Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

trage computer & textenhance (hijacklog)

Abraham54
11 antwoorden
  • Beste allen,

    de computer van mijn ouders is traag geworden en heeft last van textenhance.
    Diverse scans hebben al wat zooi verwijderd, maar de pc is nog steeds geen snelheidsmonster en textenhance krijg ik niet weg. Ik vind ook geen eenduidig en helder verhaal via google om dit aan te pakken.

    Zouden de knappe koppen van dit forum mij kunnen helpen? Ik heb vast een hijacklog gedraaid en hier neergezet.

    Alvast bedankt! Rebecca

    [code:1:6103307888]
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:17:35, on 21-3-2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.17108)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast5\afwServ.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Silvercrest MTS2118 driver\StartAutorun.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Program Files\Silvercrest MTS2118 driver\KMConfig.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
    C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Alwil Software\Avast5\avastUI.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\Silvercrest MTS2118 driver\KMProcess.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\WINDOWS\system32\FsUsbExService.Exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\HijackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: BFlix - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\BFlix.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files\DIALux\DLXShellExtension.dll
    O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0
    pwinext.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1449.0
    pwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0
    pwinext.dll
    O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Silvercrest MTS2118 driver\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
    O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [Bing Bar] "C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\De Wit\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
    O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe


    End of file - 11638 bytes
    [/code:1:6103307888]
  • Dag Rebecca, ik kan de computer van je ouders niet 1-2-3 sneller maken. Dat lijkt me meer een klusje voor Abraham54.

    Wel heb ik een idee over de oorzaak van textenhance. In de lijst van HijackThis zie ik deze regel: O2 - BHO: BFlix - {0C9F4179-6CE2-4c6a-A3E5-67FF3592A12E} - C:\Program Files\BFlix\BFlix.dll

    In internet Explorer ga je via Extra naar Invoegtoepassingen beheren.
    Staat in de lijst van invoegtoepassingen BFlix (of TheBflix)?
    Klik er op en kies dan Uitschakelen. Sluit Internet Explorer daarna even af.
    Ga daarna via Start > Configuratiescherm > Sofware naar de lijst met geïnstalleerde programma's.
    Zoek in die lijst naar [b:acb3305162]BFlix[/b:acb3305162] en/of [b:acb3305162]TheBflix[/b:acb3305162]. Gevonden? Klik erop en kies Verwijderen.
    Start daarna Internet Explorer en controleer of je nog last hebt van textenhance.
  • Hallo Porrelaar,

    bedankt voor je hulp om de textenhance kwijt te raken! Die zijn ze nu eindelijk kwijt.

    Groeten, Rebecca
  • Begin met het verwijderen van Lavasoft AdAare.
    Windows zal daar ook blij mee zijn, want dan zijn de conflicten met Avast ook weg.

    [b:54cda561ed]Stap •1•[/b:54cda561ed][/color:54cda561ed]
    Download de [b:54cda561ed]Emsisoft Emergency Kit[/color:54cda561ed][/b:54cda561ed] naar het bureaublad en pak het [b:54cda561ed]ZIP[/b:54cda561ed] bestand uit.
    [list:54cda561ed]
    [*:54cda561ed] Open de map "[b:54cda561ed]EmsisoftEmergencyKit[/b:54cda561ed]" en dubbelklik op "[b:54cda561ed]Start.exe[/b:54cda561ed]"
    [*:54cda561ed] Klik nu op "[b:54cda561ed]Emergency Kit Scanner[/b:54cda561ed]" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "[b:54cda561ed]Ja[/b:54cda561ed]"
    [img:54cda561ed]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK11.jpg[/img:54cda561ed]
    [*:54cda561ed] Als de update gereed is en de melding "[b:54cda561ed]Update process is succesvol afgerond[/b:54cda561ed]" verschijnt klikt u op "[b:54cda561ed]menu[/b:54cda561ed]" en dan op "[b:54cda561ed]Scan PC[/b:54cda561ed]"
    [*:54cda561ed] Selecteer de optie "[b:54cda561ed]Diep[/b:54cda561ed]" als deze niet standaard al zo is ingesteld.
    [*:54cda561ed] Klik Nu op de knop "[b:54cda561ed]Scan[/b:54cda561ed]" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
    [*:54cda561ed] Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
    [*:54cda561ed] Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "[b:54cda561ed]verwijder geselecteerde[/b:54cda561ed]" u zal nu de volgende melding krijgen maar klik hier op "[b:54cda561ed]Ja[/b:54cda561ed]"
    [img:54cda561ed]http://i1103.photobucket.com/albums/g476/pcwebplus/EmsisoftEK2.jpg[/img:54cda561ed]
    [*:54cda561ed] Als het verwijderen gereed is klikt u op de knop "[b:54cda561ed]View report[/b:54cda561ed]" en selecteert u het tekstbestand van deze scan met de naam zoals: [b:54cda561ed]a2scan_110730-111615.txt[/b:54cda561ed]
    [*:54cda561ed] Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
    [*:54cda561ed] Herstart nu de computer.[/list:u:54cda561ed]
    color=#FF0000][b:54cda561ed]Stap •2•[/b:54cda561ed]
    [b:54cda561ed]Welk programma[/b:54cda561ed]: Malwarebytes MBAM
    [b:54cda561ed]Waarvoor/waarom[/b:54cda561ed]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:54cda561ed]Moeilijkheidsgraad[/b:54cda561ed]: geen.

    [b:54cda561ed]Download Malwarebytes MBAM via één van deze locaties[/b:54cda561ed]:
    [list:54cda561ed][*:54cda561ed][b:54cda561ed]Softpedia.com[/b:54cda561ed][*:54cda561ed][b:54cda561ed]Majorgeeks.com[/b:54cda561ed][/list:u:54cda561ed]
    [b:54cda561ed]Allereerst[/b:54cda561ed]:[list:54cda561ed][*:54cda561ed] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:54cda561ed] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'!
    [/list:u:54cda561ed]
    [b:54cda561ed]Malwarebytes MBAM opstarten[/b:54cda561ed]:
    [list:54cda561ed][*:54cda561ed] [b:54cda561ed]Sluit nu eerst alle nog openstaande programmavensters![/color:54cda561ed][/b:54cda561ed]
    [list:54cda561ed][*:54cda561ed][b:54cda561ed]Windows 2000[/color:54cda561ed][/b:54cda561ed] en [b:54cda561ed]Windows XP[/b:54cda561ed][/color:54cda561ed]: start MBAM middels dubbelklik op de snelkoppeling.
    [*:54cda561ed][b:54cda561ed]Windows Vista[/b:54cda561ed][/color:54cda561ed] en [b:54cda561ed]Windows 7[/b:54cda561ed][/color:54cda561ed]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:54cda561ed][/list:u:54cda561ed]
    [list:54cda561ed][*:54cda561ed][b:54cda561ed]Let op:[/b:54cda561ed]
    [list:54cda561ed][*:54cda561ed]Malwarebytes verstrekt nu de volledige versie van MBAM.
    [*:54cda561ed]Bij de eerstse start kijg je de mogelijkheid de volledige versie te gebruiken of de gratis versie.
    [*:54cda561ed]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken.
    [*:54cda561ed]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:54cda561ed][/list:u:54cda561ed]
    [indent][indent][img:54cda561ed]http://img30.imageshack.us/img30/3928/mbam2.png[/img:54cda561ed][/indent][/indent]

    [list:54cda561ed][*:54cda561ed][b:54cda561ed]Doe ook nog het volgende:[/b:54cda561ed]
    [list:54cda561ed][*:54cda561ed]Zodra het programma gestart is, ga dan naar het tabblad "[b:54cda561ed]Instellingen[/b:54cda561ed]".
    [*:54cda561ed]Vink hier aan: "[b:54cda561ed]Sluit Internet Explorer tijdens verwijdering van malware[/b:54cda561ed]".[/list:u:54cda561ed][/list:u:54cda561ed]

    [b:54cda561ed]Scannen[/b:54cda561ed]:
    [list:54cda561ed][*:54cda561ed] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:54cda561ed]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:54cda561ed]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:54cda561ed]
    [b:54cda561ed]Infecties gevonden[/b:54cda561ed]:
    [list:54cda561ed][*:54cda561ed]Klik nu eerst op OK om de melding weg te klikken
    [*:54cda561ed]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:54cda561ed]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:54cda561ed]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:54cda561ed]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:54cda561ed]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:54cda561ed]
    [b:54cda561ed]MBAM-Log[/b:54cda561ed]:
    [list:54cda561ed][*:54cda561ed] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:54cda561ed]
    [b:54cda561ed]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:54cda561ed]

    [b:54cda561ed]Stap •3•[/b:54cda561ed][/color:54cda561ed]
    [b:54cda561ed]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:54cda561ed]
    [list:54cda561ed][*:54cda561ed] EmsisoftEmergencyKit-logfile
    [*:54cda561ed] MBAM scanlog[/list:u:54cda561ed]
  • Beste Abraham,

    bij deze de beide logfiles. MBAM vond bij deze ronde geen kwaadaardigheden.

