Vraag & Antwoord

17 antwoorden

De computer van mijn geliefde heeft de laatste tijd de nodige kuren, vooral met Outlook 2007
Outlook loopt steeds vast en ik kan het pst bestand niet kopieren ,het kopieerprogramma loopt vast waardoor ik geen back-up kan maken.
Ik heb uiteraard op Google gekeken, maar zie daar geen oplossing.

Graag een blik op het HiJack-log of er misschien toch wat mis zit ondanks Norton.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:58:23, on 6-4-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Users\Bea\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/406
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: BFlix - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files (x86)\BFlix\BFlix.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\IPS\IPSBHO.DLL
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\coIEPlg.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Bea\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/69.22/uploader2.cab
O16 - DPF: {8B7C6520-204F-430A-B4F2-15C52AFF5884} (EU-supply Upload Utility) - https://www.eu-supply.com/java/EUS_UploadMgr/EUS.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://www.eu-supply.com/Java/CAPICOM/NL/capicom.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

–
End of file - 16475 bytes

Vast veel dank voor de moeite!
Jorte

Anoniem 6 april 2012 16:12

Jouw vriendin is er een net zo als veel andere Windowsgebruikers, die bij het installeren van software kliklik de boel installeert, in plaats van geavanceerd/custom te kiezen.
Gevolg: Windows wemelt van de obscure toolbars en daarmee verbonden extra ook weer obscure processen.

Overigens: indien je het PST-bestand probeert te kopiëren wanneer Outlook openstaat, wil dat inderdaad niet lukken!

Allereerst nu het volgende doen: de nutteloze service SD-Helpe van Spybot deaktiveren:

[list:2943e315b8][*:2943e315b8] Start Spybot S&D
[*:2943e315b8] Ga naar het Mode menu en selecteer "Advanced Mode"
[*:2943e315b8] In de linker kolom kies [b:2943e315b8]"Tools"[/b:2943e315b8] (of gereedschap ) en klik op > [b:2943e315b8]Resident[/b:2943e315b8]
[*:2943e315b8] Uitvinken

Anoniem 7 april 2012 10:08

Hallo Abraham,
Weer dank voor je hulp!
Het klopt dat mijn vriendin soms wat al te makkelijjk met het installeren van programma's omgaat…zucht
Ik dacht overigens dat ik bij het (mislukte) kopiëren van het pst bestand outlook helemaal had afgesloten, maar ik zal het nog eens proberen.

Onderstaand de logfile.

Deleting files
"C:\Program Files (x86)\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe" not deleted
"C:\Program Files (x86)\BFlix\BFlix.dll" not found
"C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll" not found
"C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll" not found
"C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll" not found
"C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll" deleted

Anoniem 7 april 2012 14:24

Hoi Jorte, we gaan nu dieper in de Windows van jouw vriendin kijken.

Anoniem 8 april 2012 10:20

Hallo Abraham,
Tussen de paaseieren door heb ik de programmas gedraaid.
Onderstaand de log's.
Vast weer dank voor je inzet!

Ik zie dat de log's niet doorkomen, misschien is het teveel, dus aanvullend post ik de combofix log apart.
Jorte

