Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Bestanden weg door virus

Anoniem
None
29 antwoorden
  • Helaas zijn door een vervelend virus/trojan al mijn bestanden 'weg' - dwz niet meer zichtbaar. Volgens mij staan ze nog op mijn computer maar zijn ze verborgen. Het virus heb ik nu weten te verwijderen via AVG en Adaware, maar mijn bestanden zijn nog steeds zoek (net als alle programma's, internet favorieten, bureaublad pictogrammen).
    Ik ben nu met Hijackthis bezig, maar de logfile wil die niet opslaan (Windows vista, ik heb administrator rechten). Malwarebytes is nu aan het scannen, maar heeft nog niets gevonden (hier kan ik dus zien dat mijn bestanden er nog wel zijn) :x .
    Het virus gaf allemaal valse Windows waarschuwingen, o.a. dat de harde schijf was gecrashed. Natuurlijk met de fijne melding dat je een speciaal programma kon kopen om de boel weer op de rit te krijgen.
    Anyway - dat is nu opgelost maar hoe krijg ik mijn bestanden en programma's weer zichtbaar?
  • UIteindelijk toch gelukt om Hijack logfile te krijgen:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:16:02, on 23-5-2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\AVG\AVG10\avgtray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\Common Files\Java\Java Update\jucheck.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
    uncleanupscript
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com
    esources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 15447 bytes

    En van MBAM (1ste scan):
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6647

    Windows 6.0.6002 Service Pack 2 (Safe Mode)
    Internet Explorer 9.0.8112.16421

    23-5-2011 9:26:33
    mbam-log-2011-05-23 (09-26-33).txt

    Scantype: Volledige scan (C:\|D:\|)
    Objecten gescand: 395772
    Verstreken tijd: 57 minuut/minuten, 7 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 2
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)


    En na een 2de snelle scan (computer was al weer een keer vastgelopen vlak na de 1ste scan):

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6647

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 9.0.8112.16421

    23-5-2011 10:36:50
    mbam-log-2011-05-23 (10-36-50).txt

    Scantype: Snelle scan
    Objecten gescand: 170341
    Verstreken tijd: 10 minuut/minuten, 2 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)


    Door bij de mapopties 'alle bestanden weergeven' aan te vinken, kan ik nu wel weer mijn bestanden zien - maar alleen de bestanden die ik na het verwijderen van het virus heb gemaakt / gedownload zijn actief.
    Voor de rest kom ik hier niet echt verder mee :(




  • Hoi Lottie, ik wil dat jij onderstaande gaat doen:

    [b:e7626d5dcb]Welk programma[/b:e7626d5dcb]: ComboFix
    [b:e7626d5dcb]Waarvoor/waarom[/b:e7626d5dcb]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:e7626d5dcb]Moeilijkheidsgraad[/b:e7626d5dcb]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:e7626d5dcb]Downloadlokatie[/b:e7626d5dcb]: Dit programma absoluut naar het bureaublad downloaden!
    [b:e7626d5dcb]Download ComboFix via één van deze locaties[/b:e7626d5dcb]:
    [list:e7626d5dcb][*:e7626d5dcb][b:e7626d5dcb]Bleepingcomputer[/b:e7626d5dcb]
    [*:e7626d5dcb][b:e7626d5dcb]ForoSpyware[/b:e7626d5dcb]
    [*:e7626d5dcb][b:e7626d5dcb]Geekstogo[/b:e7626d5dcb][/list:u:e7626d5dcb]
    [b:e7626d5dcb]Hier[/b:e7626d5dcb] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:e7626d5dcb]Hier[/b:e7626d5dcb] en [b:e7626d5dcb]hier[/b:e7626d5dcb] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:e7626d5dcb]Voor alle duidelijkheid nogmaals[/b:e7626d5dcb]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:e7626d5dcb]Opmerkingen[/b:e7626d5dcb]:
    [list:e7626d5dcb][*:e7626d5dcb] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:e7626d5dcb]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:e7626d5dcb]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:e7626d5dcb]
    [b:e7626d5dcb]ComboFix is opgestart[/b:e7626d5dcb]:
    [list:e7626d5dcb][*:e7626d5dcb]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:e7626d5dcb]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:e7626d5dcb]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:e7626d5dcb]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:e7626d5dcb]Post de inhoud van dit logbestand in je volgende bericht.
    [*:e7626d5dcb]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e7626d5dcb]
    [b:e7626d5dcb]Belangrijke opmerking[/b:e7626d5dcb]:
    [list:e7626d5dcb][*:e7626d5dcb][b:e7626d5dcb]
  • Dit is de logfile van combofix:

