxxxxxxxx 21-01-2012 19:34:18.1.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.235 [GMT 1:00]
    Gestart vanuit: c:\documents and settings\xxxxxxxxx\Bureaublad\ComboFix.exe
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\xxxxxxxxx
    tuser.tmp
    c:\documents and settings\xxxxxxxxx\WINDOWS
    c:\windows\Downloaded Program Files\ODCTOOLS
    c:\windows\IsUn0413.exe
    c:\windows\system32\SET92.tmp
    c:\windows\system32\SET9E.tmp
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-21 to 2012-01-21 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-21 18:09 . 2012-01-21 18:15 ——– d—–w- C:\TDSSStarter
    2012-01-21 16:31 . 2012-01-21 16:31 83064 —-a-w- c:\windows\system32\drivers\SMR250.SYS
    2012-01-21 16:31 . 2012-01-21 16:34 ——– d—–w- c:\documents and settings\xxxxxxxxx\Local Settings\Application Data\NPE
    2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- C:\usr
    2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- c:\documents and settings\All Users\Application Data\Paessler
    2012-01-19 15:32 . 2012-01-19 15:49 ——– d—–w- c:\program files\PRTG Network Monitor
    2012-01-19 15:10 . 2012-01-19 15:10 388096 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\program files\BabylonToolbar
    2012-01-14 20:17 . 2012-01-14 20:17 1255 —-a-w- C:\user.js
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxxx\AppData
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxx\Local Settings\Application Data\Babylon
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\xxxxxxxxx\Application Data\Babylon
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\All Users\Application Data\Babylon
    2012-01-13 18:03 . 2012-01-13 18:03 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
    2012-01-13 18:03 . 2012-01-13 18:03 ——– d—–w- c:\program files\Uniblue
    2012-01-13 18:02 . 2012-01-13 18:02 ——– d—–w- c:\documents and settings\xxxxxxxx\Local Settings\Application Data\PackageAware
    2011-12-30 12:05 . 2011-12-30 12:05 ——– d—–w- c:\documents and settings\xxxxxxxxx\Application Data\HotSync
    2011-12-29 19:51 . 2012-01-19 15:30 ——– d—–w- C:\unzipped
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-14 19:31 . 2009-02-27 20:36 695642 —-a-w- c:\windows\unins000.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
    2011-11-28 14:03 . 2011-11-28 14:03 49152 —-a-r- c:\documents and settings\xxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
    2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\xxxxxxxxx\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
    2011-11-28 10:26 . 2011-05-19 08:20 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-08-20 1912832]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-04 68856]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
    "Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
    "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
    "SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
    "UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512]
    "NSWosCheck"="c:\program files\Norton SystemWorks Basic Edition\osCheck.exe" [2007-10-31 25424]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
    "nwiz"="nwiz.exe" [2008-05-16 1630208]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-09-06 115560]
    "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-06 161336]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\Wim\Programma's\Opstarten\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
    Office Opstarten.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-2-19 51984]
    PowerReg Scheduler.exe [2012-1-4 233472]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Wim^Programma's^Opstarten^HotSync Manager.lnk]
    path=c:\documents and settings\Wim\Programma's\Opstarten\HotSync Manager.lnk
    backup=c:\windows\pss\HotSync Manager.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 10:50 155648 —-a-w- c:\windows\system32\NeroCheck.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Program Files\\PRTG Network Monitor\\PRTG Server Administrator.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    .
    R0 SMR250;Symantec SMR Utility Service 2.5.0;c:\windows\system32\drivers\SMR250.SYS [21-1-2012 17:31 83064]
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SymDS.sys [9-9-2011 18:11 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SymEFA.sys [9-9-2011 18:11 744568]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [1-12-2011 3:25 820344]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.sys [9-9-2011 18:11 136312]
    R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [27-7-2007 9:13 330144]
    R2 NIS;Norton Internet Security.;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [9-9-2011 18:11 130008]
    R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~4\NORTON~1\NPROTECT.EXE [9-12-2005 12:26 99976]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9-11-2011 10:08 106104]
    R3 FCParPnP;Freecom Parallel PnP Driver;c:\windows\system32\drivers\FCParPnP.sys [10-12-2001 16:56 10320]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSXpx86.sys [21-1-2012 11:04 356280]
    S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [27-7-2007 11:46 251680]
    S2 bsaspi32;bsaspi32; [x]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
    S2 PRTGCoreService;PRTG Core Server Service;"c:\program files\PRTG Network Monitor\PRTG Server.exe" –> c:\program files\PRTG Network Monitor\PRTG Server.exe [?]
    S2 PRTGProbeService;PRTG Probe Service;"c:\program files\PRTG Network Monitor\PRTG Probe.exe" –> c:\program files\PRTG Network Monitor\PRTG Probe.exe [?]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [20-1-2011 15:28 1527900]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
    S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [24-5-2005 18:18 10379]
    S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [23-10-2004 9:08 6369]
    S3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\windows\system32\drivers\pixmc10c.sys [16-2-2006 12:27 31232]
    S3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\windows\system32\drivers\pixmc10a.sys [16-2-2006 13:04 28060]
    S3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\windows\system32\drivers\pixmc10v.sys [16-2-2006 13:05 22652]
    S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [19-10-2004 12:10 176256]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - 22596305
    *Deregistered* - 22596305
    *Deregistered* - uphcleanhlp
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-01-21 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-04 19:20]
    .
    2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
    .
    2012-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
    .
    2012-01-21 c:\windows\Tasks\RegistryBooster.job
    - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-01-13 08:26]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = about:blank
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = <local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xporteren naar Microsoft Excel - c:\mijndo~1\Office10\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    HKLM-Run-RemoteAssist - (no file)
    HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
    MSConfigStartUp-YouSendIt - c:\program files\YouSendIt\Express\YouSendIt.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-01-21 19:53
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-3234667655-1940723367-1441234189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    Voltooingstijd: 2012-01-21 20:00:06
    ComboFix-quarantined-files.txt 2012-01-21 19:00
    .
    Pre-Run: 74.616.205.312 bytes beschikbaar
    Post-Run: 75.387.752.448 bytes beschikbaar
    .
    WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /bootlog
    .
    - - End Of File - - 75632FA7CD36452C359564FCE364ABD6