10:10:41.0954 3340 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
10:10:41.0954 3340 ============================================================
10:10:41.0954 3340 Current date / time: 2012/04/09 10:10:41.0954
10:10:41.0954 3340 SystemInfo:
10:10:41.0954 3340
10:10:41.0954 3340 OS Version: 6.1.7601 ServicePack: 1.0
10:10:41.0954 3340 Product type: Workstation
10:10:41.0954 3340 ComputerName: BEA-PC
10:10:41.0954 3340 UserName: Bea
10:10:41.0954 3340 Windows directory: C:\Windows
10:10:41.0954 3340 System windows directory: C:\Windows
10:10:41.0954 3340 Running under WOW64
10:10:41.0954 3340 Processor architecture: Intel x64
10:10:41.0954 3340 Number of processors: 2
10:10:41.0954 3340 Page size: 0x1000
10:10:41.0969 3340 Boot type: Normal boot
10:10:41.0969 3340 ============================================================
10:10:42.0983 3340 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:10:43.0264 3340 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xEC93D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
10:10:43.0342 3340 \Device\Harddisk0\DR0:
10:10:43.0358 3340 MBR used
10:10:43.0358 3340 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
10:10:43.0436 3340 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
10:10:43.0436 3340 \Device\Harddisk1\DR1:
10:10:43.0436 3340 MBR used
10:10:43.0436 3340 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C2000
10:10:43.0436 3340 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1C2800, BlocksNum 0x1D1C2441
10:10:43.0950 3340 Initialize success
10:10:43.0950 3340 ============================================================
10:10:44.0216 5924 ============================================================
10:10:44.0216 5924 Scan started
10:10:44.0216 5924 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
10:10:44.0216 5924 ============================================================
10:10:46.0150 5924 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:10:46.0337 5924 1394ohci - ok
10:10:46.0462 5924 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:10:46.0524 5924 ACPI - ok
10:10:46.0634 5924 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:10:46.0743 5924 AcpiPmi - ok
10:10:46.0852 5924 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:10:46.0883 5924 AdobeFlashPlayerUpdateSvc - ok
10:10:47.0133 5924 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:10:47.0195 5924 adp94xx - ok
10:10:47.0336 5924 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:10:47.0382 5924 adpahci - ok
10:10:47.0570 5924 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:10:47.0601 5924 adpu320 - ok
10:10:47.0710 5924 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
10:10:47.0741 5924 ADSMService ( UnsignedFile.Multi.Generic ) - warning
10:10:47.0741 5924 ADSMService - detected UnsignedFile.Multi.Generic (1)
10:10:47.0944 5924 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:10:48.0568 5924 AeLookupSvc - ok
10:10:48.0724 5924 AFBAgent (fb2be0bae9b3f248080cdbf91ef16c7f) C:\Windows\system32\FBAgent.exe
10:10:48.0833 5924 AFBAgent - ok
10:10:49.0176 5924 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:10:49.0270 5924 AFD - ok
10:10:49.0379 5924 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:10:49.0395 5924 agp440 - ok
10:10:49.0457 5924 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:10:49.0535 5924 ALG - ok
10:10:49.0629 5924 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:10:49.0660 5924 aliide - ok
10:10:49.0707 5924 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:10:49.0738 5924 amdide - ok
10:10:49.0816 5924 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:10:49.0910 5924 AmdK8 - ok
10:10:49.0988 5924 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:10:50.0050 5924 AmdPPM - ok
10:10:50.0097 5924 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:10:50.0144 5924 amdsata - ok
10:10:50.0237 5924 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:10:50.0268 5924 amdsbs - ok
10:10:50.0393 5924 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:10:50.0424 5924 amdxata - ok
10:10:50.0518 5924 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
10:10:50.0674 5924 AmUStor - ok
10:10:50.0783 5924 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:10:51.0142 5924 AppID - ok
10:10:51.0236 5924 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:10:51.0329 5924 AppIDSvc - ok
10:10:51.0470 5924 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:10:51.0548 5924 Appinfo - ok
10:10:51.0672 5924 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:10:51.0735 5924 Apple Mobile Device - ok
10:10:51.0813 5924 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:10:51.0844 5924 arc - ok
10:10:51.0891 5924 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:10:51.0922 5924 arcsas - ok
10:10:51.0969 5924 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
10:10:51.0984 5924 AsDsm - ok
10:10:52.0094 5924 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
10:10:52.0109 5924 ASLDRService - ok
10:10:52.0203 5924 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
10:10:52.0218 5924 ASMMAP64 - ok
10:10:52.0281 5924 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:10:52.0359 5924 AsyncMac - ok
10:10:52.0452 5924 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:10:52.0468 5924 atapi - ok
10:10:52.0593 5924 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
10:10:52.0733 5924 athr - ok
10:10:52.0827 5924 ATKGFNEXSrv (7c157574a181b19b9dcf5f339e25337e) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
10:10:52.0858 5924 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
10:10:52.0858 5924 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
10:10:52.0967 5924 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:10:53.0076 5924 AudioEndpointBuilder - ok
10:10:53.0092 5924 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:10:53.0123 5924 AudioSrv - ok
10:10:53.0279 5924 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:10:53.0388 5924 AxInstSV - ok
10:10:53.0513 5924 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:10:53.0700 5924 b06bdrv - ok
10:10:53.0794 5924 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:10:53.0856 5924 b57nd60a - ok
10:10:54.0028 5924 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:10:54.0122 5924 BBSvc - ok
10:10:54.0246 5924 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:10:54.0278 5924 BBUpdate - ok
10:10:54.0356 5924 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:10:54.0434 5924 BDESVC - ok
10:10:54.0527 5924 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:10:54.0605 5924 Beep - ok
10:10:54.0730 5924 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:10:54.0824 5924 BFE - ok
10:10:55.0323 5924 BHDrvx64 (6c64fa457c200874faa87d74152e0d84) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20120317.002\BHDrvx64.sys
10:10:55.0354 5924 BHDrvx64 - ok
10:10:55.0666 5924 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:10:55.0775 5924 BITS - ok
10:10:55.0884 5924 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:10:55.0931 5924 blbdrive - ok
10:10:56.0274 5924 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:10:56.0306 5924 Bonjour Service - ok
10:10:56.0399 5924 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:10:56.0477 5924 bowser - ok
10:10:56.0586 5924 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:10:56.0680 5924 BrFiltLo - ok
10:10:56.0805 5924 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:10:56.0852 5924 BrFiltUp - ok
10:10:56.0976 5924 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:10:57.0070 5924 Browser - ok
10:10:57.0164 5924 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:10:57.0257 5924 Brserid - ok
10:10:57.0335 5924 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:10:57.0382 5924 BrSerWdm - ok
10:10:57.0460 5924 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:10:57.0522 5924 BrUsbMdm - ok
10:10:57.0554 5924 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:10:57.0585 5924 BrUsbSer - ok
10:10:57.0647 5924 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:10:57.0678 5924 BTHMODEM - ok
10:10:57.0772 5924 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:10:57.0834 5924 bthserv - ok
10:10:57.0959 5924 ccSet_NIS (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NISx64\1306020.00A\ccSetx64.sys
10:10:57.0975 5924 ccSet_NIS - ok
10:10:58.0037 5924 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:10:58.0115 5924 cdfs - ok
10:10:58.0209 5924 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:10:58.0256 5924 cdrom - ok
10:10:58.0380 5924 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:10:58.0474 5924 CertPropSvc - ok
10:10:58.0552 5924 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:10:58.0614 5924 circlass - ok
10:10:58.0677 5924 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:10:58.0708 5924 CLFS - ok
10:10:58.0770 5924 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:10:58.0786 5924 clr_optimization_v2.0.50727_32 - ok
10:10:58.0848 5924 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:10:58.0880 5924 clr_optimization_v2.0.50727_64 - ok
10:10:59.0036 5924 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:10:59.0051 5924 clr_optimization_v4.0.30319_32 - ok
10:10:59.0192 5924 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:10:59.0207 5924 clr_optimization_v4.0.30319_64 - ok
10:10:59.0301 5924 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:10:59.0363 5924 CmBatt - ok
10:10:59.0441 5924 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:10:59.0457 5924 cmdide - ok
10:10:59.0488 5924 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:10:59.0519 5924 CNG - ok
10:10:59.0644 5924 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:10:59.0675 5924 Compbatt - ok
10:10:59.0706 5924 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:10:59.0753 5924 CompositeBus - ok
10:10:59.0816 5924 COMSysApp - ok
10:10:59.0862 5924 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:10:59.0894 5924 crcdisk - ok
10:10:59.0956 5924 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:11:00.0034 5924 CryptSvc - ok
10:11:00.0159 5924 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:11:00.0252 5924 DcomLaunch - ok
10:11:00.0362 5924 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:11:00.0486 5924 defragsvc - ok
10:11:00.0596 5924 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:11:00.0674 5924 DfsC - ok
10:11:00.0752 5924 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:11:00.0798 5924 Dhcp - ok
10:11:00.0892 5924 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:11:00.0970 5924 discache - ok
10:11:01.0064 5924 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:11:01.0095 5924 Disk - ok
10:11:01.0126 5924 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:11:01.0204 5924 Dnscache - ok
10:11:01.0298 5924 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:11:01.0391 5924 dot3svc - ok
10:11:01.0438 5924 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:11:01.0532 5924 DPS - ok
10:11:01.0610 5924 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:11:01.0672 5924 drmkaud - ok
10:11:01.0875 5924 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:11:01.0922 5924 DXGKrnl - ok
10:11:02.0062 5924 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:11:02.0171 5924 EapHost - ok
10:11:02.0577 5924 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:11:02.0733 5924 ebdrv - ok
10:11:02.0889 5924 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:11:02.0904 5924 eeCtrl - ok
10:11:03.0045 5924 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:11:03.0138 5924 EFS - ok
10:11:03.0232 5924 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:11:03.0326 5924 ehRecvr - ok
10:11:03.0419 5924 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:11:03.0482 5924 ehSched - ok
10:11:03.0591 5924 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:11:03.0638 5924 elxstor - ok