    ComboFix 11-05-23.02 - Lottie 24-05-2011 11:47:55.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1783 [GMT 2:00]
    Gestart vanuit: c:\users\Lottie\Desktop\ComboFix.exe
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\users\Lottie\AppData\Roaming\.#
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-04-24 to 2011-05-24 ))))))))))))))))))))))))))))))
    .
    .
    2011-05-24 09:54 . 2011-05-24 09:54 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\users\Lottie\AppData\Roaming\Malwarebytes
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\programdata\Malwarebytes
    2011-05-23 04:11 . 2010-12-20 16:09 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2011-05-23 04:11 . 2010-12-20 16:08 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-23 04:01 . 2011-05-23 04:01 388096 —-a-r- c:\users\Lottie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-05-23 04:01 . 2011-05-23 04:01 ——– d—–w- c:\program files\Trend Micro
    2011-05-22 21:52 . 2011-05-22 17:37 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-05-22 17:37 . 2011-05-22 17:37 98392 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-05-22 17:30 . 2011-04-29 10:12 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-05-22 17:29 . 2011-05-22 17:29 ——– d—–w- c:\program files\Lavasoft
    2011-05-22 17:29 . 2011-05-22 17:30 ——– d–h–w- c:\programdata\Lavasoft
    2011-05-22 16:59 . 2011-05-22 16:59 ——– d—–w- c:\windows\BDOSCAN8
    2011-05-22 11:55 . 2011-05-24 09:47 1527796 —-a-w- c:\windows\system32\PerfStringBackup.TMP
    2011-05-22 11:08 . 2011-05-22 11:08 ——– d–h–w- c:\programdata\WindowsSearch
    2011-05-15 11:36 . 2011-05-15 11:36 ——– d–h–w- c:\program files\iPod
    2011-05-14 08:54 . 2011-05-14 10:39 ——– d–h–w- c:\programdata\MFAData
    2011-05-10 20:55 . 2011-04-07 12:01 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-04-28 20:02 . 2011-03-03 15:40 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
    2011-04-28 20:02 . 2011-03-03 13:35 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2011-04-28 20:01 . 2011-03-12 21:55 876032 —-a-w- c:\windows\system32\XpsPrint.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-04-10 17:58 . 2011-04-10 17:58 0 —ha-w- c:\windows\system32\ConduitEngine.tmp
    2011-04-06 14:20 . 2011-04-06 14:20 91424 —ha-w- c:\windows\system32\dnssd.dll
    2011-04-06 14:20 . 2011-04-06 14:20 107808 —ha-w- c:\windows\system32\dns-sd.exe
    2011-03-10 17:03 . 2011-04-15 20:27 1162240 —-a-w- c:\windows\system32\mfc42u.dll
    2011-03-10 17:03 . 2011-04-15 20:26 1136640 —-a-w- c:\windows\system32\mfc42.dll
    2011-03-03 15:42 . 2011-04-15 20:26 739328 —-a-w- c:\windows\system32\inetcomm.dll
    2011-03-03 15:40 . 2011-04-28 20:02 173056 —-a-w- c:\windows\apppatch\AcXtrnal.dll
    2011-03-03 15:40 . 2011-04-28 20:02 542720 —-a-w- c:\windows\apppatch\AcLayers.dll
    2011-03-03 15:40 . 2011-04-28 20:02 458752 —-a-w- c:\windows\apppatch\AcSpecfc.dll
    2011-03-03 15:40 . 2011-04-28 20:02 2159616 —-a-w- c:\windows\apppatch\AcGenral.dll
    2011-03-03 13:25 . 2011-04-15 20:26 2041856 —-a-w- c:\windows\system32\win32k.sys
    2011-03-02 15:44 . 2011-04-15 20:26 86528 —-a-w- c:\windows\system32\dnsrslvr.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
    2011-01-17 14:54 175912 —ha-w- c:\program files\ConduitEngine\prxConduitEngin0.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    2011-01-17 14:54 175912 —ha-w- c:\program files\Vuze_Remote\prxtbVuz0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngin0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
    "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
    "TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
    "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
    "UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
    "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
    "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
    "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
    "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
    "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
    "Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
    "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-10-26 450659]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-05-16 2151128]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-29 15232]
    R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 93344]
    R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 32800]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-29 64512]
    S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/17 03:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 16:04 87536]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe [2008-06-27 77824]
    S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]
    S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]
    S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]
    S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
    S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360]
    S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    HPService REG_MULTI_SZ HPSLPSVC
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-06-09 08:14 451872 —ha-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.nu.nl/
    mStart Page = hxxp://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    uInternet Settings,ProxyOverride = *.local
    IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Selectie converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    Trusted Zone: r-w.nl\ex
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-24 11:55
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
    "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2011-05-24 12:02:45
    ComboFix-quarantined-files.txt 2011-05-24 10:02
    .
    Pre-Run: 407.927.050.240 bytes beschikbaar
    Post-Run: 406.951.989.248 bytes beschikbaar
    .
    - - End Of File - - CBD141974AF3A2696673208C742CBAAE

    Mijn programma's, documenten en favorieten zijn trouwens weer allemaal normaal zichtbaar!
  • Hallo Lotte, ik had al het vermoeden dat ComboFix je documenten enz. terug zou geven!

    Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:412ee41cf6]Kladblok[/b:412ee41cf6]".


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:412ee41cf6]
  • Zie onderstaand het logfile van de 2de scan met combofix:
    ComboFix 11-05-23.02 - Lottie 24-05-2011 15:45:55.2.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1871 [GMT 2:00]
    Gestart vanuit: c:\users\Lottie\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Lottie\Desktop\CFScript.txt
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    FILE ::
    "c:\windows\system32\conduitengine.tmp"
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files\ConduitEngine
    c:\program files\ConduitEngine\appContextMenu.xml
    c:\program files\ConduitEngine\ConduitEngin0.dll
    c:\program files\ConduitEngine\ConduitEngine.dll
    c:\program files\ConduitEngine\ConduitEngineHelper.exe
    c:\program files\ConduitEngine\ConduitEngineUninstall.exe
    c:\program files\ConduitEngine\engineContextMenu.xml
    c:\program files\ConduitEngine\EngineSettings.json
    c:\program files\ConduitEngine\INSTALL.LOG
    c:\program files\ConduitEngine\prxConduitEngin0.dll
    c:\program files\ConduitEngine\prxConduitEngine.dll
    c:\program files\ConduitEngine\toolbar.cfg
    c:\windows\system32\conduitengine.tmp
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-04-24 to 2011-05-24 ))))))))))))))))))))))))))))))
    .
    .
    2011-05-24 13:51 . 2011-05-24 13:51 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-05-24 09:30 . 2011-05-24 09:30 ——– d—–w- c:\users\Lottie\AppData\Roaming\AVG
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\users\Lottie\AppData\Roaming\Malwarebytes
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\programdata\Malwarebytes
    2011-05-23 04:11 . 2010-12-20 16:09 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2011-05-23 04:11 . 2010-12-20 16:08 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-23 04:01 . 2011-05-23 04:01 388096 —-a-r- c:\users\Lottie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2011-05-23 04:01 . 2011-05-23 04:01 ——– d—–w- c:\program files\Trend Micro
    2011-05-22 21:52 . 2011-05-22 17:37 16432 —-a-w- c:\windows\system32\lsdelete.exe
    2011-05-22 17:37 . 2011-05-22 17:37 98392 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
    2011-05-22 17:30 . 2011-04-29 10:12 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
    2011-05-22 17:29 . 2011-05-22 17:29 ——– d—–w- c:\program files\Lavasoft
    2011-05-22 17:29 . 2011-05-22 17:30 ——– d—–w- c:\programdata\Lavasoft
    2011-05-22 16:59 . 2011-05-22 16:59 ——– d—–w- c:\windows\BDOSCAN8
    2011-05-22 11:08 . 2011-05-22 11:08 ——– d—–w- c:\programdata\WindowsSearch
    2011-05-15 11:36 . 2011-05-15 11:36 ——– d—–w- c:\program files\iPod
    2011-05-14 08:54 . 2011-05-24 10:46 ——– d—–w- c:\programdata\MFAData
    2011-05-10 20:55 . 2011-04-07 12:01 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-04-28 20:02 . 2011-03-03 15:40 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
    2011-04-28 20:02 . 2011-03-03 13:35 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
    2011-04-28 20:01 . 2011-03-12 21:55 876032 —-a-w- c:\windows\system32\XpsPrint.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-04-06 14:20 . 2011-04-06 14:20 91424 —-a-w- c:\windows\system32\dnssd.dll
    2011-04-06 14:20 . 2011-04-06 14:20 107808 —-a-w- c:\windows\system32\dns-sd.exe
    2011-03-10 17:03 . 2011-04-15 20:27 1162240 —-a-w- c:\windows\system32\mfc42u.dll
    2011-03-10 17:03 . 2011-04-15 20:26 1136640 —-a-w- c:\windows\system32\mfc42.dll
    2011-03-03 15:42 . 2011-04-15 20:26 739328 —-a-w- c:\windows\system32\inetcomm.dll
    2011-03-03 15:40 . 2011-04-28 20:02 173056 —-a-w- c:\windows\apppatch\AcXtrnal.dll
    2011-03-03 15:40 . 2011-04-28 20:02 542720 —-a-w- c:\windows\apppatch\AcLayers.dll
    2011-03-03 15:40 . 2011-04-28 20:02 458752 —-a-w- c:\windows\apppatch\AcSpecfc.dll
    2011-03-03 15:40 . 2011-04-28 20:02 2159616 —-a-w- c:\windows\apppatch\AcGenral.dll
    2011-03-03 13:25 . 2011-04-15 20:26 2041856 —-a-w- c:\windows\system32\win32k.sys
    2011-03-02 15:44 . 2011-04-15 20:26 86528 —-a-w- c:\windows\system32\dnsrslvr.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    2011-01-17 14:54 175912 —-a-w- c:\program files\Vuze_Remote\prxtbVuz0.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
    "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
    .
    [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
    "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
    "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
    "TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
    "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
    "UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
    "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
    "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
    "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
    "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
    "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
    "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
    "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
    "Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
    "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-10-26 450659]
    "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-05-16 2151128]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-29 15232]
    R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 93344]
    R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 32800]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-29 64512]
    S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/17 03:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 16:04 87536]
    S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe [2008-06-27 77824]
    S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
    S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]
    S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]
    S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]
    S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
    S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360]
    S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bthsvcs REG_MULTI_SZ BthServ
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    HPService REG_MULTI_SZ HPSLPSVC
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    ezSharedSvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2008-06-09 08:14 451872 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.nu.nl/
    mStart Page = hxxp://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    uInternet Settings,ProxyOverride = *.local
    IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
    IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    IE: Selectie converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    Trusted Zone: r-w.nl\ex
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\prxConduitEngin0.dll
    Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\prxConduitEngin0.dll
    AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-05-24 15:52
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scannen van verborgen processen …
    .
    scannen van verborgen autostart items …
    .
    scannen van verborgen bestanden …
    .
    Scan succesvol afgerond
    verborgen bestanden: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
    "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    Voltooingstijd: 2011-05-24 15:53:47
    ComboFix-quarantined-files.txt 2011-05-24 13:53
    ComboFix2.txt 2011-05-24 10:02
    .
    Pre-Run: 399.883.161.600 bytes beschikbaar
    Post-Run: 399.917.989.888 bytes beschikbaar
    .
    - - End Of File - - D2902B0A1250FCFA2F75950A018A7F6C