    Groeten, Rebecca

    EmergencyKit:
    [code:1:5236b7cdbf]
    Emsisoft Emergency Kit - Versie 1.0
    Laatste Update: 24-3-2012 18:43:17

    Scaninstellingen:

    Scantype: Diepe Scan
    Objecten: Geheugen, Sporen, Cookies, C:\, E:\
    Scan archieven: Aan
    Heuristieken: Uit
    ADS Scan: Aan

    Scan gestart: 24-3-2012 18:43:45

    c:\documents and settings\de wit\menu start\programma's\eGames Ontdekt: Trace.Directory.Bling-O!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST4UNST #1 –> DisplayName Ontdekt: Trace.Registry.Kamikaze Wargames.Battle For Moscow!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST4UNST #1 –> UninstallString Ontdekt: Trace.Registry.Kamikaze Wargames.Battle For Moscow!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:16 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:17 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:29 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:145 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:148 Ontdekt: Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:714 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:715 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:1319 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:1888 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2239 Ontdekt: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2240 Ontdekt: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2241 Ontdekt: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2242 Ontdekt: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2243 Ontdekt: Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3156 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3158 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3160 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3511 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3512 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5289 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5383 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5384 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:8974 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9485 Ontdekt: Trace.TrackingCookie.cms!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9762 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9763 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9764 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9765 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9766 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9767 Ontdekt: Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9769 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10087 Ontdekt: Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10591 Ontdekt: Trace.TrackingCookie.adserv!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10607 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10610 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10612 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10613 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10622 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10641 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10642 Ontdekt: Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10649 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10651 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10665 Ontdekt: Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:11957 Ontdekt: Trace.TrackingCookie.statse.webtrendslive!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12074 Ontdekt: Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12080 Ontdekt: Trace.TrackingCookie.d1.openx.org!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12125 Ontdekt: Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12200 Ontdekt: Trace.TrackingCookie.tribalfusion.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12531 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12532 Ontdekt: Trace.TrackingCookie.ad.yieldmanager.com!A2

    Gescand

    Bestanden: 40306
    Sporen: 467090
    Cookies: 1086
    Processen: 52

    Gevonden

    Bestanden: 0
    Sporen: 3
    Cookies: 55
    Processen: 0
    Registersleutels: 0

    Scan Geëindigd: 24-3-2012 19:23:07
    Scantijd: 0:39:22

    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12200 Verwijderd Trace.TrackingCookie.tribalfusion.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12080 Verwijderd Trace.TrackingCookie.d1.openx.org!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:11957 Verwijderd Trace.TrackingCookie.statse.webtrendslive!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10591 Verwijderd Trace.TrackingCookie.adserv!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9762 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9763 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9764 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9765 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9766 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9767 Verwijderd Trace.TrackingCookie.casalemedia.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9485 Verwijderd Trace.TrackingCookie.cms!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2239 Verwijderd Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2240 Verwijderd Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2241 Verwijderd Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2242 Verwijderd Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:2243 Verwijderd Trace.TrackingCookie.zedo.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:1888 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:9769 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10607 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10610 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10612 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10613 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10622 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10641 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10642 Verwijderd Trace.TrackingCookie.adbrite.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:1319 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5289 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:8974 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12074 Verwijderd Trace.TrackingCookie.eas.apm.emediate.eu!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:714 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:715 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3511 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3512 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5383 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:5384 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12125 Verwijderd Trace.TrackingCookie.nl.sitestat.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:148 Verwijderd Trace.TrackingCookie.server.iad.livepers!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:145 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3156 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3158 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:3160 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10649 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10651 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12531 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:12532 Verwijderd Trace.TrackingCookie.ad.yieldmanager.com!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:29 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10665 Verwijderd Trace.TrackingCookie.doubleclick.net!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:16 Verwijderd Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:17 Verwijderd Trace.TrackingCookie.stat.onestat!A2
    C:\Documents and Settings\De Wit\Application Data\Mozilla\Firefox\Profiles\e25g3lyn.default\cookies.sqlite:10087 Verwijderd Trace.TrackingCookie.stat.onestat!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST4UNST #1 –> DisplayName Verwijderd Trace.Registry.Kamikaze Wargames.Battle For Moscow!A2
    Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ST4UNST #1 –> UninstallString Verwijderd Trace.Registry.Kamikaze Wargames.Battle For Moscow!A2
    c:\documents and settings\de wit\menu start\programma's\eGames Verwijderd Trace.Directory.Bling-O!A2

    Verwijderd

    Bestanden: 0
    Sporen: 3
    Cookies: 50
    [/code:1:5236b7cdbf]

    MBAM:
    [code:1:5236b7cdbf]
    Malwarebytes Anti-Malware (-evaluatieversie-) 1.60.1.1000
    www.malwarebytes.org

    Databaseversie: v2012.03.24.02

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    De Wit :: THUIS-007423048 [administrator]

    Realtime bescherming: Ingeschakeld

    24-3-2012 19:38:03
    mbam-log-2012-03-24 (19-38-03).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 206706
    Verstreken tijd: 9 minuut/minuten, 54 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
    [/code:1:5236b7cdbf]
  • Ik wil je vragen de logs gewoon in je tekstbericht te posten en niet als code.
    dat leest minder makkelijk.

    [b:969964b17c]Stap •1•[/b:969964b17c][/color:969964b17c]
    [b:969964b17c]Welk programma[/b:969964b17c]: [b:969964b17c]TDSSStarter.exe[/b:969964b17c]
    [b:969964b17c]Waarvoor/waarom[/b:969964b17c]: Rootkitscanner
    [b:969964b17c]Moeilijkheidsgraad[/b:969964b17c]: geen
    Download [b:969964b17c]TDSSStarter[/b:969964b17c] naar het bureaublad.

    [b:969964b17c]"TDSSSStarter.exe" gebruiken[/b:969964b17c]:
    [list:969964b17c][*:969964b17c] [b:969964b17c]Sluit nu eerst alle nog openstaande programmavensters![/color:969964b17c][/b:969964b17c]
    [list:969964b17c][*:969964b17c][b:969964b17c]Windows 2000[/color:969964b17c][/b:969964b17c] en [b:969964b17c]Windows XP[/b:969964b17c][/color:969964b17c]: start het tool middels dubbelklik op "[i:969964b17c] TDSSStarter .exe[/i:969964b17c]".
    [*:969964b17c][b:969964b17c]Windows Vista[/b:969964b17c][/color:969964b17c] en [b:969964b17c]Windows 7[/b:969964b17c][/color:969964b17c]: start het tool middels rechtsklik op "[i:969964b17c]TDSSStarter.exe[/i:969964b17c]" en dan kiezen voor [i:969964b17c][b:969964b17c]Als Administrator uitvoeren[/b:969964b17c][/i:969964b17c].[/list:u:969964b17c][*:969964b17c]Vervolgens zal een CMD-venster gestart worden en wanneer de scan gereed is weer automatisch sluiten.
    [*:969964b17c]Post nu de inhoud van het geopende kladblokbestand in het volgende bericht.[/list:u:969964b17c]