10:11:03.0747 5924 EraserUtilRebootDrv (8c0f9b877bc0b7ffd327ef55f9efb642) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:11:03.0778 5924 EraserUtilRebootDrv - ok
10:11:03.0840 5924 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:11:03.0903 5924 ErrDev - ok
10:11:04.0012 5924 ETD (1299d1ea00b7a4bf69c5869dca31e0f6) C:\Windows\system32\DRIVERS\ETD.sys
10:11:04.0059 5924 ETD - ok
10:11:04.0106 5924 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:11:04.0199 5924 EventSystem - ok
10:11:04.0355 5924 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:11:04.0433 5924 exfat - ok
10:11:04.0480 5924 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:11:04.0542 5924 fastfat - ok
10:11:04.0620 5924 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:11:04.0698 5924 Fax - ok
10:11:04.0792 5924 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:11:04.0854 5924 fdc - ok
10:11:04.0901 5924 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:11:04.0979 5924 fdPHost - ok
10:11:04.0995 5924 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:11:05.0057 5924 FDResPub - ok
10:11:05.0104 5924 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:11:05.0120 5924 FileInfo - ok
10:11:05.0151 5924 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:11:05.0229 5924 Filetrace - ok
10:11:05.0260 5924 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:11:05.0291 5924 flpydisk - ok
10:11:05.0354 5924 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:11:05.0385 5924 FltMgr - ok
10:11:05.0432 5924 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:11:05.0541 5924 FontCache - ok
10:11:05.0666 5924 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:11:05.0681 5924 FontCache3.0.0.0 - ok
10:11:05.0744 5924 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:11:05.0775 5924 FsDepends - ok
10:11:05.0884 5924 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
10:11:05.0931 5924 fssfltr - ok
10:11:06.0024 5924 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:11:06.0056 5924 fsssvc - ok
10:11:06.0212 5924 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
10:11:06.0227 5924 Fs_Rec - ok
10:11:06.0461 5924 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:11:06.0492 5924 fvevol - ok
10:11:06.0555 5924 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:11:06.0586 5924 gagp30kx - ok
10:11:06.0695 5924 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:11:06.0726 5924 GEARAspiWDM - ok
10:11:06.0773 5924 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:11:06.0867 5924 gpsvc - ok
10:11:07.0007 5924 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:07.0038 5924 gupdate - ok
10:11:07.0070 5924 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:11:07.0085 5924 gupdatem - ok
10:11:07.0163 5924 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:11:07.0194 5924 gusvc - ok
10:11:07.0288 5924 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:11:07.0366 5924 hcw85cir - ok
10:11:07.0460 5924 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:11:07.0522 5924 HdAudAddService - ok
10:11:07.0600 5924 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:11:07.0647 5924 HDAudBus - ok
10:11:07.0678 5924 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:11:07.0725 5924 HidBatt - ok
10:11:07.0756 5924 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:11:07.0803 5924 HidBth - ok
10:11:07.0818 5924 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:11:07.0865 5924 HidIr - ok
10:11:07.0928 5924 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:11:07.0990 5924 hidserv - ok
10:11:08.0146 5924 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:11:08.0162 5924 HidUsb - ok
10:11:08.0224 5924 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:11:08.0318 5924 hkmsvc - ok
10:11:08.0396 5924 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:11:08.0458 5924 HomeGroupListener - ok
10:11:08.0536 5924 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:11:08.0583 5924 HomeGroupProvider - ok
10:11:08.0645 5924 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:11:08.0661 5924 HpSAMD - ok
10:11:08.0708 5924 HTCAND64 (f47cec45fb85791d4ab237563ad0fa8f) C:\Windows\system32\Drivers\ANDROIDUSB.sys
10:11:08.0770 5924 HTCAND64 - ok
10:11:08.0879 5924 htcnprot (b8b1b284362e1d8135112573395d5da5) C:\Windows\system32\DRIVERS\htcnprot.sys
10:11:08.0910 5924 htcnprot - ok
10:11:08.0973 5924 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:11:09.0066 5924 HTTP - ok
10:11:09.0113 5924 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:11:09.0129 5924 hwpolicy - ok
10:11:09.0191 5924 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:11:09.0207 5924 i8042prt - ok
10:11:09.0269 5924 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
10:11:09.0300 5924 iaStor - ok
10:11:09.0394 5924 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:11:09.0425 5924 iaStorV - ok
10:11:09.0628 5924 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:11:09.0722 5924 idsvc - ok
10:11:09.0971 5924 IDSVia64 (18c40c3f368323b203ace403cb430db1) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20120406.002\IDSvia64.sys
10:11:09.0987 5924 IDSVia64 - ok
10:11:10.0314 5924 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:11:10.0346 5924 iirsp - ok
10:11:10.0455 5924 IJPLMSVC (755519f49906b73c1fe9cbbf75e347ea) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
10:11:10.0470 5924 IJPLMSVC - ok
10:11:10.0611 5924 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:11:10.0720 5924 IKEEXT - ok
10:11:11.0001 5924 IntcAzAudAddService (a9638fa0fb0c5b86229c3fd809ce8cff) C:\Windows\system32\drivers\RTKVHD64.sys
10:11:11.0079 5924 IntcAzAudAddService - ok
10:11:11.0204 5924 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:11:11.0235 5924 intelide - ok
10:11:11.0344 5924 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:11:11.0391 5924 intelppm - ok
10:11:11.0422 5924 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:11:11.0500 5924 IPBusEnum - ok
10:11:11.0562 5924 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:11:11.0640 5924 IpFilterDriver - ok
10:11:11.0734 5924 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:11:11.0828 5924 iphlpsvc - ok
10:11:11.0890 5924 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:11:11.0921 5924 IPMIDRV - ok
10:11:11.0952 5924 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:11:11.0984 5924 IPNAT - ok
10:11:12.0077 5924 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:11:12.0140 5924 iPod Service - ok
10:11:12.0233 5924 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:11:12.0327 5924 IRENUM - ok
10:11:12.0358 5924 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:11:12.0374 5924 isapnp - ok
10:11:12.0452 5924 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:11:12.0498 5924 iScsiPrt - ok
10:11:12.0545 5924 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:11:12.0561 5924 kbdclass - ok
10:11:12.0623 5924 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:11:12.0670 5924 kbdhid - ok
10:11:12.0764 5924 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
10:11:12.0779 5924 kbfiltr - ok
10:11:12.0826 5924 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:11:12.0857 5924 KeyIso - ok
10:11:12.0998 5924 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:11:13.0029 5924 KSecDD - ok
10:11:13.0138 5924 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:11:13.0169 5924 KSecPkg - ok
10:11:13.0232 5924 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:11:13.0325 5924 ksthunk - ok
10:11:13.0419 5924 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:11:13.0497 5924 KtmRm - ok
10:11:13.0622 5924 L1C (ad88105efddc55877ea8d06346d75989) C:\Windows\system32\DRIVERS\L1C62x64.sys
10:11:13.0668 5924 L1C - ok
10:11:13.0778 5924 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:11:13.0856 5924 LanmanServer - ok
10:11:13.0902 5924 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:11:13.0980 5924 LanmanWorkstation - ok
10:11:14.0136 5924 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:11:14.0214 5924 lltdio - ok
10:11:14.0261 5924 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:11:14.0324 5924 lltdsvc - ok
10:11:14.0339 5924 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:11:14.0386 5924 lmhosts - ok
10:11:14.0480 5924 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:11:14.0495 5924 LSI_FC - ok
10:11:14.0542 5924 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:11:14.0573 5924 LSI_SAS - ok
10:11:14.0589 5924 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:11:14.0604 5924 LSI_SAS2 - ok
10:11:14.0651 5924 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:11:14.0667 5924 LSI_SCSI - ok
10:11:14.0698 5924 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:11:14.0776 5924 luafv - ok
10:11:14.0870 5924 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:11:14.0932 5924 Mcx2Svc - ok
10:11:14.0994 5924 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:11:15.0010 5924 megasas - ok
10:11:15.0057 5924 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:11:15.0088 5924 MegaSR - ok
10:11:15.0119 5924 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:11:15.0197 5924 MMCSS - ok
10:11:15.0275 5924 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:11:15.0338 5924 Modem - ok
10:11:15.0431 5924 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:11:15.0447 5924 monitor - ok
10:11:15.0494 5924 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:11:15.0525 5924 mouclass - ok
10:11:15.0572 5924 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:11:15.0618 5924 mouhid - ok
10:11:15.0665 5924 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:11:15.0696 5924 mountmgr - ok
10:11:15.0759 5924 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:11:15.0790 5924 mpio - ok
10:11:15.0821 5924 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:11:15.0884 5924 mpsdrv - ok
10:11:15.0946 5924 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:11:16.0055 5924 MpsSvc - ok
10:11:16.0102 5924 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:11:16.0133 5924 MRxDAV - ok
10:11:16.0211 5924 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:11:16.0289 5924 mrxsmb - ok
10:11:16.0336 5924 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:11:16.0398 5924 mrxsmb10 - ok
10:11:16.0461 5924 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:11:16.0523 5924 mrxsmb20 - ok
10:11:16.0554 5924 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:11:16.0586 5924 msahci - ok
10:11:16.0664 5924 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:11:16.0695 5924 msdsm - ok
10:11:16.0835 5924 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:11:16.0882 5924 MSDTC - ok
10:11:16.0976 5924 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:11:17.0069 5924 Msfs - ok
10:11:17.0100 5924 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:11:17.0147 5924 mshidkmdf - ok
10:11:17.0178 5924 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:11:17.0210 5924 msisadrv - ok
10:11:17.0256 5924 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:11:17.0350 5924 MSiSCSI - ok
10:11:17.0459 5924 msiserver - ok
10:11:17.0537 5924 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:11:17.0615 5924 MSKSSRV - ok
10:11:17.0678 5924 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:11:17.0740 5924 MSPCLOCK - ok
10:11:17.0771 5924 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:11:17.0834 5924 MSPQM - ok
10:11:17.0865 5924 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:11:17.0896 5924 MsRPC - ok
10:11:17.0958 5924 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:11:17.0974 5924 mssmbios - ok
10:11:18.0036 5924 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:11:18.0130 5924 MSTEE - ok
10:11:18.0426 5924 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:11:18.0473 5924 MTConfig - ok
10:11:18.0567 5924 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
10:11:18.0582 5924 MTsensor - ok