    Het viel me net op dat de programma's nu wel weer zichtbaar zijn, maar dat bij de onderliggende menu's leeg zijn. Via Windows verkenner kan ik ze wel terugvinden en starten.
  • Hoi Lotte, nu graag eerst een update hoe jouw Windows heeft gereageerd op beide scans!
  • Hoi Abraham,

    Na de 2de scan geen reactie van Windows kunnen merken. Na de 1ste scan werden alle 'inactieve' icoontjes weer actief en waren bij het menu start de programma's weer zichtbaar. Als je alleen verder gaat kijken, dan zijn de mappen onder de programma headings leeg (behalve bij de bureau-accessoires en de programma's die na het verwijderen van het virus zijn verwijderd).
    de programma's zijn wel te vinden via Windows verkenner en volgens mij werken ze ook. Alleen Itunes reageert tot nu toe niet, Microsoft Office, Adobe reader en nog een aantal programma's wel.
  • Hoi Lotte, dan wil ik dat je nu eerst het volgende doet:

    [b:68a5a978a4]Welk programma[/b:68a5a978a4]: Malwarebytes MBAM
    [b:68a5a978a4]Waarvoor/waarom[/b:68a5a978a4]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
    [b:68a5a978a4]Moeilijkheidsgraad[/b:68a5a978a4]: geen.

    [b:68a5a978a4]Download Malwarebytes MBAM via één van deze locaties[/b:68a5a978a4]:
    [list:68a5a978a4] [*:68a5a978a4][b:68a5a978a4]Download.com[/b:68a5a978a4]
    [*:68a5a978a4][b:68a5a978a4]Softpedia.com[/b:68a5a978a4][*:68a5a978a4][b:68a5a978a4]Majorgeeks.com[/b:68a5a978a4][/list:u:68a5a978a4]
    [b:68a5a978a4]Allereerst[/b:68a5a978a4]:[list:68a5a978a4][*:68a5a978a4] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
    [*:68a5a978a4] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:68a5a978a4]
    [b:68a5a978a4]Malwarebytes MBAM opstarten[/b:68a5a978a4]:
    Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
    Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

    [b:68a5a978a4]Scannen[/b:68a5a978a4]:
    [list:68a5a978a4][*:68a5a978a4] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
    [*:68a5a978a4]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
    [*:68a5a978a4]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:68a5a978a4]
    [b:68a5a978a4]Infecties gevonden[/b:68a5a978a4]:
    [list:68a5a978a4][*:68a5a978a4]Klik nu eerst op OK om de melding weg te klikken
    [*:68a5a978a4]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
    [*:68a5a978a4]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
    [*:68a5a978a4]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
    [*:68a5a978a4]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
    [*:68a5a978a4]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:68a5a978a4]
    [b:68a5a978a4]MBAM-Log[/b:68a5a978a4]:
    [list:68a5a978a4][*:68a5a978a4] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:68a5a978a4]
    [b:68a5a978a4]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:68a5a978a4]
  • MBAM scan uitgevoerd, geen infecties gevonden:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Databaseversie: 6647

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 9.0.8112.16421

    24-5-2011 20:37:13
    mbam-log-2011-05-24 (20-37-13).txt

    Scantype: Snelle scan
    Objecten gescand: 163506
    Verstreken tijd: 3 minuut/minuten, 50 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
  • Hoi Lotte, dan de volgende scan:

    [b:28ecb8ab0d]Welk programma[/b:28ecb8ab0d]: Kaspersky [b:28ecb8ab0d]TDSSKiller[/b:28ecb8ab0d]
    [b:28ecb8ab0d]Waarvoor/waarom[/b:28ecb8ab0d]: Rootkitscanner
    [b:28ecb8ab0d]Moeilijkheidsgraad[/b:28ecb8ab0d]: geen
    [b:28ecb8ab0d]Downloadlokatie[/b:28ecb8ab0d]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
    [b:28ecb8ab0d]Download[/b:28ecb8ab0d] [b:28ecb8ab0d]TDSSKiller[/b:28ecb8ab0d] [b:28ecb8ab0d]hier[/b:28ecb8ab0d].