    [b:969964b17c]Stap •2•[/b:969964b17c][/color:969964b17c]
    [b:969964b17c]Welk programma[/b:969964b17c]: ComboFix
    [b:969964b17c]Waarvoor/waarom[/b:969964b17c]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:969964b17c]Moeilijkheidsgraad[/b:969964b17c]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:969964b17c]Downloadlokatie[/b:969964b17c]: Dit programma absoluut naar het bureaublad downloaden!
    [b:969964b17c]Download ComboFix via één van deze locaties[/b:969964b17c]:
    [list:969964b17c][*:969964b17c][b:969964b17c]Bleepingcomputer[/b:969964b17c]
    [*:969964b17c][b:969964b17c]ForoSpyware[/b:969964b17c]
    [*:969964b17c][b:969964b17c]Geekstogo[/b:969964b17c][/list:u:969964b17c]
    [b:969964b17c]Hier[/b:969964b17c] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:969964b17c]Hier[/b:969964b17c] en [b:969964b17c]hier[/b:969964b17c] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:969964b17c]Voor alle duidelijkheid nogmaals[/b:969964b17c]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:969964b17c]Opmerkingen[/b:969964b17c]:
    [list:969964b17c][*:969964b17c] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).[/list:u:969964b17c]
    [b:969964b17c]ComboFix opstarten[/b:969964b17c]:
    [list:969964b17c][*:969964b17c] [b:969964b17c]Sluit nu eerst alle nog openstaande programmavensters![/color:969964b17c][/b:969964b17c]
    [list:969964b17c][*:969964b17c][b:969964b17c]Windows 2000[/color:969964b17c][/b:969964b17c] en [b:969964b17c]Windows XP[/b:969964b17c][/color:969964b17c]: start ComboFix.exe middels dubbelklik op ComboFix.exe.
    [*:969964b17c][b:969964b17c]Windows Vista[/b:969964b17c][/color:969964b17c] en [b:969964b17c]Windows 7[/b:969964b17c][/color:969964b17c]: start ComboFix.exe via rechtsklik op ComboFix.exe en kies dan voor [i:969964b17c][b:969964b17c]Als Administrator uitvoeren[/b:969964b17c][/i:969964b17c].[/list:u:969964b17c][/list:u:969964b17c]
    [b:969964b17c]ComboFix is opgestart[/b:969964b17c]:
    [list:969964b17c][*:969964b17c]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:969964b17c]Combofix sluit tijdens de scan de internet verbinding; probeer deze tussentijds niet te herstellen!
    [*:969964b17c]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:969964b17c]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:969964b17c]Post de inhoud van dit logbestand in je volgende bericht.
    [*:969964b17c]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:969964b17c]
    [b:969964b17c]Belangrijke opmerking[/b:969964b17c]:
    [list:969964b17c][*:969964b17c][b:969964b17c]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:969964b17c][/b:969964b17c]
    [*:969964b17c][b:969964b17c]Illegal operation attempted on a registery key that has been marked for deletion.[/color:969964b17c][/b:969964b17c]
    [*:969964b17c][b:969964b17c]Start dan de computer opnieuw op.[/color:969964b17c][/b:969964b17c][/list:u:969964b17c]

    [b:969964b17c]Stap •3•[/b:969964b17c][/color:969964b17c]
    [b:969964b17c]Samenvattend: hierna post je in jouw volgende bericht de inhoud van de volgende logs:[/b:969964b17c]
    [list:969964b17c][*:969964b17c] TDSSKStarter-log
    [*:969964b17c] ComboFix.txt-log
    [/list:u:969964b17c]
  • Beste Abraham,

    allereerst excuses voor het verlate bericht. Aangezien de computer niet bij mij thuis staat, kan ik er beperkt bij.
    Voor het scannen heb ik eerst het gewone riedeltje van scanners en viruskillers gedraaid.
    De TDSSStarter scanner ging vervolgens zonder problemen, zie de log hieronder.

    De Combofix heb ik verschillende dagen laten draaien, maar altijd eindigt deze hetzelfde: op een gegeven moment (soms eerder, soms later), start de computer opnieuw op, en dat is het dan. Ik kom niet op het punt dat er een logje wordt aangemaakt, is ook niet te vinden via verkenner.

    De prestaties van de computer zijn echter gigantisch verbeterd, veel sneller en werkbaarder.