10:11:18.0629 5924 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:11:18.0660 5924 Mup - ok
10:11:18.0926 5924 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:11:19.0019 5924 napagent - ok
10:11:19.0144 5924 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:11:19.0206 5924 NativeWifiP - ok
10:11:19.0440 5924 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120407.016\ENG64.SYS
10:11:19.0472 5924 NAVENG - ok
10:11:19.0830 5924 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20120407.016\EX64.SYS
10:11:19.0877 5924 NAVEX15 - ok
10:11:20.0049 5924 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:11:20.0111 5924 NDIS - ok
10:11:20.0174 5924 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:11:20.0252 5924 NdisCap - ok
10:11:20.0314 5924 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:11:20.0392 5924 NdisTapi - ok
10:11:20.0454 5924 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:11:20.0532 5924 Ndisuio - ok
10:11:20.0564 5924 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:11:20.0626 5924 NdisWan - ok
10:11:20.0657 5924 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:11:20.0720 5924 NDProxy - ok
10:11:20.0766 5924 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:11:20.0860 5924 NetBIOS - ok
10:11:20.0954 5924 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:11:21.0016 5924 NetBT - ok
10:11:21.0110 5924 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:11:21.0141 5924 Netlogon - ok
10:11:21.0203 5924 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:11:21.0281 5924 Netman - ok
10:11:21.0406 5924 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:11:21.0515 5924 netprofm - ok
10:11:21.0609 5924 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:11:21.0640 5924 NetTcpPortSharing - ok
10:11:21.0718 5924 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:11:21.0749 5924 nfrd960 - ok
10:11:21.0968 5924 NIS (7a02f128a454bb22e300f3f80bc1bd22) C:\Program Files (x86)\Norton Internet Security\Engine\19.6.2.10\ccSvcHst.exe
10:11:21.0999 5924 NIS - ok
10:11:22.0092 5924 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:11:22.0155 5924 NlaSvc - ok
10:11:22.0233 5924 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:11:22.0295 5924 Npfs - ok
10:11:22.0358 5924 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:11:22.0451 5924 nsi - ok
10:11:22.0498 5924 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:11:22.0576 5924 nsiproxy - ok
10:11:22.0779 5924 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:11:22.0872 5924 Ntfs - ok
10:11:23.0075 5924 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:11:23.0138 5924 Null - ok
10:11:23.0200 5924 NVHDA (cb599955ce2ce9694721562f9481cd84) C:\Windows\system32\drivers\nvhda64v.sys
10:11:23.0231 5924 NVHDA - ok
10:11:24.0058 5924 nvlddmkm (0d3f6e25c658530a2ad4b648849f1483) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:11:24.0230 5924 nvlddmkm - ok
10:11:24.0354 5924 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:11:24.0370 5924 nvraid - ok
10:11:24.0386 5924 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:11:24.0401 5924 nvstor - ok
10:11:24.0448 5924 nvsvc (7dd5a1a53bb2d1b1b85c9c543d05e222) C:\Windows\system32\nvvsvc.exe
10:11:24.0479 5924 nvsvc - ok
10:11:24.0542 5924 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:11:24.0573 5924 nv_agp - ok
10:11:24.0682 5924 OberonGameConsoleService (649791f5b905e6a8ecced15ad8efd436) C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
10:11:24.0729 5924 OberonGameConsoleService - ok
10:11:24.0822 5924 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:11:24.0885 5924 odserv - ok
10:11:25.0103 5924 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:11:25.0166 5924 ohci1394 - ok
10:11:25.0259 5924 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:11:25.0275 5924 ose - ok
10:11:25.0368 5924 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:11:25.0462 5924 p2pimsvc - ok
10:11:25.0727 5924 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:11:25.0774 5924 p2psvc - ok
10:11:25.0852 5924 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:11:25.0899 5924 Parport - ok
10:11:25.0977 5924 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:11:25.0992 5924 partmgr - ok
10:11:26.0117 5924 PassThru Service (39b9dcd7040654c2e57d7396736c718e) C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
10:11:26.0148 5924 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
10:11:26.0148 5924 PassThru Service - detected UnsignedFile.Multi.Generic (1)
10:11:26.0274 5924 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:11:26.0305 5924 PcaSvc - ok
10:11:26.0383 5924 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:11:26.0415 5924 pci - ok
10:11:26.0477 5924 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:11:26.0493 5924 pciide - ok
10:11:26.0633 5924 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:11:26.0727 5924 pcmcia - ok
10:11:26.0805 5924 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:11:26.0820 5924 pcw - ok
10:11:26.0914 5924 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:11:26.0992 5924 PEAUTH - ok
10:11:27.0085 5924 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:11:27.0148 5924 PerfHost - ok
10:11:27.0257 5924 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:11:27.0335 5924 pla - ok
10:11:27.0413 5924 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:11:27.0491 5924 PlugPlay - ok
10:11:27.0569 5924 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:11:27.0600 5924 PNRPAutoReg - ok
10:11:27.0631 5924 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:11:27.0663 5924 PNRPsvc - ok
10:11:27.0850 5924 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:11:27.0928 5924 PolicyAgent - ok
10:11:28.0037 5924 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:11:28.0099 5924 Power - ok
10:11:28.0177 5924 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:11:28.0240 5924 PptpMiniport - ok
10:11:28.0318 5924 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:11:28.0365 5924 Processor - ok
10:11:28.0427 5924 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:11:28.0505 5924 ProfSvc - ok
10:11:28.0552 5924 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:11:28.0567 5924 ProtectedStorage - ok
10:11:28.0645 5924 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:11:28.0723 5924 Psched - ok
10:11:28.0786 5924 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:11:28.0864 5924 ql2300 - ok
10:11:28.0942 5924 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:11:28.0989 5924 ql40xx - ok
10:11:29.0581 5924 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:11:29.0659 5924 QWAVE - ok
10:11:29.0753 5924 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:11:29.0800 5924 QWAVEdrv - ok
10:11:29.0909 5924 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
10:11:30.0127 5924 RapiMgr - ok
10:11:30.0237 5924 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:11:30.0315 5924 RasAcd - ok
10:11:30.0408 5924 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:11:30.0486 5924 RasAgileVpn - ok
10:11:30.0611 5924 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:11:30.0689 5924 RasAuto - ok
10:11:30.0783 5924 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:11:30.0861 5924 Rasl2tp - ok
10:11:30.0939 5924 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:11:31.0001 5924 RasMan - ok
10:11:31.0110 5924 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:11:31.0188 5924 RasPppoe - ok
10:11:31.0219 5924 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:11:31.0297 5924 RasSstp - ok
10:11:31.0361 5924 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:11:31.0423 5924 rdbss - ok
10:11:31.0626 5924 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:11:31.0657 5924 rdpbus - ok
10:11:31.0985 5924 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:11:32.0078 5924 RDPCDD - ok
10:11:32.0156 5924 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:11:32.0203 5924 RDPENCDD - ok
10:11:32.0234 5924 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:11:32.0297 5924 RDPREFMP - ok
10:11:32.0344 5924 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:11:32.0406 5924 RDPWD - ok
10:11:32.0531 5924 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:11:32.0546 5924 rdyboost - ok
10:11:32.0593 5924 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:11:32.0640 5924 RemoteAccess - ok
10:11:32.0687 5924 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:11:32.0749 5924 RemoteRegistry - ok
10:11:32.0874 5924 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:11:32.0921 5924 RichVideo - ok
10:11:32.0983 5924 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:11:33.0077 5924 RpcEptMapper - ok
10:11:33.0155 5924 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:11:33.0202 5924 RpcLocator - ok
10:11:33.0264 5924 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:11:33.0326 5924 RpcSs - ok
10:11:33.0467 5924 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:11:33.0545 5924 rspndr - ok
10:11:33.0779 5924 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:11:33.0810 5924 SamSs - ok
10:11:34.0122 5924 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:11:34.0153 5924 sbp2port - ok
10:11:34.0294 5924 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:11:34.0465 5924 SBSDWSCService - ok
10:11:34.0637 5924 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:11:34.0730 5924 SCardSvr - ok
10:11:34.0886 5924 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:11:34.0964 5924 scfilter - ok
10:11:35.0120 5924 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:11:35.0214 5924 Schedule - ok
10:11:35.0323 5924 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:11:35.0370 5924 SCPolicySvc - ok
10:11:35.0604 5924 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:11:35.0698 5924 SDRSVC - ok
10:11:35.0807 5924 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:11:35.0900 5924 secdrv - ok
10:11:35.0963 5924 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:11:36.0056 5924 seclogon - ok
10:11:36.0166 5924 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:11:36.0228 5924 SENS - ok
10:11:36.0384 5924 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:11:36.0478 5924 SensrSvc - ok
10:11:36.0618 5924 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:11:36.0696 5924 Serenum - ok
10:11:36.0868 5924 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:11:36.0914 5924 Serial - ok
10:11:37.0008 5924 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:11:37.0086 5924 sermouse - ok
10:11:37.0180 5924 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:11:37.0226 5924 SessionEnv - ok
10:11:37.0289 5924 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:11:37.0336 5924 sffdisk - ok
10:11:37.0382 5924 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:11:37.0414 5924 sffp_mmc - ok
10:11:37.0429 5924 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:11:37.0476 5924 sffp_sd - ok
10:11:37.0507 5924 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:11:37.0538 5924 sfloppy - ok
10:11:37.0585 5924 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:11:37.0663 5924 SharedAccess - ok
10:11:37.0694 5924 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:11:37.0741 5924 ShellHWDetection - ok
10:11:37.0804 5924 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
10:11:37.0835 5924 SiSGbeLH - ok
10:11:37.0866 5924 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:11:37.0882 5924 SiSRaid2 - ok
10:11:37.0928 5924 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:11:37.0944 5924 SiSRaid4 - ok
10:11:38.0006 5924 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:11:38.0038 5924 SkypeUpdate - ok
10:11:38.0178 5924 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:11:38.0256 5924 Smb - ok
10:11:38.0381 5924 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:11:38.0412 5924 SNMPTRAP - ok
10:11:38.0708 5924 SNP2UVC (7aec460dbdd193680f0e77724e40e7b6) C:\Windows\system32\DRIVERS\snp2uvc.sys