    [b:28ecb8ab0d]Installatie[/b:28ecb8ab0d]:
    [list:28ecb8ab0d][*:28ecb8ab0d] pak het bestand uit op je bureaublad.[/list:u:28ecb8ab0d]

    [b:28ecb8ab0d]TDSSKiller gebruiken[/b:28ecb8ab0d]:
    [list:28ecb8ab0d][*:28ecb8ab0d]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
    [*:28ecb8ab0d]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:28ecb8ab0d]Als Administrator uitvoeren[/b:28ecb8ab0d].
    [*:28ecb8ab0d] Nadat de scan klaar is, vindt je het log in de C:\ partitie
    [*:28ecb8ab0d] Post de inhoud van dat log[/list:u:28ecb8ab0d]
  • Log van de TDSSkiller:

    2011/05/24 21:21:42.0845 4604 TDSS rootkit removing tool 2.5.2.0 May 24 2011 11:01:23
    2011/05/24 21:21:42.0972 4604 ================================================================================
    2011/05/24 21:21:42.0972 4604 SystemInfo:
    2011/05/24 21:21:42.0972 4604
    2011/05/24 21:21:42.0973 4604 OS Version: 6.0.6002 ServicePack: 2.0
    2011/05/24 21:21:42.0973 4604 Product type: Workstation
    2011/05/24 21:21:42.0973 4604 ComputerName: LAPTOPLOTTIE
    2011/05/24 21:21:42.0973 4604 UserName: Lottie
    2011/05/24 21:21:42.0973 4604 Windows directory: C:\Windows
    2011/05/24 21:21:42.0973 4604 System windows directory: C:\Windows
    2011/05/24 21:21:42.0973 4604 Processor architecture: Intel x86
    2011/05/24 21:21:42.0973 4604 Number of processors: 2
    2011/05/24 21:21:42.0973 4604 Page size: 0x1000
    2011/05/24 21:21:42.0973 4604 Boot type: Normal boot
    2011/05/24 21:21:42.0973 4604 ================================================================================
    2011/05/24 21:21:43.0959 4604 Initialize success
    2011/05/24 21:21:47.0798 4368 ================================================================================
    2011/05/24 21:21:47.0798 4368 Scan started
    2011/05/24 21:21:47.0798 4368 Mode: Manual;
    2011/05/24 21:21:47.0798 4368 ================================================================================
    2011/05/24 21:21:49.0089 4368 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys
    2011/05/24 21:21:49.0219 4368 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    2011/05/24 21:21:49.0363 4368 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    2011/05/24 21:21:49.0470 4368 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    2011/05/24 21:21:49.0557 4368 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    2011/05/24 21:21:49.0654 4368 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    2011/05/24 21:21:49.0812 4368 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
    2011/05/24 21:21:49.0938 4368 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
    2011/05/24 21:21:50.0058 4368 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    2011/05/24 21:21:50.0143 4368 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    2011/05/24 21:21:50.0244 4368 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
    2011/05/24 21:21:50.0360 4368 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    2011/05/24 21:21:50.0462 4368 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
    2011/05/24 21:21:50.0587 4368 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    2011/05/24 21:21:50.0689 4368 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    2011/05/24 21:21:50.0829 4368 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    2011/05/24 21:21:50.0940 4368 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    2011/05/24 21:21:51.0050 4368 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    2011/05/24 21:21:51.0157 4368 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    2011/05/24 21:21:51.0372 4368 atikmdag (96f5eea88f9146f5f803ad20c4264565) C:\Windows\system32\DRIVERS\atikmdag.sys
    2011/05/24 21:21:51.0595 4368 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    2011/05/24 21:21:51.0715 4368 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    2011/05/24 21:21:51.0857 4368 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    2011/05/24 21:21:51.0981 4368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    2011/05/24 21:21:52.0082 4368 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    2011/05/24 21:21:52.0205 4368 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    2011/05/24 21:21:52.0310 4368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    2011/05/24 21:21:52.0423 4368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    2011/05/24 21:21:52.0523 4368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    2011/05/24 21:21:52.0818 4368 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
    2011/05/24 21:21:52.0936 4368 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    2011/05/24 21:21:53.0032 4368 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
    2011/05/24 21:21:53.0134 4368 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
    2011/05/24 21:21:53.0236 4368 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
    2011/05/24 21:21:53.0369 4368 btwaudio (229b2c1e776062a4033305d5a9d6e28d) C:\Windows\system32\drivers\btwaudio.sys
    2011/05/24 21:21:53.0476 4368 btwavdt (97062053359f6908e1fb2791bfa54734) C:\Windows\system32\drivers\btwavdt.sys
    2011/05/24 21:21:53.0607 4368 btwrchid (d9269b0e3e3cf46d677fd071a40fe6cd) C:\Windows\system32\DRIVERS\btwrchid.sys
    2011/05/24 21:21:53.0714 4368 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS
    2011/05/24 21:21:53.0898 4368 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    2011/05/24 21:21:54.0018 4368 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    2011/05/24 21:21:54.0122 4368 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
    2011/05/24 21:21:54.0215 4368 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    2011/05/24 21:21:54.0355 4368 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    2011/05/24 21:21:54.0458 4368 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
    2011/05/24 21:21:54.0592 4368 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    2011/05/24 21:21:54.0715 4368 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    2011/05/24 21:21:54.0825 4368 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    2011/05/24 21:21:54.0978 4368 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
    2011/05/24 21:21:55.0147 4368 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    2011/05/24 21:21:55.0274 4368 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
    2011/05/24 21:21:55.0393 4368 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    2011/05/24 21:21:55.0502 4368 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
    2011/05/24 21:21:55.0620 4368 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    2011/05/24 21:21:55.0759 4368 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    2011/05/24 21:21:55.0864 4368 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    2011/05/24 21:21:56.0018 4368 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    2011/05/24 21:21:56.0137 4368 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    2011/05/24 21:21:56.0266 4368 enecir (004b2ea6cc2598ec5f0552e43ce29cef) C:\Windows\system32\DRIVERS\enecir.sys
    2011/05/24 21:21:56.0364 4368 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    2011/05/24 21:21:56.0519 4368 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    2011/05/24 21:21:56.0643 4368 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    2011/05/24 21:21:56.0774 4368 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    2011/05/24 21:21:56.0880 4368 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    2011/05/24 21:21:56.0978 4368 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    2011/05/24 21:21:57.0086 4368 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    2011/05/24 21:21:57.0216 4368 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    2011/05/24 21:21:57.0338 4368 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
    2011/05/24 21:21:57.0434 4368 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    2011/05/24 21:21:57.0563 4368 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    2011/05/24 21:21:57.0701 4368 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    2011/05/24 21:21:57.0834 4368 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    2011/05/24 21:21:57.0925 4368 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    2011/05/24 21:21:58.0032 4368 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
    2011/05/24 21:21:58.0130 4368 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    2011/05/24 21:21:58.0232 4368 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    2011/05/24 21:21:58.0326 4368 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys
    2011/05/24 21:21:58.0447 4368 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
    2011/05/24 21:21:58.0602 4368 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    2011/05/24 21:21:58.0738 4368 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
    2011/05/24 21:21:58.0853 4368 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    2011/05/24 21:21:58.0976 4368 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    2011/05/24 21:21:59.0078 4368 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    2011/05/24 21:21:59.0186 4368 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    2011/05/24 21:21:59.0306 4368 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
    2011/05/24 21:21:59.0412 4368 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    2011/05/24 21:21:59.0528 4368 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    2011/05/24 21:21:59.0724 4368 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    2011/05/24 21:21:59.0823 4368 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    2011/05/24 21:21:59.0946 4368 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    2011/05/24 21:21:59.0984 4368 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    2011/05/24 21:22:00.0082 4368 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    2011/05/24 21:22:00.0161 4368 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    2011/05/24 21:22:00.0266 4368 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    2011/05/24 21:22:00.0358 4368 JMCR (ab772e9cc29c29f59cb4b75f9d6f3f96) C:\Windows\system32\DRIVERS\jmcr.sys
    2011/05/24 21:22:00.0442 4368 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    2011/05/24 21:22:00.0552 4368 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
    2011/05/24 21:22:00.0669 4368 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
    2011/05/24 21:22:00.0809 4368 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
    2011/05/24 21:22:00.0933 4368 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
    2011/05/24 21:22:01.0049 4368 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    2011/05/24 21:22:01.0164 4368 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    2011/05/24 21:22:01.0254 4368 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    2011/05/24 21:22:01.0347 4368 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    2011/05/24 21:22:01.0443 4368 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    2011/05/24 21:22:01.0544 4368 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    2011/05/24 21:22:01.0653 4368 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    2011/05/24 21:22:01.0752 4368 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    2011/05/24 21:22:01.0847 4368 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    2011/05/24 21:22:01.0934 4368 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    2011/05/24 21:22:02.0021 4368 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    2011/05/24 21:22:02.0116 4368 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    2011/05/24 21:22:02.0201 4368 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    2011/05/24 21:22:02.0292 4368 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    2011/05/24 21:22:02.0391 4368 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    2011/05/24 21:22:02.0514 4368 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    2011/05/24 21:22:02.0626 4368 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