    Met vriendelijke groet,
    Rebecca

    21:20:13.0984 2596 TDSS rootkit removing tool 2.7.24.0 Apr 2 2012 10:31:48
    21:20:14.0000 2596 ============================================================
    21:20:14.0000 2596 Current date / time: 2012/04/02 21:20:14.0000
    21:20:14.0000 2596 SystemInfo:
    21:20:14.0000 2596
    21:20:14.0000 2596 OS Version: 5.1.2600 ServicePack: 3.0
    21:20:14.0000 2596 Product type: Workstation
    21:20:14.0000 2596 ComputerName: THUIS-007423048
    21:20:14.0000 2596 UserName: De Wit
    21:20:14.0000 2596 Windows directory: C:\WINDOWS
    21:20:14.0000 2596 System windows directory: C:\WINDOWS
    21:20:14.0000 2596 Processor architecture: Intel x86
    21:20:14.0000 2596 Number of processors: 1
    21:20:14.0000 2596 Page size: 0x1000
    21:20:14.0000 2596 Boot type: Normal boot
    21:20:14.0000 2596 ============================================================
    21:20:16.0625 2596 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    21:20:16.0640 2596 \Device\Harddisk0\DR0:
    21:20:16.0640 2596 MBR used
    21:20:16.0640 2596 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2EE1AB5
    21:20:16.0656 2596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE1B33, BlocksNum 0x662C98E
    21:20:16.0734 2596 Initialize success
    21:20:16.0734 2596 ============================================================
    21:20:16.0781 2196 ============================================================
    21:20:16.0781 2196 Scan started
    21:20:16.0781 2196 Mode: Auto (DCExact ); SigCheck; TDLFS; Silent;
    21:20:16.0781 2196 ============================================================
    21:20:17.0515 2196 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys
    21:20:17.0656 2196 Aavmker4 - ok
    21:20:17.0671 2196 Abiosdsk - ok
    21:20:17.0671 2196 abp480n5 - ok
    21:20:17.0765 2196 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    21:20:17.0765 2196 ACDaemon - ok
    21:20:17.0796 2196 ACPI (02273a448ba21a7d447daeb47810d40c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    21:20:19.0296 2196 ACPI - ok
    21:20:19.0359 2196 ACPIEC (63f517b1a87dabf3f5acb8a7952fc1d1) C:\WINDOWS\system32\drivers\ACPIEC.sys
    21:20:19.0484 2196 ACPIEC - ok
    21:20:19.0546 2196 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    21:20:19.0562 2196 AdobeFlashPlayerUpdateSvc - ok
    21:20:19.0562 2196 adpu160m - ok
    21:20:19.0593 2196 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    21:20:19.0750 2196 aec - ok
    21:20:19.0781 2196 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\WINDOWS\system32\drivers\Afc.sys
    21:20:19.0781 2196 Afc - ok
    21:20:19.0812 2196 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    21:20:19.0859 2196 AFD - ok
    21:20:19.0859 2196 Aha154x - ok
    21:20:19.0875 2196 aic78u2 - ok
    21:20:19.0875 2196 aic78xx - ok
    21:20:19.0906 2196 Alerter (8bed67d13dcb55b3e9ff6dac4c6d3b49) C:\WINDOWS\system32\alrsvc.dll
    21:20:20.0046 2196 Alerter - ok
    21:20:20.0062 2196 ALG (dab2a89fde5cf791161200d90c1bcb12) C:\WINDOWS\System32\alg.exe
    21:20:20.0140 2196 ALG - ok
    21:20:20.0140 2196 AliIde - ok
    21:20:20.0140 2196 amsint - ok
    21:20:20.0203 2196 APL531 (1fc8a7e5c3aed31f00940c6ab2fd9b49) C:\WINDOWS\system32\Drivers\ov550i.sys
    21:20:20.0250 2196 APL531 ( UnsignedFile.Multi.Generic ) - warning
    21:20:20.0250 2196 APL531 - detected UnsignedFile.Multi.Generic (1)
    21:20:20.0281 2196 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    21:20:20.0421 2196 Arp1394 - ok
    21:20:20.0437 2196 asc - ok
    21:20:20.0437 2196 asc3350p - ok
    21:20:20.0453 2196 asc3550 - ok
    21:20:20.0515 2196 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    21:20:20.0531 2196 aspnet_state - ok
    21:20:20.0578 2196 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys
    21:20:20.0593 2196 aswFsBlk - ok
    21:20:20.0625 2196 aswFW (80beddcbb4a1417cec0c78a61cac0f66) C:\WINDOWS\system32\drivers\aswFW.sys
    21:20:20.0640 2196 aswFW - ok
    21:20:20.0656 2196 aswKbd (81e695913fefd4e23360a69c0f151797) C:\WINDOWS\system32\drivers\aswKbd.sys
    21:20:20.0671 2196 aswKbd - ok
    21:20:20.0703 2196 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys
    21:20:20.0718 2196 aswMon2 - ok
    21:20:20.0734 2196 aswNdis (7b948e3657bea62e437bc46ca6ef6012) C:\WINDOWS\system32\DRIVERS\aswNdis.sys
    21:20:20.0734 2196 aswNdis - ok
    21:20:20.0781 2196 aswNdis2 (72c8f79d72b4ff6e1627276ddf4b01c9) C:\WINDOWS\system32\drivers\aswNdis2.sys
    21:20:20.0796 2196 aswNdis2 - ok
    21:20:20.0828 2196 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\aswRdr.sys
    21:20:20.0843 2196 aswRdr - ok
    21:20:20.0875 2196 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys
    21:20:20.0906 2196 aswSnx - ok
    21:20:20.0937 2196 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys
    21:20:20.0953 2196 aswSP - ok
    21:20:21.0000 2196 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys
    21:20:21.0015 2196 aswTdi - ok
    21:20:21.0046 2196 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    21:20:21.0203 2196 AsyncMac - ok
    21:20:21.0218 2196 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    21:20:21.0375 2196 atapi - ok
    21:20:21.0390 2196 Atdisk - ok
    21:20:21.0421 2196 Ati HotKey Poller (5ceda44447a28db469de28afc0950650) C:\WINDOWS\system32\Ati2evxx.exe
    21:20:21.0484 2196 Ati HotKey Poller - ok
    21:20:21.0515 2196 ATI Smart (737371583e0173f963d74435be3e96d2) C:\WINDOWS\system32\ati2sgag.exe
    21:20:21.0578 2196 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
    21:20:21.0578 2196 ATI Smart - detected UnsignedFile.Multi.Generic (1)
    21:20:21.0671 2196 ati2mtag (b63516824da0d8b9ad136e6e044a795f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
    21:20:21.0859 2196 ati2mtag - ok
    21:20:21.0906 2196 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    21:20:22.0062 2196 Atmarpc - ok
    21:20:22.0078 2196 AudioSrv (f10745ed3195360e69aa4a6e7768c0e0) C:\WINDOWS\System32\audiosrv.dll
    21:20:22.0218 2196 AudioSrv - ok
    21:20:22.0250 2196 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    21:20:22.0390 2196 audstub - ok
    21:20:22.0453 2196 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    21:20:22.0468 2196 avast! Antivirus - ok
    21:20:22.0468 2196 avast! Firewall (7d465549dfb0eca6601e9609c72cd20a) C:\Program Files\Alwil Software\Avast5\afwServ.exe
    21:20:22.0484 2196 avast! Firewall - ok
    21:20:22.0531 2196 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    21:20:22.0687 2196 Beep - ok
    21:20:22.0718 2196 BITS (5c0073a51c4873430fa8b262e92183ff) C:\WINDOWS\system32\qmgr.dll
    21:20:22.0937 2196 BITS - ok
    21:20:22.0968 2196 Browser (69eaa7501f53a40e8c04c69f2391224f) C:\WINDOWS\System32\browser.dll
    21:20:23.0125 2196 Browser - ok
    21:20:23.0140 2196 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    21:20:23.0312 2196 cbidf2k - ok
    21:20:23.0343 2196 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    21:20:23.0484 2196 CCDECODE - ok
    21:20:23.0484 2196 cd20xrnt - ok
    21:20:23.0515 2196 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    21:20:23.0656 2196 Cdaudio - ok
    21:20:23.0687 2196 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    21:20:23.0859 2196 Cdfs - ok
    21:20:23.0875 2196 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    21:20:24.0031 2196 Cdrom - ok
    21:20:24.0046 2196 Changer - ok
    21:20:24.0078 2196 CiSvc (bd85400700b80fbe3d4a3412bce74861) C:\WINDOWS\system32\cisvc.exe
    21:20:24.0203 2196 CiSvc - ok
    21:20:24.0250 2196 ClipSrv (4fb6108130829666c8fe96b442fead94) C:\WINDOWS\system32\clipsrv.exe
    21:20:24.0390 2196 ClipSrv - ok
    21:20:24.0453 2196 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:20:24.0484 2196 clr_optimization_v2.0.50727_32 - ok
    21:20:24.0500 2196 CmdIde - ok
    21:20:24.0500 2196 COMSysApp - ok
    21:20:24.0515 2196 Cpqarray - ok
    21:20:24.0531 2196 CryptSvc (0a9cf5d3cf63a8699f28c814ef821c7e) C:\WINDOWS\System32\cryptsvc.dll
    21:20:24.0703 2196 CryptSvc - ok
    21:20:24.0750 2196 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
    21:20:24.0765 2196 ctxusbm - ok
    21:20:24.0765 2196 dac2w2k - ok
    21:20:24.0765 2196 dac960nt - ok
    21:20:24.0812 2196 DcomLaunch (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll
    21:20:24.0875 2196 DcomLaunch - ok
    21:20:24.0906 2196 Dhcp (146ab038f5dbb366122d28444999ab2c) C:\WINDOWS\System32\dhcpcsvc.dll
    21:20:25.0062 2196 Dhcp - ok
    21:20:25.0093 2196 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    21:20:25.0265 2196 Disk - ok
    21:20:25.0265 2196 dmadmin - ok
    21:20:25.0312 2196 dmboot (dec123e0c75971d0cc7a6c6a75e28429) C:\WINDOWS\system32\drivers\dmboot.sys
    21:20:25.0500 2196 dmboot - ok
    21:20:25.0515 2196 dmio (7268e66259722f6228c730685b201092) C:\WINDOWS\system32\drivers\dmio.sys
    21:20:25.0671 2196 dmio - ok
    21:20:25.0703 2196 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    21:20:25.0843 2196 dmload - ok
    21:20:25.0875 2196 dmserver (127db74184e2d3d31655da525a5efde1) C:\WINDOWS\System32\dmserver.dll
    21:20:26.0015 2196 dmserver - ok
    21:20:26.0031 2196 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    21:20:26.0171 2196 DMusic - ok
    21:20:26.0203 2196 Dnscache (de6cdb6cbc5c27b9085cfa6dfe8e5025) C:\WINDOWS\System32\dnsrslvr.dll
    21:20:26.0250 2196 Dnscache - ok