10:11:38.0755 5924 SNP2UVC - ok
10:11:38.0849 5924 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:11:38.0880 5924 spldr - ok
10:11:38.0989 5924 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:11:39.0067 5924 Spooler - ok
10:11:39.0879 5924 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:11:40.0019 5924 sppsvc - ok
10:11:40.0175 5924 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:11:40.0253 5924 sppuinotify - ok
10:11:40.0440 5924 SRTSP (4d56f175f76c685a06471800a03219b2) C:\Windows\System32\Drivers\NISx64\1306020.00A\SRTSP64.SYS
10:11:40.0471 5924 SRTSP - ok
10:11:40.0596 5924 SRTSPX (7b02f64dc80c0ec7300af302ed5d1cb3) C:\Windows\system32\drivers\NISx64\1306020.00A\SRTSPX64.SYS
10:11:40.0612 5924 SRTSPX - ok
10:11:40.0659 5924 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:11:40.0768 5924 srv - ok
10:11:40.0939 5924 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:11:41.0017 5924 srv2 - ok
10:11:41.0329 5924 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:11:41.0439 5924 srvnet - ok
10:11:41.0532 5924 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:11:41.0626 5924 SSDPSRV - ok
10:11:41.0797 5924 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:11:41.0860 5924 SstpSvc - ok
10:11:41.0938 5924 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:11:41.0953 5924 stexstor - ok
10:11:42.0016 5924 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:11:42.0109 5924 stisvc - ok
10:11:42.0172 5924 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:11:42.0187 5924 swenum - ok
10:11:42.0265 5924 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:11:42.0328 5924 swprv - ok
10:11:42.0593 5924 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NISx64\1306020.00A\SYMDS64.SYS
10:11:42.0671 5924 SymDS - ok
10:11:42.0967 5924 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NISx64\1306020.00A\SYMEFA64.SYS
10:11:43.0030 5924 SymEFA - ok
10:11:43.0123 5924 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:11:43.0170 5924 SymEvent - ok
10:11:43.0264 5924 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NISx64\1306020.00A\Ironx64.SYS
10:11:43.0295 5924 SymIRON - ok
10:11:43.0576 5924 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\NISx64\1306020.00A\SYMNETS.SYS
10:11:43.0623 5924 SymNetS - ok
10:11:43.0825 5924 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:11:43.0997 5924 SysMain - ok
10:11:44.0075 5924 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:11:44.0122 5924 TabletInputService - ok
10:11:44.0169 5924 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:11:44.0247 5924 TapiSrv - ok
10:11:44.0278 5924 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:11:44.0340 5924 TBS - ok
10:11:44.0434 5924 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:11:44.0512 5924 Tcpip - ok
10:11:44.0590 5924 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:11:44.0637 5924 TCPIP6 - ok
10:11:44.0668 5924 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:11:44.0715 5924 tcpipreg - ok
10:11:44.0746 5924 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:11:44.0793 5924 TDPIPE - ok
10:11:44.0839 5924 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:11:44.0871 5924 TDTCP - ok
10:11:44.0902 5924 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:11:44.0964 5924 tdx - ok
10:11:44.0995 5924 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:11:45.0011 5924 TermDD - ok
10:11:45.0042 5924 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:11:45.0120 5924 TermService - ok
10:11:45.0167 5924 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:11:45.0198 5924 Themes - ok
10:11:45.0292 5924 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:11:45.0354 5924 THREADORDER - ok
10:11:45.0463 5924 TomTomHOMEService (e80cc0c9c45649a4ce23ea70a607f56e) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:11:45.0541 5924 TomTomHOMEService - ok
10:11:45.0604 5924 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:11:45.0682 5924 TrkWks - ok
10:11:45.0744 5924 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:11:45.0853 5924 TrustedInstaller - ok
10:11:45.0931 5924 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:11:45.0978 5924 tssecsrv - ok
10:11:46.0025 5924 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:11:46.0103 5924 TsUsbFlt - ok
10:11:46.0212 5924 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:11:46.0306 5924 tunnel - ok
10:11:46.0337 5924 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:11:46.0368 5924 uagp35 - ok
10:11:46.0431 5924 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:11:46.0493 5924 udfs - ok
10:11:46.0524 5924 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:11:46.0555 5924 UI0Detect - ok
10:11:46.0602 5924 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:11:46.0633 5924 uliagpkx - ok
10:11:46.0680 5924 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:11:46.0696 5924 umbus - ok
10:11:46.0743 5924 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:11:46.0774 5924 UmPass - ok
10:11:46.0821 5924 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:11:46.0945 5924 upnphost - ok
10:11:47.0023 5924 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:11:47.0117 5924 USBAAPL64 - ok
10:11:47.0195 5924 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:11:47.0226 5924 usbccgp - ok
10:11:47.0273 5924 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:11:47.0320 5924 usbcir - ok
10:11:47.0351 5924 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:11:47.0398 5924 usbehci - ok
10:11:47.0460 5924 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:11:47.0491 5924 usbhub - ok
10:11:47.0523 5924 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:11:47.0554 5924 usbohci - ok
10:11:47.0616 5924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:11:47.0679 5924 usbprint - ok
10:11:47.0772 5924 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:11:47.0835 5924 usbscan - ok
10:11:47.0881 5924 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:11:47.0944 5924 USBSTOR - ok
10:11:48.0006 5924 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
10:11:48.0053 5924 usbuhci - ok
10:11:48.0100 5924 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:11:48.0162 5924 usbvideo - ok
10:11:48.0240 5924 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
10:11:48.0303 5924 usb_rndisx - ok
10:11:48.0334 5924 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:11:48.0427 5924 UxSms - ok
10:11:48.0459 5924 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:11:48.0474 5924 VaultSvc - ok
10:11:48.0537 5924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:11:48.0552 5924 vdrvroot - ok
10:11:48.0615 5924 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:11:48.0724 5924 vds - ok
10:11:48.0802 5924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:11:48.0833 5924 vga - ok
10:11:48.0849 5924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:11:48.0927 5924 VgaSave - ok
10:11:48.0958 5924 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:11:48.0989 5924 vhdmp - ok
10:11:49.0005 5924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:11:49.0020 5924 viaide - ok
10:11:49.0036 5924 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:11:49.0051 5924 volmgr - ok
10:11:49.0114 5924 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:11:49.0145 5924 volmgrx - ok
10:11:49.0192 5924 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:11:49.0223 5924 volsnap - ok
10:11:49.0270 5924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:11:49.0317 5924 vsmraid - ok
10:11:49.0379 5924 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:11:49.0504 5924 VSS - ok
10:11:49.0535 5924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:11:49.0582 5924 vwifibus - ok
10:11:49.0597 5924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:11:49.0644 5924 vwififlt - ok
10:11:49.0691 5924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:11:49.0753 5924 vwifimp - ok
10:11:49.0785 5924 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:11:49.0878 5924 W32Time - ok
10:11:49.0925 5924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:11:49.0956 5924 WacomPen - ok
10:11:50.0050 5924 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:11:50.0112 5924 WANARP - ok
10:11:50.0128 5924 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:11:50.0159 5924 Wanarpv6 - ok
10:11:50.0284 5924 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:11:50.0346 5924 WatAdminSvc - ok
10:11:50.0440 5924 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:11:50.0580 5924 wbengine - ok
10:11:50.0627 5924 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:11:50.0674 5924 WbioSrvc - ok
10:11:50.0767 5924 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
10:11:50.0799 5924 WcesComm - ok
10:11:50.0861 5924 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:11:50.0923 5924 wcncsvc - ok
10:11:50.0970 5924 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:11:51.0033 5924 WcsPlugInService - ok
10:11:51.0111 5924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:11:51.0142 5924 Wd - ok
10:11:51.0189 5924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:11:51.0235 5924 Wdf01000 - ok
10:11:51.0282 5924 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:11:51.0391 5924 WdiServiceHost - ok
10:11:51.0407 5924 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:11:51.0438 5924 WdiSystemHost - ok
10:11:51.0532 5924 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:11:51.0579 5924 WebClient - ok
10:11:51.0625 5924 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:11:51.0672 5924 Wecsvc - ok
10:11:51.0703 5924 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:11:51.0750 5924 wercplsupport - ok
10:11:51.0844 5924 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:11:51.0922 5924 WerSvc - ok
10:11:51.0969 5924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:11:52.0015 5924 WfpLwf - ok
10:11:52.0078 5924 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
10:11:52.0125 5924 WimFltr - ok
10:11:52.0156 5924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:11:52.0187 5924 WIMMount - ok
10:11:52.0234 5924 WinDefend - ok
10:11:52.0234 5924 WinHttpAutoProxySvc - ok
10:11:52.0327 5924 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:11:52.0405 5924 Winmgmt - ok
10:11:52.0499 5924 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:11:52.0655 5924 WinRM - ok
10:11:52.0764 5924 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:11:52.0811 5924 WINUSB - ok
10:11:52.0873 5924 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:11:52.0951 5924 Wlansvc - ok
10:11:53.0107 5924 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:11:53.0217 5924 wlidsvc - ok
10:11:53.0279 5924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:11:53.0310 5924 WmiAcpi - ok
10:11:53.0373 5924 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:11:53.0419 5924 wmiApSrv - ok
10:11:53.0466 5924 WMPNetworkSvc - ok
10:11:53.0544 5924 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:11:53.0607 5924 WPCSvc - ok
10:11:53.0638 5924 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:11:53.0669 5924 WPDBusEnum - ok
10:11:53.0700 5924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:11:53.0747 5924 ws2ifsl - ok
10:11:53.0794 5924 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:11:53.0841 5924 wscsvc - ok
10:11:53.0856 5924 WSearch - ok
10:11:53.0950 5924 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:11:54.0075 5924 wuauserv - ok
10:11:54.0137 5924 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:11:54.0199 5924 WudfPf - ok
10:11:54.0215 5924 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:11:54.0277 5924 wudfsvc - ok
10:11:54.0324 5924 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:11:54.0371 5924 WwanSvc - ok
10:11:54.0402 5924 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:11:54.0636 5924 \Device\Harddisk0\DR0 - ok
10:11:54.0917 5924