    20:55
    Ik krijg Norton niet meer rechts onder het scherm. Daar is Windows voor gekomen. Normaal gebruik ik de Firewall van Norton en die van Windows heb ik uitgeschakeld. Dat lukt niet meer ik zit nu met een ingeschakelde Firewall van Windows. :cry:
    21:13
    Ik zit nu met twee Internet Explores op het bureaublad. Als ik op de laatst nieuwe klik eigenschappen krijk ik Eigenschappen voor het Internet. Die met de 7 tabbladen. Op het andere Eigenschappen voor Internet Explorer 8. Dat scherm kan je alleen zien wat de root is. 3 tabbladen.
    21:43
    Surfen op het Internet gaat best goed. Iets sneller dan voorheen.
  • Hoi w.g.b., je hebt uit voorzorg de gebruikersnaam verwijderd in het ComboFix-log verwijderd.

    Weet, dat indien ik jouw middels een ComboFix scrpt jouw Windows laat opruimen, je eerst in dat script eventuele gebruikersnamen goed moet substitueren.
    Want doe je dat niet goed, is de kans groot dat er iets verkeerd gaat!
    Gaat het hierbij overigens om maar één gebruiker?
  • Mijn naam heb ik uit de log gehaald na dat ik het hier had geplaatst. Met de optie bewerken. Na het plaatsen van mijn log zag ik ineens mijn naam staan. Ik ben digitaal uitermate voorzichtig.
    Hoe krijg ik deze twee programmas het beste van mijn computer verwijderd.
  • Je gebruikersnaam had je rustig in in het log kunnen laten staan.
    Daar kan niemand wat mee.