    21:20:26.0281 2196 Dot3svc (90ee765e1a598b578852901f74f914f1) C:\WINDOWS\System32\dot3svc.dll
    21:20:26.0437 2196 Dot3svc - ok
    21:20:26.0437 2196 dpti2o - ok
    21:20:26.0468 2196 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    21:20:26.0609 2196 drmkaud - ok
    21:20:26.0640 2196 EapHost (e6bbdebf7081899d161c773e8d84d015) C:\WINDOWS\System32\eapsvc.dll
    21:20:26.0796 2196 EapHost - ok
    21:20:26.0828 2196 ERSvc (2f5c7f650b7af178988946ee4b0d9c01) C:\WINDOWS\System32\ersvc.dll
    21:20:26.0984 2196 ERSvc - ok
    21:20:27.0015 2196 Eventlog (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe
    21:20:27.0046 2196 Eventlog - ok
    21:20:27.0078 2196 EventSystem (97912dc0679d2da60cce589bbc196d72) C:\WINDOWS\system32\es.dll
    21:20:27.0125 2196 EventSystem - ok
    21:20:27.0140 2196 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    21:20:27.0312 2196 Fastfat - ok
    21:20:27.0343 2196 FastUserSwitchingCompatibility (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
    21:20:27.0390 2196 FastUserSwitchingCompatibility - ok
    21:20:27.0406 2196 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    21:20:27.0562 2196 Fdc - ok
    21:20:27.0578 2196 Fips (8bfffb5ac954e19dfdb96d56512aa518) C:\WINDOWS\system32\drivers\Fips.sys
    21:20:27.0718 2196 Fips - ok
    21:20:27.0750 2196 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    21:20:27.0906 2196 Flpydisk - ok
    21:20:27.0921 2196 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    21:20:28.0062 2196 FltMgr - ok
    21:20:28.0140 2196 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    21:20:28.0156 2196 FontCache3.0.0.0 - ok
    21:20:28.0187 2196 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
    21:20:28.0203 2196 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
    21:20:28.0203 2196 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
    21:20:28.0218 2196 FsUsbExService (0f6e118a0187aa563c3935170e7028a6) C:\WINDOWS\system32\FsUsbExService.Exe
    21:20:28.0234 2196 FsUsbExService - ok
    21:20:28.0265 2196 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    21:20:28.0437 2196 Fs_Rec - ok
    21:20:28.0468 2196 Ftdisk (fa8ca22e70245c81ff29c36af56292fc) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    21:20:28.0625 2196 Ftdisk - ok
    21:20:28.0671 2196 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    21:20:28.0812 2196 Gpc - ok
    21:20:28.0906 2196 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    21:20:28.0921 2196 gupdate - ok
    21:20:28.0921 2196 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    21:20:28.0937 2196 gupdatem - ok
    21:20:28.0953 2196 gusvc (5467f1ff0af264566740f67e8b810735) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    21:20:28.0968 2196 gusvc - ok
    21:20:29.0000 2196 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    21:20:29.0125 2196 HDAudBus - ok
    21:20:29.0156 2196 helpsvc (5327bad9b35c33d2a64b64e4cf282ecd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    21:20:29.0296 2196 helpsvc - ok
    21:20:29.0328 2196 HidServ (10003105aab8d5a7db51a9cb3d9f55a3) C:\WINDOWS\System32\hidserv.dll
    21:20:29.0500 2196 HidServ - ok
    21:20:29.0515 2196 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    21:20:29.0656 2196 hidusb - ok
    21:20:29.0687 2196 hkmsvc (1ff903ffa2da1704e5a5443d37d8e49e) C:\WINDOWS\System32\kmsvc.dll
    21:20:29.0843 2196 hkmsvc - ok
    21:20:29.0859 2196 hpn - ok
    21:20:29.0890 2196 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    21:20:29.0921 2196 HTTP - ok
    21:20:29.0937 2196 HTTPFilter (2529c7ba05242beed0027f554d0513bb) C:\WINDOWS\System32\w3ssl.dll
    21:20:30.0109 2196 HTTPFilter - ok
    21:20:30.0109 2196 i2omgmt - ok
    21:20:30.0125 2196 i2omp - ok
    21:20:30.0140 2196 i8042prt (c43372d0682f8e32e4ec21117e089ec0) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    21:20:30.0281 2196 i8042prt - ok
    21:20:30.0359 2196 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    21:20:30.0406 2196 idsvc - ok
    21:20:30.0453 2196 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    21:20:30.0593 2196 Imapi - ok
    21:20:30.0640 2196 ImapiService (a117772f94c854de5d1bbc1f1962b192) C:\WINDOWS\system32\imapi.exe
    21:20:30.0796 2196 ImapiService - ok
    21:20:30.0796 2196 ini910u - ok
    21:20:30.0921 2196 IntcAzAudAddService (8f924588c272fdaa28cf31a9bbc21a72) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    21:20:31.0156 2196 IntcAzAudAddService - ok
    21:20:31.0203 2196 IntelIde - ok
    21:20:31.0234 2196 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    21:20:31.0390 2196 Ip6Fw - ok
    21:20:31.0421 2196 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    21:20:31.0578 2196 IpFilterDriver - ok
    21:20:31.0609 2196 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    21:20:31.0765 2196 IpInIp - ok
    21:20:31.0781 2196 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    21:20:31.0937 2196 IpNat - ok
    21:20:31.0953 2196 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    21:20:32.0093 2196 IPSec - ok
    21:20:32.0109 2196 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    21:20:32.0187 2196 IRENUM - ok
    21:20:32.0203 2196 isapnp (0b78e1a31340e1fb1e389d5633f7c3a0) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    21:20:32.0359 2196 isapnp - ok
    21:20:32.0406 2196 JavaQuickStarterService (5e06a9d23727daf96faa796f1135fdcd) C:\Program Files\Java\jre6\bin\jqs.exe
    21:20:32.0421 2196 JavaQuickStarterService - ok
    21:20:32.0437 2196 Kbdclass (380397621e94b32c744e7b2cc1330390) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    21:20:32.0593 2196 Kbdclass - ok
    21:20:32.0625 2196 kbdhid (b833b70fe639f01fb36cedabe57ef031) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    21:20:32.0765 2196 kbdhid - ok
    21:20:32.0796 2196 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    21:20:32.0937 2196 kmixer - ok
    21:20:32.0953 2196 KMWDFilter (d8df201e64b455de473fefd4a7a7af0c) C:\WINDOWS\System32\Drivers\KMWDFilter.SYS
    21:20:32.0968 2196 KMWDFilter ( UnsignedFile.Multi.Generic ) - warning
    21:20:32.0968 2196 KMWDFilter - detected UnsignedFile.Multi.Generic (1)
    21:20:33.0000 2196 KMWDSERVICE (393b6c708b318c457317a32a1f45c545) C:\Program Files\Silvercrest MTS2118 driver\KMWDSrv.exe
    21:20:33.0015 2196 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - warning
    21:20:33.0015 2196 KMWDSERVICE - detected UnsignedFile.Multi.Generic (1)
    21:20:33.0046 2196 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    21:20:33.0078 2196 KSecDD - ok
    21:20:33.0109 2196 lanmanserver (c7955e7edaea462d04f1c4be1d340372) C:\WINDOWS\System32\srvsvc.dll
    21:20:33.0156 2196 lanmanserver - ok
    21:20:33.0187 2196 lanmanworkstation (a936a575eaf6dce8dc08bc0c53972add) C:\WINDOWS\System32\wkssvc.dll
    21:20:33.0234 2196 lanmanworkstation - ok
    21:20:33.0250 2196 Lavasoft Kernexplorer - ok
    21:20:33.0265 2196 Lbd - ok
    21:20:33.0265 2196 lbrtfdc - ok
    21:20:33.0312 2196 LexBceS (a1043645d16915df12a6f2e049922a18) C:\WINDOWS\system32\LEXBCES.EXE
    21:20:33.0390 2196 LexBceS - ok
    21:20:33.0484 2196 LightScribeService (6e5dac168d1ff9843e84a59d51d31107) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    21:20:33.0500 2196 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
    21:20:33.0500 2196 LightScribeService - detected UnsignedFile.Multi.Generic (1)
    21:20:33.0515 2196 LmHosts (91ae20c5c2776c511994aa1308c05283) C:\WINDOWS\System32\lmhsvc.dll
    21:20:33.0656 2196 LmHosts - ok
    21:20:33.0687 2196 MarvinBus (a3e700d78eec390f1208098cdca5c6b6) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
    21:20:33.0703 2196 MarvinBus ( UnsignedFile.Multi.Generic ) - warning
    21:20:33.0703 2196 MarvinBus - detected UnsignedFile.Multi.Generic (1)
    21:20:33.0734 2196 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
    21:20:33.0750 2196 MBAMProtector - ok
    21:20:33.0812 2196 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    21:20:33.0843 2196 MBAMService - ok
    21:20:33.0906 2196 Messenger (c56a45a03dca11712de9fdf98224230b) C:\WINDOWS\System32\msgsvc.dll
    21:20:34.0062 2196 Messenger - ok
    21:20:34.0093 2196 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    21:20:34.0234 2196 mnmdd - ok
    21:20:34.0281 2196 mnmsrvc (5b1d994dcf1895afa27600e46a2f0fea) C:\WINDOWS\system32\mnmsrvc.exe
    21:20:34.0421 2196 mnmsrvc - ok
    21:20:34.0453 2196 Modem (8114eeac353f549331ab73e9af4219ed) C:\WINDOWS\system32\drivers\Modem.sys
    21:20:34.0609 2196 Modem - ok
    21:20:34.0625 2196 Mouclass (1a4e2214dd63e4a876463d3427ee8261) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    21:20:34.0781 2196 Mouclass - ok
    21:20:34.0812 2196 mouhid (18017899254e01371e1a39754d6bf98c) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    21:20:34.0953 2196 mouhid - ok
    21:20:34.0984 2196 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    21:20:35.0125 2196 MountMgr - ok
    21:20:35.0140 2196 mraid35x - ok
    21:20:35.0156 2196 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    21:20:35.0312 2196 MRxDAV - ok
    21:20:35.0343 2196 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    21:20:35.0421 2196 MRxSmb - ok
    21:20:35.0453 2196 MSDTC (21ea21984d7d1ad50db2e627020ab14c) C:\WINDOWS\system32\msdtc.exe
    21:20:35.0609 2196 MSDTC - ok
    21:20:35.0640 2196 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    21:20:35.0796 2196 Msfs - ok