    2011/05/24 21:22:02.0766 4368 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    2011/05/24 21:22:02.0890 4368 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    2011/05/24 21:22:03.0009 4368 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    2011/05/24 21:22:03.0096 4368 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    2011/05/24 21:22:03.0212 4368 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    2011/05/24 21:22:03.0318 4368 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    2011/05/24 21:22:03.0433 4368 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    2011/05/24 21:22:03.0524 4368 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    2011/05/24 21:22:03.0624 4368 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    2011/05/24 21:22:03.0762 4368 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    2011/05/24 21:22:03.0862 4368 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    2011/05/24 21:22:03.0946 4368 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    2011/05/24 21:22:04.0065 4368 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    2011/05/24 21:22:04.0209 4368 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS
    wifi.sys
    2011/05/24 21:22:04.0338 4368 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers
    dis.sys
    2011/05/24 21:22:04.0431 4368 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS
    distapi.sys
    2011/05/24 21:22:04.0514 4368 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS
    disuio.sys
    2011/05/24 21:22:04.0666 4368 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS
    diswan.sys
    2011/05/24 21:22:04.0759 4368 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    2011/05/24 21:22:04.0864 4368 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS
    etbios.sys
    2011/05/24 21:22:04.0985 4368 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS
    etbt.sys
    2011/05/24 21:22:05.0168 4368 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
    2011/05/24 21:22:05.0389 4368 NETw5v32 (ba420e8ebfcad35581fe8e4c64f71469) C:\Windows\system32\DRIVERS\NETw5v32.sys
    2011/05/24 21:22:05.0545 4368 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers
    frd960.sys
    2011/05/24 21:22:05.0681 4368 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    2011/05/24 21:22:05.0808 4368 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers
    siproxy.sys
    2011/05/24 21:22:05.0955 4368 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    2011/05/24 21:22:06.0066 4368 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers
    trigdigi.sys
    2011/05/24 21:22:06.0163 4368 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    2011/05/24 21:22:06.0249 4368 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers
    vraid.sys
    2011/05/24 21:22:06.0340 4368 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers
    vstor.sys
    2011/05/24 21:22:06.0439 4368 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers
    v_agp.sys
    2011/05/24 21:22:06.0725 4368 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    2011/05/24 21:22:06.0854 4368 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    2011/05/24 21:22:06.0976 4368 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
    2011/05/24 21:22:07.0062 4368 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    2011/05/24 21:22:07.0172 4368 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    2011/05/24 21:22:07.0263 4368 pciide (1d8b3d8df8eb7fcf2f0ac02f9f947802) C:\Windows\system32\drivers\pciide.sys
    2011/05/24 21:22:07.0364 4368 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    2011/05/24 21:22:07.0495 4368 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    2011/05/24 21:22:07.0656 4368 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    2011/05/24 21:22:07.0779 4368 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    2011/05/24 21:22:07.0901 4368 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    2011/05/24 21:22:08.0019 4368 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
    2011/05/24 21:22:08.0153 4368 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    2011/05/24 21:22:08.0246 4368 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    2011/05/24 21:22:08.0349 4368 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    2011/05/24 21:22:08.0444 4368 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    2011/05/24 21:22:08.0539 4368 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    2011/05/24 21:22:08.0674 4368 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    2011/05/24 21:22:08.0811 4368 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    2011/05/24 21:22:08.0934 4368 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    2011/05/24 21:22:09.0032 4368 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    2011/05/24 21:22:09.0140 4368 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    2011/05/24 21:22:09.0238 4368 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    2011/05/24 21:22:09.0371 4368 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
    2011/05/24 21:22:09.0503 4368 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
    2011/05/24 21:22:09.0620 4368 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    2011/05/24 21:22:09.0740 4368 RTL2832UBDA (9f9acc7e0c86d7f2e29fcb6f949173e1) C:\Windows\system32\drivers\RTL2832UBDA.sys
    2011/05/24 21:22:09.0885 4368 RTL2832UUSB (ad5774a01bd623b4e2ef42b82b13a3f0) C:\Windows\system32\Drivers\RTL2832UUSB.sys
    2011/05/24 21:22:09.0997 4368 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
    2011/05/24 21:22:10.0098 4368 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    2011/05/24 21:22:10.0218 4368 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
    2011/05/24 21:22:10.0316 4368 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    2011/05/24 21:22:10.0416 4368 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    2011/05/24 21:22:10.0519 4368 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    2011/05/24 21:22:10.0640 4368 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    2011/05/24 21:22:10.0779 4368 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
    2011/05/24 21:22:10.0881 4368 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    2011/05/24 21:22:10.0978 4368 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
    2011/05/24 21:22:11.0073 4368 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    2011/05/24 21:22:11.0184 4368 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    2011/05/24 21:22:11.0282 4368 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    2011/05/24 21:22:11.0370 4368 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    2011/05/24 21:22:11.0506 4368 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    2011/05/24 21:22:11.0634 4368 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    2011/05/24 21:22:11.0783 4368 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    2011/05/24 21:22:11.0903 4368 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
    2011/05/24 21:22:12.0021 4368 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
    2011/05/24 21:22:12.0156 4368 STHDA (84c78b53838bdec2b0853adc782cd5de) C:\Windows\system32\DRIVERS\stwrt.sys
    2011/05/24 21:22:12.0280 4368 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
    2011/05/24 21:22:12.0383 4368 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    2011/05/24 21:22:12.0485 4368 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    2011/05/24 21:22:12.0578 4368 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    2011/05/24 21:22:12.0678 4368 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    2011/05/24 21:22:12.0810 4368 SynTP (a94629c2c456a6d002556563d6b8ad1a) C:\Windows\system32\DRIVERS\SynTP.sys
    2011/05/24 21:22:12.0984 4368 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
    2011/05/24 21:22:13.0129 4368 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
    2011/05/24 21:22:13.0244 4368 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    2011/05/24 21:22:13.0351 4368 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    2011/05/24 21:22:13.0462 4368 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    2011/05/24 21:22:13.0585 4368 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    2011/05/24 21:22:13.0692 4368 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    2011/05/24 21:22:13.0847 4368 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    2011/05/24 21:22:13.0954 4368 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    2011/05/24 21:22:14.0089 4368 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    2011/05/24 21:22:14.0209 4368 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    2011/05/24 21:22:14.0336 4368 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    2011/05/24 21:22:14.0456 4368 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    2011/05/24 21:22:14.0568 4368 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    2011/05/24 21:22:14.0679 4368 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    2011/05/24 21:22:14.0781 4368 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    2011/05/24 21:22:14.0901 4368 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    2011/05/24 21:22:15.0030 4368 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
    2011/05/24 21:22:15.0147 4368 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    2011/05/24 21:22:15.0252 4368 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    2011/05/24 21:22:15.0347 4368 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    2011/05/24 21:22:15.0457 4368 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    2011/05/24 21:22:15.0562 4368 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    2011/05/24 21:22:15.0668 4368 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    2011/05/24 21:22:15.0775 4368 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    2011/05/24 21:22:15.0874 4368 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    2011/05/24 21:22:15.0975 4368 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    2011/05/24 21:22:16.0104 4368 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
    2011/05/24 21:22:16.0246 4368 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    2011/05/24 21:22:16.0343 4368 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    2011/05/24 21:22:16.0436 4368 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    2011/05/24 21:22:16.0533 4368 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    2011/05/24 21:22:16.0646 4368 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
    2011/05/24 21:22:16.0850 4368 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    2011/05/24 21:22:16.0971 4368 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    2011/05/24 21:22:17.0056 4368 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    2011/05/24 21:22:17.0135 4368 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    2011/05/24 21:22:17.0250 4368 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    2011/05/24 21:22:17.0339 4368 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/24 21:22:17.0354 4368 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    2011/05/24 21:22:17.0467 4368 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    2011/05/24 21:22:17.0573 4368 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    2011/05/24 21:22:17.0784 4368 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    2011/05/24 21:22:17.0926 4368 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    2011/05/24 21:22:18.0040 4368 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    2011/05/24 21:22:18.0187 4368 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    2011/05/24 21:22:18.0316 4368 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
    2011/05/24 21:22:18.0411 4368 {55662437-DA8C-40c0-AADA-2C816A897A49} (556b5cfe8d21b256add7f87d7f4b4123) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
    2011/05/24 21:22:18.0452 4368 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
    2011/05/24 21:22:18.0460 4368 ================================================================================
    2011/05/24 21:22:18.0460 4368 Scan finished
    2011/05/24 21:22:18.0460 4368 ================================================================================
    2011/05/24 21:22:18.0478 3344 Detected object count: 0
    2011/05/24 21:22:18.0478 3344 Actual detected object count: 0