Anoniem 9 april 2012 08:56

En nu het weggevallen stukje van het vorige log en de combofix:

10:11:54.0917 5924 MBR (0x1B8) (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk1\DR1
10:11:55.0104 5924 \Device\Harddisk1\DR1 - ok
10:11:55.0104 5924 Boot (0x1200) (8e7fb864f7cd878abc399ac744620f24) \Device\Harddisk0\DR0\Partition0
10:11:55.0120 5924 \Device\Harddisk0\DR0\Partition0 - ok
10:11:55.0120 5924 Boot (0x1200) (71eb8cd2ebf9723c84028f59865f1a4d) \Device\Harddisk0\DR0\Partition1
10:11:55.0120 5924 \Device\Harddisk0\DR0\Partition1 - ok
10:11:55.0167 5924 Boot (0x1200) (3a8da93ba723211b5e67a0dd7c0f3c91) \Device\Harddisk1\DR1\Partition0
10:11:55.0167 5924 \Device\Harddisk1\DR1\Partition0 - ok
10:11:55.0167 5924 Boot (0x1200) (3ea905f6c12e75180a818dd7887c4667) \Device\Harddisk1\DR1\Partition1
10:11:55.0167 5924 \Device\Harddisk1\DR1\Partition1 - ok
10:11:55.0167 5924 ============================================================
10:11:55.0167 5924 Scan finished
10:11:55.0167 5924 ============================================================
10:11:55.0775 5908 Deinitialize success

==============================================
System Restore Point Check:

TDSSKiller Starter Restore Point Created Succesfully
==============================================
EOF

ComboFix 12-04-08.02 - Bea 09-04-2012 10:18:21.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.4095.2614 [GMT 2:00]
Gestart vanuit: C:\Users\Bea\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

C:\Program Files (x86)\Incredibar.com
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibar.crx
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarApp.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarEng.dll
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\incredibarsrv.exe
C:\Program Files (x86)\Incredibar.com\incredibar\1.5.3.27\uninstall.exe
C:\ProgramData\FullRemove.exe
C:\Users\Bea\AppData\Roaming\.#
C:\Windows\Downloaded Program Files\EUS_QueueMgr
C:\Windows\Downloaded Program Files\EUS_QueueMgr\de\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\dk\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\en\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\fi\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\fr\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\is\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\lt\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\nl\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\no\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\Plugins\vmsxmlv.dll
C:\Windows\Downloaded Program Files\EUS_QueueMgr\pt\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\ru\uploadmgr.xsl
C:\Windows\Downloaded Program Files\EUS_QueueMgr\sv\uploadmgr.xsl

(((((((((((((((((((( Bestanden Gemaakt van 2012-03-09 to 2012-04-09 ))))))))))))))))))))))))))))))

2012-04-09 08:31:37 . 2012-04-09 08:31:37 ——– d—–w- C:\Users\Default\AppData\Local\temp
2012-04-09 08:10:20 . 2012-04-09 08:11:56 ——– d—–w- C:\TDSSStarter
2012-04-09 08:09:06 . 2012-04-09 08:09:06 418464 —-a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-06 15:51:11 . 2012-04-06 15:51:11 388096 —-a-r- C:\Users\Bea\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-06 15:51:11 . 2012-04-06 15:51:11 ——– d—–w- C:\Program Files (x86)\Trend Micro
2012-04-02 19:29:47 . 2012-04-02 19:29:47 ——– d—–w- C:\Program Files (x86)\Common Files\Skype
2012-04-01 13:34:39 . 2012-04-01 13:34:39 ——– d—–w- C:\Program Files\iPod
2012-04-01 13:34:38 . 2012-04-01 13:35:14 ——– d—–w- C:\Program Files\iTunes
2012-03-29 16:45:32 . 2012-03-29 16:45:32 ——– d—–w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-03-29 16:44:10 . 2012-03-29 16:44:10 175736 —-a-w- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2012-03-29 16:44:10 . 2012-03-29 16:44:10 ——– d—–w- C:\Program Files\Symantec
2012-03-29 16:43:37 . 2012-03-29 16:43:38 ——– d—–w- C:\Program Files (x86)\Norton Internet Security
2012-03-29 16:43:29 . 2012-03-29 16:43:29 ——– d—–w- C:\Program Files (x86)\NortonInstaller
2012-03-29 15:55:20 . 2012-03-29 15:56:45 ——– d—–w- C:\Windows\system32\drivers\NISx64\1306020.00A
2012-03-29 15:34:47 . 2012-03-29 16:09:03 ——– d—–w- C:\Users\Bea\AppData\Local\NPE
2012-03-29 15:18:01 . 2011-11-19 15:20:37 5559152 —-a-w- C:\Windows\system32\ntoskrnl.exe
2012-03-29 15:18:01 . 2011-11-19 14:50:02 3968368 —-a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-29 15:18:00 . 2011-11-19 14:50:02 3913584 —-a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-29 14:44:53 . 2012-03-29 14:44:53 ——– d—–w- C:\Users\Bea\AppData\Roaming\Malwarebytes
2012-03-29 14:44:46 . 2012-03-29 14:44:48 ——– d—–w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-03-29 14:44:46 . 2012-03-29 14:44:46 ——– d—–w- C:\ProgramData\Malwarebytes
2012-03-29 14:44:46 . 2011-12-10 13:24:08 23152 —-a-w- C:\Windows\system32\drivers\mbam.sys
2012-03-29 14:37:13 . 2012-02-03 04:34:34 3145728 —-a-w- C:\Windows\system32\win32k.sys
2012-03-29 14:37:12 . 2012-02-10 06:36:07 1544192 —-a-w- C:\Windows\system32\DWrite.dll
2012-03-29 14:37:12 . 2012-02-10 05:38:43 1077248 —-a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-29 14:36:20 . 2012-01-25 06:38:39 77312 —-a-w- C:\Windows\system32\rdpwsx.dll
2012-03-29 14:36:20 . 2012-01-25 06:38:38 149504 —-a-w- C:\Windows\system32\rdpcorekmts.dll
2012-03-29 14:36:20 . 2012-01-25 06:33:30 9216 —-a-w- C:\Windows\system32\rdrmemptylst.exe
2012-03-29 14:36:19 . 2012-02-17 06:38:26 1031680 —-a-w- C:\Windows\system32\rdpcore.dll
2012-03-29 14:36:19 . 2012-02-17 04:58:24 210944 —-a-w- C:\Windows\system32\drivers\rdpwd.sys
2012-03-29 14:36:19 . 2012-02-17 04:57:32 23552 —-a-w- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 09:19:26 . 2012-02-17 05:34:22 826880 —-a-w- C:\Windows\SysWow64\rdpcore.dll
.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

2012-04-09 08:09:06 . 2011-09-01 07:05:29 70304 —-a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-29 14:38:08 . 2011-08-05 13:16:27 472808 —-a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-02 09:05:17 . 2012-03-02 09:05:17 162664 —-a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin
2012-02-15 09:01:50 . 2012-02-15 09:01:50 52736 —-a-w- C:\Windows\system32\drivers\usbaapl64.sys
2012-02-15 09:01:50 . 2012-02-15 09:01:50 4547944 —-a-w- C:\Windows\system32\usbaaplrc.dll
2012-02-12 15:26:17 . 2010-04-23 11:25:59 48648 —-a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-01-31 08:22:27 . 2010-01-10 16:55:52 48648 —-a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-01-31 08:22:23 . 2010-08-06 08:06:20 882512 —-a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

Anoniem 9 april 2012 09:08

Het ComboFix-log is verre van compleet.
Graag nogmaals posten.