    21:20:35.0796 2196 MSIServer - ok
    21:20:35.0828 2196 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    21:20:35.0968 2196 MSKSSRV - ok
    21:20:36.0000 2196 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    21:20:36.0140 2196 MSPCLOCK - ok
    21:20:36.0140 2196 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    21:20:36.0296 2196 MSPQM - ok
    21:20:36.0312 2196 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    21:20:36.0468 2196 mssmbios - ok
    21:20:36.0484 2196 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    21:20:36.0625 2196 MSTEE - ok
    21:20:36.0656 2196 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    21:20:36.0703 2196 Mup - ok
    21:20:36.0750 2196 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    21:20:36.0906 2196 NABTSFEC - ok
    21:20:36.0953 2196 napagent (87e394c810794d3c70cf22e8316cb23e) C:\WINDOWS\System32\qagentrt.dll
    21:20:37.0093 2196 napagent - ok
    21:20:37.0187 2196 NBService (9576cc8e84f7ceda9189cdda1cfd4bc1) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    21:20:37.0250 2196 NBService ( UnsignedFile.Multi.Generic ) - warning
    21:20:37.0250 2196 NBService - detected UnsignedFile.Multi.Generic (1)
    21:20:37.0281 2196 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    21:20:37.0437 2196 NDIS - ok
    21:20:37.0468 2196 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    21:20:37.0640 2196 NdisIP - ok
    21:20:37.0671 2196 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
    distapi.sys
    21:20:37.0703 2196 NdisTapi - ok
    21:20:37.0718 2196 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
    disuio.sys
    21:20:37.0859 2196 Ndisuio - ok
    21:20:37.0875 2196 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
    diswan.sys
    21:20:38.0015 2196 NdisWan - ok
    21:20:38.0046 2196 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    21:20:38.0093 2196 NDProxy - ok
    21:20:38.0093 2196 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
    etbios.sys
    21:20:38.0250 2196 NetBIOS - ok
    21:20:38.0281 2196 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
    etbt.sys
    21:20:38.0421 2196 NetBT - ok
    21:20:38.0453 2196 NetDDE (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32
    etdde.exe
    21:20:38.0609 2196 NetDDE - ok
    21:20:38.0609 2196 NetDDEdsdm (dc6bae085e9b3c2f3a963ed46791feab) C:\WINDOWS\system32
    etdde.exe
    21:20:38.0765 2196 NetDDEdsdm - ok
    21:20:38.0781 2196 Netlogon (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
    21:20:38.0921 2196 Netlogon - ok
    21:20:38.0953 2196 Netman (5431fb616ecae0d587c5b97d0b86cbd8) C:\WINDOWS\System32
    etman.dll
    21:20:39.0125 2196 Netman - ok
    21:20:39.0187 2196 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    21:20:39.0203 2196 NetTcpPortSharing - ok
    21:20:39.0250 2196 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS
    ic1394.sys
    21:20:39.0406 2196 NIC1394 - ok
    21:20:39.0437 2196 Nla (4522cbe00a9e9eee36aa82ed4b319148) C:\WINDOWS\System32\mswsock.dll
    21:20:39.0468 2196 Nla - ok
    21:20:39.0531 2196 NMIndexingService (c4ebbbd7165be535f0bfd06b80601d91) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    21:20:39.0546 2196 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning
    21:20:39.0546 2196 NMIndexingService - detected UnsignedFile.Multi.Generic (1)
    21:20:39.0578 2196 npf (6623e51595c0076755c29c00846c4eb2) C:\WINDOWS\system32\drivers
    pf.sys
    21:20:39.0593 2196 npf - ok
    21:20:39.0625 2196 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    21:20:39.0781 2196 Npfs - ok
    21:20:39.0796 2196 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    21:20:39.0984 2196 Ntfs - ok
    21:20:40.0000 2196 NtLmSsp (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
    21:20:40.0140 2196 NtLmSsp - ok
    21:20:40.0187 2196 NtmsSvc (ac1a78237b53044735693633f8235468) C:\WINDOWS\system32
    tmssvc.dll
    21:20:40.0375 2196 NtmsSvc - ok
    21:20:40.0406 2196 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    21:20:40.0562 2196 Null - ok
    21:20:40.0609 2196 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
    wlnkflt.sys
    21:20:40.0734 2196 NwlnkFlt - ok
    21:20:40.0750 2196 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
    wlnkfwd.sys
    21:20:40.0906 2196 NwlnkFwd - ok
    21:20:40.0937 2196 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    21:20:41.0078 2196 ohci1394 - ok
    21:20:41.0093 2196 Parport (e3934ccc20a4d24f1924e13d36d2a5bd) C:\WINDOWS\system32\DRIVERS\parport.sys
    21:20:41.0265 2196 Parport - ok
    21:20:41.0281 2196 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    21:20:41.0421 2196 PartMgr - ok
    21:20:41.0453 2196 ParVdm (1eade28746a64c21e0a808bb12a63326) C:\WINDOWS\system32\drivers\ParVdm.sys
    21:20:41.0609 2196 ParVdm - ok
    21:20:41.0625 2196 PCI (3b166f9f753c21aedaa9a6bd76b49655) C:\WINDOWS\system32\DRIVERS\pci.sys
    21:20:41.0765 2196 PCI - ok
    21:20:41.0765 2196 PCIDump - ok
    21:20:41.0781 2196 PCIIde (b31edeba4da28283f6b8dc4756fb9585) C:\WINDOWS\system32\DRIVERS\pciide.sys
    21:20:41.0937 2196 PCIIde - ok
    21:20:41.0953 2196 Pcmcia (2137ffd65f8e609a3a5acd487c56cce0) C:\WINDOWS\system32\drivers\Pcmcia.sys
    21:20:42.0093 2196 Pcmcia - ok
    21:20:42.0109 2196 PDCOMP - ok
    21:20:42.0109 2196 PDFRAME - ok
    21:20:42.0125 2196 PDRELI - ok
    21:20:42.0125 2196 PDRFRAME - ok
    21:20:42.0140 2196 perc2 - ok
    21:20:42.0140 2196 perc2hib - ok
    21:20:42.0171 2196 PlugPlay (657b69389b893f440b07590c9e963f23) C:\WINDOWS\system32\services.exe
    21:20:42.0203 2196 PlugPlay - ok
    21:20:42.0218 2196 PolicyAgent (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
    21:20:42.0375 2196 PolicyAgent - ok
    21:20:42.0390 2196 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    21:20:42.0546 2196 PptpMiniport - ok
    21:20:42.0562 2196 Processor (82a17eca34d801590a67c0a2244965ed) C:\WINDOWS\system32\DRIVERS\processr.sys
    21:20:42.0703 2196 Processor - ok
    21:20:42.0703 2196 ProtectedStorage (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
    21:20:42.0843 2196 ProtectedStorage - ok
    21:20:42.0859 2196 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    21:20:43.0031 2196 PSched - ok
    21:20:43.0062 2196 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    21:20:43.0218 2196 Ptilink - ok
    21:20:43.0250 2196 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    21:20:43.0250 2196 PxHelp20 - ok
    21:20:43.0265 2196 ql1080 - ok
    21:20:43.0265 2196 Ql10wnt - ok
    21:20:43.0281 2196 ql12160 - ok
    21:20:43.0281 2196 ql1240 - ok
    21:20:43.0296 2196 ql1280 - ok
    21:20:43.0296 2196 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    21:20:43.0453 2196 RasAcd - ok
    21:20:43.0484 2196 RasAuto (0575d034b1292ca3a9bb9f67a8ee289c) C:\WINDOWS\System32\rasauto.dll
    21:20:43.0640 2196 RasAuto - ok
    21:20:43.0671 2196 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    21:20:43.0828 2196 Rasl2tp - ok
    21:20:43.0859 2196 RasMan (9e7e2df6971a5f00102be3f901cc3bdc) C:\WINDOWS\System32\rasmans.dll
    21:20:44.0015 2196 RasMan - ok
    21:20:44.0031 2196 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    21:20:44.0187 2196 RasPppoe - ok
    21:20:44.0218 2196 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    21:20:44.0359 2196 Raspti - ok
    21:20:44.0375 2196 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    21:20:44.0531 2196 Rdbss - ok
    21:20:44.0546 2196 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    21:20:44.0671 2196 RDPCDD - ok
    21:20:44.0703 2196 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
    21:20:44.0765 2196 RDPWD - ok
    21:20:44.0796 2196 RDSessMgr (ea9fdf71d696b532bdc44c8bff03a737) C:\WINDOWS\system32\sessmgr.exe
    21:20:44.0968 2196 RDSessMgr - ok
    21:20:44.0984 2196 redbook (4173bc66e485fd77a03c4819f60bd0da) C:\WINDOWS\system32\DRIVERS\redbook.sys
    21:20:45.0125 2196 redbook - ok
    21:20:45.0156 2196 RemoteAccess (4007abf5d9bf0e55451d775443d1f985) C:\WINDOWS\System32\mprdim.dll
    21:20:45.0312 2196 RemoteAccess - ok
    21:20:45.0328 2196 RpcLocator (be078f8f7ec2491efdd79a53353a060f) C:\WINDOWS\system32\locator.exe
    21:20:45.0468 2196 RpcLocator - ok
    21:20:45.0515 2196 RpcSs (d9883335cc1c17afc3a09c8ac3e4dbe4) C:\WINDOWS\system32\rpcss.dll
    21:20:45.0531 2196 RpcSs - ok
    21:20:45.0578 2196 RSVP (ad1b5f1b99fff08c99f443d784711a81) C:\WINDOWS\system32\rsvp.exe
    21:20:45.0718 2196 RSVP - ok
    21:20:45.0750 2196 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    21:20:45.0906 2196 rtl8139 - ok
    21:20:45.0921 2196 SamSs (8754210a3399d19610ce2d71e0c3e5d9) C:\WINDOWS\system32\lsass.exe
    21:20:46.0062 2196 SamSs - ok
    21:20:46.0093 2196 SCardSvr (1b4cd62174e907c7ef8ec5d4d0a2a616) C:\WINDOWS\System32\SCardSvr.exe
    21:20:46.0234 2196 SCardSvr - ok
    21:20:46.0265 2196 SCDEmu (c23dbd9bfba8b1170706e0896b3cf7da) C:\WINDOWS\system32\drivers\SCDEmu.sys
    21:20:46.0281 2196 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
    21:20:46.0281 2196 SCDEmu - detected UnsignedFile.Multi.Generic (1)
    21:20:46.0312 2196 Schedule (7c288ae0f75cb18cff1df6179a67ad8f) C:\WINDOWS\system32\schedsvc.dll
    21:20:46.0484 2196 Schedule - ok
    21:20:46.0531 2196 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    21:20:46.0546 2196 SeaPort - ok
    21:20:46.0578 2196 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    21:20:46.0656 2196 Secdrv - ok