  • Mooi log, geen TDL-rootkitvariant!

    Heb je alweer een antivirusprogramma geïnstalleerd?


    Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's.

    Avast speelt hier dus duidelijk op de nieuwe bedreigingen van het internet in!
    Bovendien merk je nauwelijks, dat Avast draait!
    Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!

    [b:e2a6aada44]Downloadlink Avast 6 Free[/b:e2a6aada44]

    Andere gratis alternatieven:

    [b:e2a6aada44]Panda Cloud Antivirus[/b:e2a6aada44] - downloadlink
    [b:e2a6aada44]AVG Free 2011[/b:e2a6aada44] - downloadlink
    [b:e2a6aada44]Avira Antivir[/b:e2a6aada44] - downloadlink
    [b:e2a6aada44]Microsoft Security Essentials[/b:e2a6aada44] - downloadlink


    Welke je ook kiest, laat je keuze na updaten een volledige systeemscan doen en post daarna een nieuw Hijack This-log


    De rangschikking van de programma's is gedaan naar ratio van de beveiliging en herkenning van malware.
  • De scan met Avast ging goed - geen bedreiging gevonden. Dit is de logfile van Hijack na de scan:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 23:22:42, on 24-5-2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
    C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
    C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs
    dr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
    O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com
    esources/scanner/sources/en/scan8/oscan8.cab
    O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe
    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe
    O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
    O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


    End of file - 13986 bytes

  • Hoi Lotte, dat ziet er goed uit - zo te zien is AVG goed verwijdert.

    Hoe draait jou Windows nu en als ex-AVG gebruikster, hoe bevalt nu Avast?
  • Op zich op ik weinig gemerkt van AVG, pas toen het dit virus niet tegenhield terwijl ik net de upgrade naar 2011 had uitgevoerd. Het verwijderen van AVG viel me wel tegen, ik hou niet zo van programma's die zich niet willen laten verwijderen. Avast werkt nu stilletjes op de achtergrond, dus dat bevalt prima.
  • Heb jij Avast inmiddels een volledige systeemscan laten doen?