Anoniem 9 april 2012 14:20

Hallo Abraham,
Was al bang dat er iets niet goed was gegaan. Toen combofix de computer opnieuw opstartte en aangaf dat hij een log ging maken (in blauw scherm) toen gebeurde er ruim een kwartier niets en toen kreeg ik de boodschap:
Illegal operation attempted on a registery key that has been marked for deletion.

Toen heb ik de computer opnieuw opgestart. Omdat er verder niets meer gebeurde ben ik het log gaan zoeken en dat stond inderdaad in c:\combofix, maar dit was alles wat er stond.
Wat nu? Nog een keer combofix draaien?

Anoniem 9 april 2012 14:59

We doen nu eerst iets anders.

Download de [b:2f0a89130a][/b:2f0a89130a] naar het bureaublad en pak het [b:2f0a89130a]ZIP[/b:2f0a89130a] bestand uit.
[list:2f0a89130a]
[*:2f0a89130a] Open de map "[b:2f0a89130a]EmsisoftEmergencyKit[/b:2f0a89130a]" en dubbelklik op "[b:2f0a89130a]Start.exe[/b:2f0a89130a]"
[*:2f0a89130a] Klik nu op "[b:2f0a89130a]Emergency Kit Scanner[/b:2f0a89130a]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:2f0a89130a]Ja[/b:2f0a89130a]"
[img:2f0a89130a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:2f0a89130a]
[*:2f0a89130a] Als de update gereed is en de melding "[b:2f0a89130a]Update process is succesvol afgerond[/b:2f0a89130a]" verschijnt klikt u op "[b:2f0a89130a]menu[/b:2f0a89130a]" en dan op "[b:2f0a89130a]Scan PC[/b:2f0a89130a]"
[*:2f0a89130a] Selecteer de optie "[b:2f0a89130a]Diep[/b:2f0a89130a]" als deze niet standaard al zo is ingesteld.
[*:2f0a89130a] Klik Nu op de knop "[b:2f0a89130a]Scan[/b:2f0a89130a]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
[*:2f0a89130a] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.

Opmerking:

Als u deze melding ziet.

[b:2f0a89130a]C:\Documents and Settings\username\Bureaublad\ComboFix.exe/$0\List.bat Verwijderd Virus.Win32.HTML!IK [/b:2f0a89130a]

Wanneer het bestand in het venster met scanresultaten staat kun je rechtsklikken op die detectie en kiezen voor [b:2f0a89130a] "Versturen als vals alarm (False Positive)".[/b:2f0a89130a]

[*:2f0a89130a] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:2f0a89130a]verwijder geselecteerde[/b:2f0a89130a]" u zal nu de volgende melding krijgen maar klik hier op "[b:2f0a89130a]Ja[/b:2f0a89130a]"
[img:2f0a89130a]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:2f0a89130a]
[*:2f0a89130a] Als het verwijderen gereed is klikt u op de knop "[b:2f0a89130a]View report[/b:2f0a89130a]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:2f0a89130a]a2scan_110730-111615.txt[/b:2f0a89130a]
[*:2f0a89130a] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
[*:2f0a89130a] Herstart nu de computer.[/list:u:2f0a89130a]

Anoniem 9 april 2012 15:41

Hallo Abraham,
Toch steeds spannend voor mij wat er steeds tevoorschijn komt!
Onderstaand het log:

Emsisoft Emergency Kit - Versie 1.0
Laatste Update: 4/9/2012 6:45:30 PM

Scaninstellingen:

Scantype: Diepe Scan
Objecten: Geheugen, Sporen, Cookies, C:\, D:\, F:\, G:\
Scan archieven: Aan
Heuristieken: Uit
ADS Scan: Aan

Scan gestart: 4/9/2012 6:46:26 PM

c:\windows\Downloaded Program Files\default.inf Ontdekt: Trace.File.iePlugin!A2
Key: HKEY_LOCAL_MACHINE\software\classes\interface\{1d4db7d3-6ec9-47a3-bd87-1e41684e07bb} Ontdekt: Trace.Registry.IBISToolbar!A2
Key: HKEY_CURRENT_USER\software\imesh Ontdekt: Trace.Registry.IMesh!A2
Value: HKEY_CURRENT_USER\Software\iMesh –> LastOpenFileDir Ontdekt: Trace.Registry.iMesh!A2
C:\Users\Bea\Pictures\geintjes\CursorMania.exe Ontdekt: Riskware.WebToolbar.Win32.MyWebSearch.AMN!A2

Gescand

Bestanden: 983062
Sporen: 406988
Cookies: 30
Processen: 91

Gevonden

Bestanden: 1
Sporen: 4
Cookies: 0
Processen: 0
Registersleutels: 0

Scan Geëindigd: 4/9/2012 11:11:49 PM
Scantijd: 4:25:23

C:\Users\Bea\Pictures\geintjes\CursorMania.exe Verwijderd Riskware.WebToolbar.Win32.MyWebSearch.AMN!A2
Key: HKEY_CURRENT_USER\software\imesh Verwijderd Trace.Registry.IMesh!A2
Value: HKEY_CURRENT_USER\Software\iMesh –> LastOpenFileDir Verwijderd Trace.Registry.IMesh!A2
Key: HKEY_LOCAL_MACHINE\software\classes\interface\{1d4db7d3-6ec9-47a3-bd87-1e41684e07bb} Verwijderd Trace.Registry.IBISToolbar!A2
c:\windows\Downloaded Program Files\default.inf Verwijderd Trace.File.iePlugin!A2

Verwijderd

Bestanden: 1
Sporen: 4
Cookies: 0

Anoniem 9 april 2012 21:20

Hoi Jorte, ik verbaas mij al lang niet meer er over wat gebruikers met hun Windows doen.

Maar hoe draait Windows inmiddels.
En het probleem met Outlook, hoe staat het daarmee?

Anoniem 10 april 2012 07:43

[quote:184ee57d8e="Abraham54"]Hoi Jorte, ik verbaas mij al lang niet meer er over wat gebruikers met hun Windows doen.

Maar hoe draait Windows inmiddels.
En het probleem met Outlook, hoe staat het daarmee?[/quote:184ee57d8e]

Hallo Abraham, ha, ik kan me voorstellen dat je heel wat vreemde zaken tegen komt

Windows lijkt nu soepeler te lopen en ze heeft nu bijna 2 uur zonder problemen met outlook kunnen werken. Dat ziet er dus goed uit (bij deze haar grote dank voor je hulp!).
Bij dat pst-bestand (ruim 4 gig, ze bewaart nogal veel….) lukt de back up nog steeds niet, maar dat blijkt -zo leert google- een veel voorkomend probleem te zijn (Windows error 0x8007045D) met een aantal mogelijke oplossingen, daar ga ik dit weekend weer mee verder.
Zal ik de programma's (zoals combofix) nu verwijderen, of zal ik ze nog maar even bewaren?
Vast dank voor je advies!

Anoniem 10 april 2012 21:06

Hoe probeer jij dat PST-bestand te back-upppen?

Doe je dat gewoon middels rechtsklik en dan kopiëren te kiezen?
Trouwens: 4 GB grootte is wel enorm voor een thuisgebruikster.
Mijn PST-bestand is nog geen GB groot, alhoewel ik toch ook veel extra mappen heb aangmaakt.