    Want wil je een schone Windows, moet ik de volgende scan van ComboFix via een script doen!
  • Hoi Abraham54
    Alvast bedankt voor je geduld.
    Toch vraag ik me af waarmee ik bezig ben. Ik betaal keurig een abonnement bij Norton. Is het eigenlijk niet hun probleem.
    De software heb ik mijn computer opnieuw laten scannen. Dit keer ging het een stuk beter. Daar bedoel ik mee geen opmerkingen van Microsoft of ik het probleem aan hun wil vermelden.

    ComboFix 12-01-21.02 - Beerends 22-01-2012 13:26:50.2.2 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.332 [GMT 1:00]
    Gestart vanuit: c:\documents and settings\Beerends\Bureaublad\ComboFix.exe
    AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-12-22 to 2012-01-22 ))))))))))))))))))))))))))))))
    .
    .
    2012-01-21 18:09 . 2012-01-21 18:15 ——– d—–w- C:\TDSSStarter
    2012-01-21 16:31 . 2012-01-21 16:34 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\NPE
    2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- C:\usr
    2012-01-19 15:48 . 2012-01-19 15:48 ——– d—–w- c:\documents and settings\All Users\Application Data\Paessler
    2012-01-19 15:32 . 2012-01-19 15:49 ——– d—–w- c:\program files\PRTG Network Monitor
    2012-01-19 15:10 . 2012-01-19 15:10 388096 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\program files\BabylonToolbar
    2012-01-14 20:17 . 2012-01-14 20:17 1255 —-a-w- C:\user.js
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\AppData
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\Babylon
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\Beerends\Application Data\Babylon
    2012-01-14 20:17 . 2012-01-14 20:17 ——– d—–w- c:\documents and settings\All Users\Application Data\Babylon
    2012-01-13 18:03 . 2012-01-13 18:03 ——– dc-h–w- c:\documents and settings\All Users\Application Data\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
    2012-01-13 18:03 . 2012-01-13 18:03 ——– d—–w- c:\program files\Uniblue
    2012-01-13 18:02 . 2012-01-13 18:02 ——– d—–w- c:\documents and settings\Beerends\Local Settings\Application Data\PackageAware
    2011-12-30 12:05 . 2011-12-30 12:05 ——– d—–w- c:\documents and settings\Beerends\Application Data\HotSync
    2011-12-29 19:51 . 2012-01-19 15:30 ——– d—–w- C:\unzipped
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-01-14 19:31 . 2009-02-27 20:36 695642 —-a-w- c:\windows\unins000.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\PalmDesktopShortcut.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut5.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 65536 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\ARPPRODUCTICON.exe
    2011-11-28 14:03 . 2011-11-28 14:03 49152 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut3.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe
    2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut6_45BA714564B04B5DBDC240E20FCDC6DC.exe
    2011-11-28 14:03 . 2011-11-28 14:03 40960 —-a-r- c:\documents and settings\Beerends\Application Data\Microsoft\Installer\{FF24F097-D090-41D2-8E9C-BAFEBBFD938C}\NewShortcut1_45BA714564B04B5DBDC240E20FCDC6DC.exe
    2011-11-28 10:26 . 2011-05-19 08:20 414368 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-01-21_18.53.21 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-01-22 09:41 . 2012-01-22 09:41 16384 c:\windows\Temp\Perflib_Perfdata_740.dat
    + 2012-01-22 09:39 . 2012-01-22 09:39 16384 c:\windows\Temp\Perflib_Perfdata_6f4.dat
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2004-08-20 1912832]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-04 68856]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-12-04 406016]
    "Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
    "Logitech Utility"="Logi_MwX.Exe" [2003-12-17 19968]
    "SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
    "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
    "UPC"="c:\program files\UPC\bin\sprtcmd.exe" [2005-08-16 192512]
    "NSWosCheck"="c:\program files\Norton SystemWorks Basic Edition\osCheck.exe" [2007-10-31 25424]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
    "nwiz"="nwiz.exe" [2008-05-16 1630208]
    "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-09-06 115560]
    "Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-06 161336]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\Wim\Programma's\Opstarten\
    Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