    Zoja, heeft Avast dan nog wat gevonden?
  • Ja, Avast heeft een volledige scan uitgevoerd en gelukkig niets kunnen vinden. Nu moet ik alleen het programma menu zien te herstellen, de rest werkt weer.
  • Hoi Lotte, misschien wil dit daarbij helpen:

    ga naar [b:3ca5acacc8]Start[/b:3ca5acacc8] en typ [in de zoekregel [b:3ca5acacc8]cmd[/b:3ca5acacc8]; bovenaan het startmenu zie je nu de betreffende snelkoppeling.
    Klik deze snelkoppeling met rechts aan en kies voor [b:3ca5acacc8]Als administrator uitvoeren[/b:3ca5acacc8].

    In het zwarte venster typ je nu [b:3ca5acacc8]sfc /scannow[/b:3ca5acacc8] gevolgd door indrukken van de Entertoets.

    Denk wel aan de spatie na 'sfc'.
    In het zwarte venster zie nu de voortgang van de scan.

    Is de scan klaar, typ je [b:3ca5acacc8]Exit[/b:3ca5acacc8] gevolgd door indrukken van de Entertoets.


    SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zonodig volgt reparatie.


    Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.
  • Ik heb de scan uitgevoerd en er zijn een aantal beschadigde bestanden gevonden die niet gerepareerd kunnen worden. ik weet niet of je er wat aan hebt, maar dit is het logfile:

    2011-05-24 23:29:42, Info CBS Archived log file: C:\Windows\Logs\CBS\CBS.log to: C:\Windows\Logs\CBS\CBS.persist.log
    2011-05-24 23:29:42, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
    2011-05-24 23:29:42, Info CSI 00000001@2011/5/24:21:29:42.371 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x7432854e @0x743063a1 @0xb41392 @0xb41ed4 @0xb417cb)
    2011-05-24 23:29:42, Info CSI 00000002@2011/5/24:21:29:42.387 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x7435e7b6 @0x74340f93 @0xb41392 @0xb41ed4 @0xb417cb)
    2011-05-24 23:29:42, Info CSI 00000003@2011/5/24:21:29:42.387 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x742e1a0d @0x742e1794 @0xb4360b @0xb42be3 @0xb417cb)
    2011-05-24 23:29:42, Info CBS NonStart: Checking to ensure startup processing was not required.
    2011-05-24 23:29:42, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xf4ff20
    2011-05-24 23:29:42, Info CBS NonStart: Success, startup processing not required as expected.
    2011-05-24 23:29:42, Info CSI 00000005 CSI Store 3201744 (0x0030dad0) initialized
    2011-05-24 23:29:42, Info CBS Session: 30153305:2983182720 initialized.
    2011-05-24 23:29:42, Info CBS Session: 30153305:2983182720 finalized. Reboot required: no
    2011-05-25 07:51:40, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
    2011-05-25 07:51:40, Info CSI 00000001@2011/5/25:05:51:40.425 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6cb7854e @0x6cb563a1 @0xac1392 @0xac1ed4 @0xac17cb)
    2011-05-25 07:51:40, Info CSI 00000002@2011/5/25:05:51:40.643 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6cbae7b6 @0x6cb90f93 @0xac1392 @0xac1ed4 @0xac17cb)
    2011-05-25 07:51:40, Info CSI 00000003@2011/5/25:05:51:40.659 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6c9a1a0d @0x6c9a1794 @0xac360b @0xac2be3 @0xac17cb)
    2011-05-25 07:51:40, Info CBS NonStart: Checking to ensure startup processing was not required.
    2011-05-25 07:51:40, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xc5fc70
    2011-05-25 07:51:40, Info CBS NonStart: Success, startup processing not required as expected.
    2011-05-25 07:51:41, Info CSI 00000005 CSI Store 2939600 (0x002cdad0) initialized
    2011-05-25 07:51:41, Info CBS Session: 30153375:3525527472 initialized.
    2011-05-25 07:54:14, Info CBS Session: 30153375:3525527472 finalized. Reboot required: no
    2011-05-25 08:01:40, Info CBS Scavenge: Package store indicates there is no component to scavenge, skipping.
    2011-05-25 19:25:12, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
    2011-05-25 19:25:12, Info CSI 00000001@2011/5/25:17:25:12.781 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x5fee854e @0x5fec63a1 @0xac1392 @0xac1ed4 @0xac17cb)
    2011-05-25 19:25:12, Info CSI 00000002@2011/5/25:17:25:12.797 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x5ff1e7b6 @0x5ff00f93 @0xac1392 @0xac1ed4 @0xac17cb)
    2011-05-25 19:25:12, Info CSI 00000003@2011/5/25:17:25:12.797 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x73401a0d @0x73401794 @0xac360b @0xac2be3 @0xac17cb)
    2011-05-25 19:25:12, Info CBS NonStart: Checking to ensure startup processing was not required.
    2011-05-25 19:25:12, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xe7fc14
    2011-05-25 19:25:12, Info CBS NonStart: Success, startup processing not required as expected.
    2011-05-25 19:25:12, Info CSI 00000005 CSI Store 2480848 (0x0025dad0) initialized
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027432288 initialized.
    2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027432288 finalized. Reboot required: no
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027588288 initialized.
    2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027588288 finalized. Reboot required: no
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027744288 initialized.
    2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
    2011-05-25 19:25:12, Info CBS Session: 30153472:3027744288 finalized. Reboot required: no
    2011-05-25 19:25:35, Info CBS Session: 30153472:3254336288 initialized.
    2011-05-25 19:25:35, Info CBS Session: 30153472:3254336288 finalized. Reboot required: no
    2011-05-25 19:25:35, Info CBS Session: 30153472:3254336289 initialized.
    2011-05-25 19:25:35, Info CBS Session: 30153472:3254336289 finalized. Reboot required: no
    2011-05-25 19:25:36, Info CBS Session: 30153472:3267752288 initialized.
    2011-05-25 19:25:36, Info CBS Session: 30153472:3267752288 finalized. Reboot required: no
    2011-05-25 19:25:36, Info CBS Session: 30153472:3267752289 initialized.
    2011-05-25 19:25:37, Info CBS Session: 30153472:3267752289 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3584604288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Package_for_KB2378111~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3584604288 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586320288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586320288 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586476288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-WPD7IP-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18112, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586476288 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586476289 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-DGT-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18107, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586476289 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586632288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-UIRibbon-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18108, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3586632288 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3587256288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~lt-LT~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:08, Info CBS Session: 30153472:3587256288 finalized. Reboot required: no
    2011-05-25 19:26:08, Info CBS Session: 30153472:3587412288 initialized.
    2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Package_for_KB2345886~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:08, Info CBS Session: 30153472:3587412288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3589440288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB981322~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3589440288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3589596288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2423089~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3589596288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591000288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB977864~31bf3856ad364e35~x86~~6.1.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591000288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB974307~31bf3856ad364e35~x86~~6.1.1.2, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156289 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB966315~31bf3856ad364e35~x86~~6.1.1.2, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156289 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156290 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB972270~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591156290 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591312288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB979910~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591312288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591624288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB971961~31bf3856ad364e35~x86~~8.0.1.1, ApplicableState: 0, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591624288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591780288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2443685~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3591780288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3594900288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2207566~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3594900288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~x86~~6.0.14.0, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368289 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~x86~~6.0.12.0, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368289 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368290 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~hr-HR~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595368290 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595680288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2524375~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3595680288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3597708288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2507618~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3597708288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598020288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2508429~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598020288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598020289 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB946253~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598020289 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598176288 initialized.
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598176288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598176289 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2419640~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598176289 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598332288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB982480~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598332288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598488288 initialized.
    2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2506223~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598488288 finalized. Reboot required: no
    2011-05-25 19:26:09, Info CBS Session: 30153472:3598800288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB967723~31bf3856ad364e35~x86~~6.0.1.7, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3598800288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602076288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602076288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602232288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB970710~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602232288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602388288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB973687~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602388288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602388289 initialized.
    2011-05-25 19:26:10, Info CBS Session: 30153472:3602388289 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3603012288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3603012288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3603168288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB975467~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3603168288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604104288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2506212~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604104288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604260288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB978542~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604260288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604416288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-Webservices-Package-TopLevel~31bf3856ad364e35~amd64~~6.0.6001.18302, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604416288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604416289 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-Webservices-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6001.18302, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604416289 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604572288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604572288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604572289 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-WPD7IP-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18112, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604572289 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604728288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-DGT-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18107, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604728288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604728289 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-UIRibbon-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18108, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604728289 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604884288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB982665~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3604884288 finalized. Reboot required: no
    2011-05-25 19:26:10, Info CBS Session: 30153472:3605040288 initialized.
    2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2117917~31bf3856ad364e35~x86~~6.0.1.5, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:10, Info CBS Session: 30153472:3605040288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660108288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~nb-NO~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660108288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB968816~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981332~31bf3856ad364e35~x86~~8.0.1.0, ApplicableState: 0, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264290 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971737~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660264290 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660420288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_1_for_KB925028~31bf3856ad364e35~x86~~6.0.0.1, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660420288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660732288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~zh-TW~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660732288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660732289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2509553~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660732289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660888288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~hu-HU~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3660888288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981550~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979482~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512290 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2510581~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661512290 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661668288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981349~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661668288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661668289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB973507~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661668289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661824288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979687~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661824288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661980288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB980842~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3661980288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662292288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2416470~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662292288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2483614~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2492386~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916290 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2347290~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3662916290 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663228288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975254~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663228288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663384288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971657~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663384288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663384289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982132~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663384289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663540288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2449742~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663540288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663852288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979744~31bf3856ad364e35~x86~~6.0.2.0, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3663852288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664008288 initialized.
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664008288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664008289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971029~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664008289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664944288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2481109~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664944288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664944289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB976662~31bf3856ad364e35~x86~~8.0.1.0, ApplicableState: 0, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3664944289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665100288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2478935~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665100288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665256288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982666~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665256288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665412288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2508272~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665412288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665412289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_1_for_KB929399~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: -17, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665412289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665568288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981997~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665568288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665568289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~de-DE~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665568289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665724288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~he-IL~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665724288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665724289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~en-US~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665724289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665880288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB905866~31bf3856ad364e35~x86~~6.0.48.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3665880288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666036288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~sl-SI~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666036288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666036289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB976470~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666036289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666192288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975558~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666192288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666192289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2503658~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666192289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666504288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~nl-NL~6.0.1.18000, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666504288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666504289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~es-ES~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666504289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666660288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~pt-PT~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666660288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666816288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~sv-SE~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666816288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666816289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~bg-BG~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666816289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666972288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB961501~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666972288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666972289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2505189~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3666972289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667440288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2387149~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667440288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667596288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975560~31bf3856ad364e35~x86~~6.0.1.5, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667596288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667596289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982799~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3667596289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668220288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ja-JP~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668220288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668220289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB978601~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668220289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668376288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979309~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668376288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668376289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~zh-CN~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668376289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668532288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~uk-UA~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668532288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668688288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB968389~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668688288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668688289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~cs-CZ~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668688289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668844288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2522422~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668844288 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668844289 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2281679~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:16, Info CBS Session: 30153472:3668844289 finalized. Reboot required: no
    2011-05-25 19:26:16, Info CBS Session: 30153472:3669000288 initialized.
    2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB960859~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 4, CurrentState:0
    2011-05-25 19:26:16, Info CBS Session: 30153472:3669000288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2479943~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB977816~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156290 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Microsoft-Windows-MediaPlayer-OOB-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6000.16386, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669156290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669468288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB971961~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669468288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669624288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB980842~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669624288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669936288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB976768~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3669936288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3670248288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB978886~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3670248288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673056288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB956250~31bf3856ad364e35~x86~~6.1.6001.18242, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673056288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673056289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB979899~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673056289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673212288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2412687~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673212288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673368288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB970430~31bf3856ad364e35~x86~~6.0.1.6, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3673368288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3674460288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2483185~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3674460288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3674616288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2305420~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3674616288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB976002~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:8
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2494132~31bf3856ad364e35~x86~~6.1.1.0, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084290 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2442962~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675084290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675240288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ar-SA~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675240288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675240289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~el-GR~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3675240289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676332288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2079403~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676332288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676332289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ru-RU~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676332289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676488288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ro-RO~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676488288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676644288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Microsoft-Windows-GroupPolicy-Preferences-CSE-Pack-TopLevel~31bf3856ad364e35~x86~~6.0.6001.18123, ApplicableState: 7, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676644288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676800288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ko-KR~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676800288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676800289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB973540~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676800289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676956288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~da-DK~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3676956288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677112288 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB979099~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677112288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677112289 initialized.
    2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~fr-FR~6.0.1.18000, ApplicableState: 0, CurrentState:0
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677112289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268289 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268290 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268291 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268291 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268292 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268292 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268293 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677268293 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424289 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424290 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677424290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677736288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677736288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892289 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892290 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892291 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892291 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892292 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892292 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892293 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892293 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892294 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892294 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892295 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892295 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892296 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3677892296 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048289 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048290 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048290 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048291 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048291 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048292 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048292 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048293 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048293 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048294 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048294 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048295 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048295 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048296 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678048296 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204288 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204288 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204289 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204289 finalized. Reboot required: no
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204290 initialized.
    2011-05-25 19:26:17, Info CBS Session: 30153472:3678204290 fina

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.