Laten we ook eens naar de gezondheid van de HD kijken:

[b:a956ab3e2f]Welk programma[/b:a956ab3e2f]: CrystalDiskInfo
[b:a956ab3e2f]Waarvoor/waarom[/b:a956ab3e2f]: controle van van SMART-gegevens van de harddisk(s)
[b:a956ab3e2f]Moeilijkheidsgraad[/b:a956ab3e2f]: geen.
[b:a956ab3e2f]Download CrystalDiskInfo[/b:a956ab3e2f] [b:a956ab3e2f]hier[/b:a956ab3e2f]

[img:a956ab3e2f]http://www.imgdumper.nl/uploads4/4df870efec9f5/4df870efeba86-CrystalDiskInfo.png[/img:a956ab3e2f]

Installeer het tool en start vervolgens CrystalDiskInfo

Het tool leest daarop de SMART-gegevens van de aangesloten harddisks.
Is de kleur Blauw - dan volledig gezond.
Is de kleur Geel - dan zijn er problemen.
Is de kleur Rood - dan de HD z.s.m. vervangen.

Bij SSD's wordt ook de gezondheidstoestand van de SSD's vermeld (Health)

Anoniem 11 april 2012 09:40

Hallo Abraham,
Tja, ik stond ook verbaasd bij de omvang van het PST-bestand…….
Maar ja, het is ook haar werkcomputer (eigen bedrijfje) en elke mail wordt bewaard. Ze gaat het nu opschonen, maar ja….een paar jaar mail.
Vandaar dat ik toen er problemen waren meteen het pst-bestand probeerde te saven.
Ik heb het inderdaad met gewoon middels rechtsklik en dan kopiëren te kiezen geprobeerd.

Inmiddels ook CDI gedraaid en die geeft een gele waarschuwing (C5 en C6, zie onder, ik heb een kopie gemaakt van het bestand en wat CDI geel aangaf heb ik vet gemaakt). Er blijken trouwens 2 schijven in de laptop te zitten, C/D heeft de gele waarschuwing.
Heel graag advies hoe nu verder, vast dank.

CrystalDiskInfo 4.5.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
—————————————————————————-

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2012/04/12 10:29:51

– Controller Map ———————————————————-
+ Intel(R) ICH9M-E/M SATA AHCI Controller [ATA]
- ST9500325AS
- TSSTcorp CDDVDW TS-L633C
- ST9500325AS

– Disk List —————————————————————
(1) ST9500325AS : 500.1 GB [0-0-0, pd1]
(2) ST9500325AS : 500.1 GB [1-0-2, pd1]

—————————————————————————-
(1) ST9500325AS
—————————————————————————-
Model : ST9500325AS
Firmware : 0002SDM1
Serial Number : 6VE4G05N
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 2221 uren
Power On Count : 1502 keer
Temparature : 24 C (75 F)
[b:243bcdbc11]Health Status : Waarschuwing[/b:243bcdbc11]
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : —-

– S.M.A.R.T. ————————————————————–
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _75 __6 00000390EDA4 Read Error Rate
03 _98 _98 __0 000000000000 Spin-Up Time
04 _99 _99 _20 0000000005DF Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _81 _60 _30 000007E96EFE Seek Error Rate
09 _98 _98 __0 0000000008AD Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _37 _20 0000000005DE Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB __1 __1 __0 00000000491E Reported Uncorrectable Errors
BC 100 _99 __0 000000000002 Command Timeout
BD 100 100 __0 000000000000 High Fly Writes
BE _76 _54 _45 000018160018 Airflow Temperature
BF 100 100 __0 00000000001A G-Sense Error Rate
C0 100 100 __0 00000000000C Power-off Retract Count
C1 _86 _86 __0 0000000072AE Load/Unload Cycle Count
C2 _24 _46 __0 000D00000018 Temperature
C3 _54 _45 __0 00000390EDA4 Hardware ECC recovered
[b:243bcdbc11]C5 100 100 __0 000000000001 Current Pending Sector Count
C6 100 100 __0 000000000001 Uncorrectable Sector Count[/b:243bcdbc11]
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
FE 100 100 __0 000000000000 Free Fall Protection

– IDENTIFY_DEVICE ———————————————————
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4534 4730 354E
020: 0000 4000 0004 3030 3032 4D31 4D31 5354 3935 3030
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0048
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 0046
090: 0046 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 1ED1 4F99 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CCA5

—————————————————————————-
(2) ST9500325AS
—————————————————————————-
Model : ST9500325AS
Firmware : 0002SDM1
Serial Number : 6VE4G6FB
Disk Size : 500.1 GB (8.4/137.4/500.1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 2156 uren
Power On Count : 1502 keer
Temparature : 22 C (71 F)
Health Status : Goed
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : —-

– S.M.A.R.T. ————————————————————–
ID Cur Wor Thr RawValues(6) Attribute Name
01 112 _99 __6 000002908079 Read Error Rate
03 _99 _98 __0 000000000000 Spin-Up Time
04 _97 _97 _20 000000000C4A Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _72 _60 _30 00000104C771 Seek Error Rate
09 _98 _98 __0 00000000086C Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 0000000005DE Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BD 100 100 __0 000000000000 High Fly Writes
BE _78 _50 _45 000016160016 Airflow Temperature
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 000000000002 Power-off Retract Count
C1 _91 _91 __0 0000000046A1 Load/Unload Cycle Count
C2 _22 _50 __0 000F00000016 Temperature
C3 _54 _50 __0 000002908079 Hardware ECC recovered
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
FE 100 100 __0 000000000000 Free Fall Protection

– IDENTIFY_DEVICE ———————————————————
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3656 3656 4534 4736 4642
020: 0000 4000 0004 3030 3032 4D31 4D31 5354 3935 3030
030: 3332 3541 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0048
080: 01F0 0029 346B 7D09 6123 BC09 BC09 6123 407F 0044
090: 0044 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 1ECF E8AF 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103B 103B 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 18A5

Anoniem 12 april 2012 08:44

Emails kan je heel simpel per klant opslaan als bijv. txt!
Op die wijze kan je alles bewaren zonder dat de data zelf groot is.

Emails met afbeeldingen kan je bijv. opslaan als HTML, bij openen gebeurt dit dan in de webbrowser.

Wat betreft de HD: die Seagate HD's van 500,1GB hebben mijn inziens een slechtere reeks gehad en vermoedelijk stamt de HD daaruit.
Ook elders was er een lid met dezelfde HD en onverklaarbare problemen in Windows!

Anoniem 12 april 2012 10:39

Hallo Abraham,
Je hebt helemaal gelijk (en mijn eigen pst is heel klein), maar pas als het misloopt krijg je de vragen, nooit vooraf .
In ieder geval is dankzij jou de rotzooi er af en loopt windows (en outlook) nu een stuk soepeler!

Weet jij hoe zwaar de " gele kaart" is van CDI?
Ik denk dat ik morgen eerst maar chkdsk ga draaien op haar computer.
Gelukkig had ik haar eerder een externe HD gegeven om haar belangrijke bestanden op te slaan, en dat is vrij goed bijgehouden (daar wilde ik ook het pst bestand naar kopiëren).
Heb jij verder nog suggesties?
In ieder geval veel dank voor je hulp met het verwijderen van alle ellende!
Jorte

Anoniem 12 april 2012 17:02

Het kan zijn dat het PST-bestand op een van de aangedane plekken op de HD staat.

Misschien dat een schijfcontrole een en ander wel mogelijk maakt:

klik daarvoor Computer open en vraag vervolgens de [b:4255f02818]Eigenschappen[/b:4255f02818] van –> "C" op.
Klik nu op de tab [b:4255f02818]Extra[/b:4255f02818]

Klik vervolgens op de knop [b:4255f02818]Nu controleren[/b:4255f02818] in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".

In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.

Doe dat dan ook.

Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.

Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!

Anoniem 12 april 2012 19:54

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.

Vraag & Antwoord

Outlook 2007 en andere droevenis

Beantwoord deze vraag

Gerelateerde vragen

Registreren

We hebben je een e-mail gestuurd!

Oops… er ging wat mis.

Hoera, je account is nu geactiveerd!

Dit token is niet meer valide.

Wachtwoord vergeten?

Je aanvraag is verstuurd

Wachtwoord herstellen

Wachtwoord herstellen

Dit token is niet meer valide.

Bedankt!

Je vraag is geplaatst!

Je antwoord is geplaatst!

Bevestigingsmail verstuurd!