    21:20:46.0703 2196 seclogon (6983665bea867125b1da5757cd8b2f9d) C:\WINDOWS\System32\seclogon.dll
    21:20:46.0843 2196 seclogon - ok
    21:20:46.0875 2196 SENS (f6ec8f1e50e40237bddee1cb7fe20b42) C:\WINDOWS\system32\sens.dll
    21:20:47.0031 2196 SENS - ok
    21:20:47.0062 2196 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
    21:20:47.0203 2196 serenum - ok
    21:20:47.0234 2196 Serial (92c21762653bb2ce51147eb8a9aa654f) C:\WINDOWS\system32\DRIVERS\serial.sys
    21:20:47.0375 2196 Serial - ok
    21:20:47.0390 2196 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    21:20:47.0531 2196 Sfloppy - ok
    21:20:47.0578 2196 SharedAccess (7579c4be909d47f10f3d8d801cb13ed9) C:\WINDOWS\System32\ipnathlp.dll
    21:20:47.0750 2196 SharedAccess - ok
    21:20:47.0781 2196 ShellHWDetection (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
    21:20:47.0812 2196 ShellHWDetection - ok
    21:20:47.0828 2196 Simbad - ok
    21:20:47.0843 2196 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    21:20:48.0000 2196 SLIP - ok
    21:20:48.0031 2196 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
    21:20:48.0171 2196 SONYPVU1 - ok
    21:20:48.0171 2196 Sparrow - ok
    21:20:48.0203 2196 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    21:20:48.0328 2196 splitter - ok
    21:20:48.0359 2196 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    21:20:48.0390 2196 Spooler - ok
    21:20:48.0437 2196 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
    21:20:48.0453 2196 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
    21:20:48.0453 2196 sptd ( LockedFile.Multi.Generic ) - warning
    21:20:48.0453 2196 sptd - detected LockedFile.Multi.Generic (1)
    21:20:48.0468 2196 sr (64d2a7640e0767ecd3bcb38d3200e7ce) C:\WINDOWS\system32\DRIVERS\sr.sys
    21:20:48.0531 2196 sr - ok
    21:20:48.0562 2196 srservice (81cbf363c414620caa61bd6843d8fdb9) C:\WINDOWS\system32\srsvc.dll
    21:20:48.0656 2196 srservice - ok
    21:20:48.0703 2196 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    21:20:48.0750 2196 Srv - ok
    21:20:48.0781 2196 SSDPSRV (5b9d0de64be96a806819516440fd211c) C:\WINDOWS\System32\ssdpsrv.dll
    21:20:48.0859 2196 SSDPSRV - ok
    21:20:48.0921 2196 StillCam (bf8aa066bb0398ddcbc9573153d39b8c) C:\WINDOWS\system32\DRIVERS\serscan.sys
    21:20:49.0062 2196 StillCam - ok
    21:20:49.0093 2196 stisvc (5ae996186d2dc694fef88f14a3fc9242) C:\WINDOWS\system32\wiaservc.dll
    21:20:49.0250 2196 stisvc - ok
    21:20:49.0281 2196 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    21:20:49.0453 2196 streamip - ok
    21:20:49.0468 2196 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    21:20:49.0625 2196 swenum - ok
    21:20:49.0640 2196 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    21:20:49.0796 2196 swmidi - ok
    21:20:49.0796 2196 SwPrv - ok
    21:20:49.0812 2196 symc810 - ok
    21:20:49.0812 2196 symc8xx - ok
    21:20:49.0828 2196 sym_hi - ok
    21:20:49.0828 2196 sym_u3 - ok
    21:20:49.0843 2196 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    21:20:49.0968 2196 sysaudio - ok
    21:20:50.0015 2196 SysmonLog (251eae7c56c6ab9490311a3c9757e18d) C:\WINDOWS\system32\smlogsvc.exe
    21:20:50.0156 2196 SysmonLog - ok
    21:20:50.0187 2196 TapiSrv (2bc9fb448f0c2394ff53c83a7bb04731) C:\WINDOWS\System32\tapisrv.dll
    21:20:50.0343 2196 TapiSrv - ok
    21:20:50.0375 2196 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    21:20:50.0421 2196 Tcpip - ok
    21:20:50.0437 2196 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    21:20:50.0578 2196 TDPIPE - ok
    21:20:50.0593 2196 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    21:20:50.0750 2196 TDTCP - ok
    21:20:50.0765 2196 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    21:20:50.0921 2196 TermDD - ok
    21:20:50.0953 2196 TermService (e0aef86a594c9990d6321c5ca239c5b7) C:\WINDOWS\System32\termsrv.dll
    21:20:51.0109 2196 TermService - ok
    21:20:51.0140 2196 tffsport (d9d5e4ca72270e9f3eca97da0983ab87) C:\WINDOWS\system32\DRIVERS\tffsport.sys
    21:20:51.0281 2196 tffsport - ok
    21:20:51.0328 2196 Themes (2d5d4156292150fe571872c1b88e9299) C:\WINDOWS\System32\shsvcs.dll
    21:20:51.0343 2196 Themes - ok
    21:20:51.0406 2196 TomTomHOMEService (efef22b9577e5051057fde1ae381b50c) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    21:20:51.0406 2196 TomTomHOMEService - ok
    21:20:51.0421 2196 TosIde - ok
    21:20:51.0453 2196 TrkWks (20655e8ca1c78bc7088b18e93806d21b) C:\WINDOWS\system32\trkwks.dll
    21:20:51.0593 2196 TrkWks - ok
    21:20:51.0625 2196 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    21:20:51.0781 2196 Udfs - ok
    21:20:51.0781 2196 ultra - ok
    21:20:51.0812 2196 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    21:20:52.0000 2196 Update - ok
    21:20:52.0015 2196 upnphost (01653d6c9604f1fb31a76ec94e08954f) C:\WINDOWS\System32\upnphost.dll
    21:20:52.0109 2196 upnphost - ok
    21:20:52.0140 2196 UPS (a89796dd0de24cf03b3a39407e1f46a3) C:\WINDOWS\System32\ups.exe
    21:20:52.0265 2196 UPS - ok
    21:20:52.0296 2196 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    21:20:52.0453 2196 usbccgp - ok
    21:20:52.0484 2196 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    21:20:52.0625 2196 usbehci - ok
    21:20:52.0656 2196 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    21:20:52.0796 2196 usbhub - ok
    21:20:52.0812 2196 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    21:20:52.0937 2196 usbohci - ok
    21:20:52.0968 2196 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    21:20:53.0125 2196 usbprint - ok
    21:20:53.0140 2196 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    21:20:53.0281 2196 usbscan - ok
    21:20:53.0296 2196 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    21:20:53.0437 2196 USBSTOR - ok
    21:20:53.0468 2196 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    21:20:53.0609 2196 VgaSave - ok
    21:20:53.0609 2196 ViaIde - ok
    21:20:53.0625 2196 VolSnap (8ab662b3c4691e6ddf61c96bb5b7d103) C:\WINDOWS\system32\drivers\VolSnap.sys
    21:20:53.0796 2196 VolSnap - ok
    21:20:53.0828 2196 VSS (a585edd6965b301de8a45c6768c7c215) C:\WINDOWS\System32\vssvc.exe
    21:20:53.0921 2196 VSS - ok
    21:20:53.0953 2196 W32Time (390d8e65f362327ad510b08971478301) C:\WINDOWS\system32\w32time.dll
    21:20:54.0109 2196 W32Time - ok
    21:20:54.0125 2196 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    21:20:54.0265 2196 Wanarp - ok
    21:20:54.0265 2196 WDICA - ok
    21:20:54.0281 2196 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    21:20:54.0437 2196 wdmaud - ok
    21:20:54.0468 2196 WebClient (33d8e2812054d97a0aec9b8f04277927) C:\WINDOWS\System32\webclnt.dll
    21:20:54.0640 2196 WebClient - ok
    21:20:54.0671 2196 winmgmt (f9e105f369c18e4001e0c05aaf600d73) C:\WINDOWS\system32\wbem\WMIsvc.dll
    21:20:54.0828 2196 winmgmt - ok
    21:20:54.0921 2196 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    21:20:54.0984 2196 wlidsvc - ok
    21:20:55.0031 2196 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    21:20:55.0109 2196 WmdmPmSN - ok
    21:20:55.0156 2196 WmiApSrv (87f11d161207c7063edabac0aadc33c3) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    21:20:55.0312 2196 WmiApSrv - ok
    21:20:55.0359 2196 WMPNetworkSvc (79a01acd485687ee602411a06b63a9a5) C:\Program Files\Windows Media Player\WMPNetwk.exe
    21:20:55.0453 2196 WMPNetworkSvc - ok
    21:20:55.0484 2196 wscsvc (843f7fa8ea38e6a4262976dcc994c81a) C:\WINDOWS\system32\wscsvc.dll
    21:20:55.0625 2196 wscsvc - ok
    21:20:55.0671 2196 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    21:20:55.0812 2196 WSTCODEC - ok
    21:20:55.0843 2196 wuauserv (1e8fdddef3fe260badab06dae10d753a) C:\WINDOWS\system32\wuauserv.dll
    21:20:55.0984 2196 wuauserv - ok
    21:20:56.0015 2196 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    21:20:56.0062 2196 WudfPf - ok
    21:20:56.0078 2196 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    21:20:56.0093 2196 WudfRd - ok
    21:20:56.0125 2196 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    21:20:56.0156 2196 WudfSvc - ok
    21:20:56.0187 2196 WZCSVC (e99782dbb8ffa2aee72b31dac8d8d887) C:\WINDOWS\System32\wzcsvc.dll
    21:20:56.0343 2196 WZCSVC - ok
    21:20:56.0359 2196 xcpip - ok
    21:20:56.0375 2196 xmlprov (fd3c38635808920f8235bf2fed642f54) C:\WINDOWS\System32\xmlprov.dll
    21:20:56.0562 2196 xmlprov - ok
    21:20:56.0562 2196 xpsec - ok
    21:20:56.0578 2196 x_p5yqc7x.sys - ok
    21:20:56.0609 2196 zebrceb (6e49cf9c48c551264c4af6de19447515) C:\WINDOWS\system32\DRIVERS\zebrceb.sys
    21:20:56.0609 2196 zebrceb - ok
    21:20:56.0656 2196 MBR (0x1B8) (3051207086651214e435112e51817dc5) \Device\Harddisk0\DR0
    21:20:56.0890 2196 \Device\Harddisk0\DR0 - ok
    21:20:56.0890 2196 Boot (0x1200) (929ffe5d4f8563a2ce2f1670c8930a2c) \Device\Harddisk0\DR0\Partition0
    21:20:56.0890 2196 \Device\Harddisk0\DR0\Partition0 - ok
    21:20:56.0890 2196 Boot (0x1200) (1e42768e98fe404018e0e91beca1f3d3) \Device\Harddisk0\DR0\Partition1
    21:20:56.0890 2196 \Device\Harddisk0\DR0\Partition1 - ok
    21:20:56.0890 2196 ============================================================
    21:20:56.0890 2196 Scan finished
    21:20:56.0890 2196 ============================================================
    21:20:57.0765 2732 Deinitialize success