    Office Opstarten.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-2-19 51984]
    PowerReg Scheduler.exe [2012-1-4 233472]
    .
    c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
    Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Wim^Programma's^Opstarten^HotSync Manager.lnk]
    path=c:\documents and settings\Wim\Programma's\Opstarten\HotSync Manager.lnk
    backup=c:\windows\pss\HotSync Manager.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 10:50 155648 —-a-w- c:\windows\system32\NeroCheck.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Program Files\\PRTG Network Monitor\\PRTG Server Administrator.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1206000.01D\SymDS.sys [9-9-2011 18:11 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1206000.01D\SymEFA.sys [9-9-2011 18:11 744568]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20111223.001\BHDrvx86.sys [1-12-2011 3:25 820344]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1206000.01D\Ironx86.sys [9-9-2011 18:11 136312]
    R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [27-7-2007 9:13 330144]
    R2 NIS;Norton Internet Security.;c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe [9-9-2011 18:11 130008]
    R2 NProtectService;Norton UnErase Protection;c:\progra~1\NORTON~4\NORTON~1\NPROTECT.EXE [9-12-2005 12:26 99976]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9-11-2011 10:08 106104]
    R3 FCParPnP;Freecom Parallel PnP Driver;c:\windows\system32\drivers\FCParPnP.sys [10-12-2001 16:56 10320]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20120120.002\IDSXpx86.sys [21-1-2012 11:04 356280]
    S2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [27-7-2007 11:46 251680]
    S2 bsaspi32;bsaspi32; [x]
    S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
    S2 PRTGCoreService;PRTG Core Server Service; [x]
    S2 PRTGProbeService;PRTG Probe Service; [x]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [20-1-2011 15:28 1527900]
    S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7-1-2010 19:47 135664]
    S3 OlCamudp;OLYMPUS Digital Camera;c:\windows\system32\drivers\olcamudp.sys [24-5-2005 18:18 10379]
    S3 pctvvbi;PCTVVBI;c:\windows\system32\drivers\pctvvbi.sys [23-10-2004 9:08 6369]
    S3 PIXMC10;JVC Communication PIX-MC10 Driver;c:\windows\system32\drivers\pixmc10c.sys [16-2-2006 12:27 31232]
    S3 PIXMC10A;JVC PIX-MC10 Audio Capture;c:\windows\system32\drivers\pixmc10a.sys [16-2-2006 13:04 28060]
    S3 PIXMC10V;JVC PIX-MC10 Video Capture;c:\windows\system32\drivers\pixmc10v.sys [16-2-2006 13:05 22652]
    S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [19-10-2004 12:10 176256]
    .
    — Andere Services/Drivers In Geheugen —
    .
    *Deregistered* - uphcleanhlp
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-01-22 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-04 19:20]
    .
    2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
    .
    2012-01-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 18:46]
    .
    2012-01-22 c:\windows\Tasks\RegistryBooster.job
    - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-01-13 08:26]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = about:blank
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    uInternet Settings,ProxyOverride = <local>
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: E&xporteren naar Microsoft Excel - c:\mijndo~1\Office10\EXCEL.EXE/3000
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-01-22 13:48
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
    "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-3234667655-1940723367-1441234189-1005\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    ——————— DLLs Geladen Onder Lopende Processen ———————
    .
    - - - - - - - > 'explorer.exe'(3272)
    c:\windows\system32
    view.dll
    c:\program files\Logitech\MouseWare\System\LgWndHk.dll
    c:\program files\Common Files\Logitech\Scrolling\LgMsgHk.dll
    c:\progra~1\WINDOW~2\wmpband.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Voltooingstijd: 2012-01-22 13:55:27
    ComboFix-quarantined-files.txt 2012-01-22 12:55
    ComboFix2.txt 2012-01-21 19:00
    .
    Pre-Run: 75.434.119.168 bytes beschikbaar
    Post-Run: 75.411.623.936 bytes beschikbaar
    .
    - - End Of File - - 91832A85E8171282D7B198062BE93737
  • Je gebruikt Norton Internet Security, dus Antivirus en Firewall.
    Maar zo te zien staat de Windows DFirewall ook nog aan en dat is niet goed!

  • {\rtf1\ansi\ansicpg1252\deff0\deflang1043{\fonttbl{\f0\froman\fcharset0 Times New Roman;}{\f1\fswiss\fcharset0 Arial;}}
    {\*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs24 ClearJavaCache:: \line\line File:: \line c:\\windows\\Temp\\Perflib_Perfdata_740.dat \line c:\\windows\\Temp\\Perflib_Perfdata_6f4.dat \line\line Folder:: \line c:\\program files\\BabylonToolbar \line\line
    \par
    \f1\fs20\{\\rtf1\\ansi\\ansicpg1252\\deff0\\deflang1043\{\\fonttbl\{\\f0\\froman\\fcharset0 Times New Roman;\}\{\\f1\\fswiss\\fcharset0 Arial;\}\}\par
    \{\\*\\generator Msftedit 5.41.15.1515;\}\\viewkind4\\uc1\\pard\\f0\\fs24 ClearJavaCache:: \\line\\line File:: \\line c:\windows\Temp\Perflib_Perfdata_740.dat \\line c:\windows\Temp\Perflib_Perfdata_6f4.dat \\line\\line Folder:: \\line c:\program files\BabylonToolbar \\line\\line\\par\par
    \\f1\\fs20\\par\par
    \}\par
    \par
    }
    Dit zou het moeten zijn.
    Ondanks dat de Windows Firewal is uitgeschakeld staat nog steeds een rood schild met een kruis rechts onder in het scherm. Deze melding heeft daar nooit gestaan.
  • Ik heb even geen idee waar je het nu over hebt.

    "Ondanks dat de Windows Firewal is uitgeschakeld staat nog steeds een rood schild met een kruis rechts onder in het scherm. Deze melding heeft daar nooit gestaan."

    Wat gebeurt er dan nu wanneer je op dat kruis klikt?

    En wat zegt het Norton menu over de beveiliging?

    Las but not least: wat meldt het Beveiligingscentrum (Via Configuratiescherm) over de beveiligingsinstellingen?
  • Als ik op dat schilt, rood met een wit kruis (Windows-Beveilingingsmeldingen) klik, kom ik in het scherm Windows Beveiligings Centrum.
    Firewall ingeschakeld (groen gekleurd)
    Automatisch Updates Uitgeschakeld (rood gekleurd)
    Virus Beveiliging ingeschakeld (groen gekleurd)

    In Services Lokaal staat Windows Firewall uitgeschakeld. Zoals je hebt gevraagd.

    Dat van die Automatische Updates heb ik uitgeschakeld ik kreeg steeds de melding dat ik Microsoft software moet updaten KB 951847 Microsoft Frame work 3,5 Service Pak 1. en nog wat tekst. Maar ik kreeg dat niet voor elkaar.

    Als ik in het Configuratie scherm op Beveiligingcentrum klik krijg ik het zelfde scherm als wanneer ik op het symbool rechts onder klik. Windows Beveiligingscentrum.
    Nog wat gezocht. In dat scherm de optie Meldingen van Beveiligingscentrum Instellen. Nu is het schilt rechts onder verdwenen.

    Norton meld: Systeem Status Veilig. Dat staat ook rechts onderin het scherm gele wereldbol met groenevlakje en vink.
  • Aha, dan gaan we eerst dat NetFrameworkprobleem voor jou oplossen!

    Kijk hier http://www.nationaalcomputerforum.nl/showthread.php?t=68777 voor de oplossing van dat probleem.

    En schakel daarna automatische updates weer in.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.