    ==============================================
    System Restore Point Check:

    TDSSKiller Starter Restore Point Created Succesfully
    ==============================================

    Older logs
    ==============================================
    C:\TDSSStarter\Report_02-04-2012_2035_.log
    ==============================================
    EOF
  • Hallo, dat er in jouw geval tijd er tussen zit, dat begrijp ik wel.

    Onderstaande kan je desnoods ook per email met jouw ouders regelen:

    klik daarvoor Computer open en vraag vervolgens de [b:fa1a4db299]Eigenschappen[/b:fa1a4db299] van –> "C" op.
    Klik nu op de tab [b:fa1a4db299]Extra[/b:fa1a4db299]

    Klik vervolgens op de knop [b:fa1a4db299]Nu controleren[/b:fa1a4db299] in het gedeelte waar staat "Hiermee kunt u het station op fouten controleren".

    In het nieuwe venstertje zorg je ervoor dat beide opties aangevinkt zijn.
    Vervolgens krijg je de melding dat Windows voor die actie moet herstarten.

    Doe dat dan ook.

    Hierdoor wordt de systeemschijf niet alleen op clusterfouten gecontroleerd, maar ook op fouten in het bestandssysteem die dan gerepareerd worden.

    Afhankelijk van de omvanggrootte van Windows en de grootte van de schijven, kan deze scan enige tijd in beslag nemen!
  • Hallo Abraham,

    dit weekend heb ik de scan gestart. De computer gaat scannen en na verloop van tijd start hij opnieuw op, en gaat weer scannen.
    Ik heb dit zo uren z'n gang laten gaan, maar in de avond hebben mijn ouders de computer uitgezet (ze gingen weg). De volgende dag opnieuw aangezet en weer hetzelfde: scannen en opstarten, etc.

    Is er iets om deze loop te doorbreken?
    Groeten, Rebecca
  • Mogelijk is dan de harddisk al aan het afsterven.

    Start Windows op en doe het volgende:

    [b:c62cda55a1]Welk programma[/b:c62cda55a1]: CrystalDiskInfo
    [b:c62cda55a1]Waarvoor/waarom[/b:c62cda55a1]: controle van van SMART-gegevens van de harddisk(s)
    [b:c62cda55a1]Moeilijkheidsgraad[/b:c62cda55a1]: geen.
    [b:c62cda55a1]Download CrystalDiskInfo[/b:c62cda55a1] [b:c62cda55a1]hier[/b:c62cda55a1]


    [img:c62cda55a1]http://www.imgdumper.nl/uploads4/4df870efec9f5/4df870efeba86-CrystalDiskInfo.png[/img:c62cda55a1]


    Installeer het tool en start vervolgens CrystalDiskInfo

    Het tool leest daarop de SMART-gegevens van de aangesloten harddisks.
    Is de kleur Blauw - dan volledig gezond.
    Is de kleur Geel - dan zijn er problemen.
    Is de kleur Rood - dan de HD z.s.m. vervangen.

    Bij SSD's wordt ook de gezondheidstoestand van de SSD's vermeld (Health)
  • Hallo Abraham,

    ik denk dat je gelijk hebt wat betreft het afsterven van de harde schijf, de computer redt het nu zelfs niet meer tot windows.
    Het afbreken van de opstartscan leidt er onvermijdelijk toe dat de computer weer opnieuw opstart.

    Gisteren heeft mijn broer ook nog een checkdisk via de herstelschijf geprobeerd, maar zonder het beoogde resultaat.

    Mijn ouders hebben ondertussen een nieuwe schijf besteld, en gelukkig hebben ze trouw ook backups van bestanden en foto's gemaakt.

    Ik ga kijken of het ons lukt om de schijf nog eenmaal aan de beademing te krijgen om nog wat internetbookmarks en de gegevens van e-mailcontacten uit Outlook te halen.

    In ieder geval bedankt voor je hulp de afgelopen weken :)
    Rebecca

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.