Vraag & Antwoord

Beveiliging & privacy

Bestanden weg door virus

Anoniem
None
29 antwoorden
 • Helaas zijn door een vervelend virus/trojan al mijn bestanden 'weg' - dwz niet meer zichtbaar. Volgens mij staan ze nog op mijn computer maar zijn ze verborgen. Het virus heb ik nu weten te verwijderen via AVG en Adaware, maar mijn bestanden zijn nog steeds zoek (net als alle programma's, internet favorieten, bureaublad pictogrammen).
  Ik ben nu met Hijackthis bezig, maar de logfile wil die niet opslaan (Windows vista, ik heb administrator rechten). Malwarebytes is nu aan het scannen, maar heeft nog niets gevonden (hier kan ik dus zien dat mijn bestanden er nog wel zijn) :x .
  Het virus gaf allemaal valse Windows waarschuwingen, o.a. dat de harde schijf was gecrashed. Natuurlijk met de fijne melding dat je een speciaal programma kon kopen om de boel weer op de rit te krijgen.
  Anyway - dat is nu opgelost maar hoe krijg ik mijn bestanden en programma's weer zichtbaar?
 • UIteindelijk toch gelukt om Hijack logfile te krijgen:

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 10:16:02, on 23-5-2011
  Platform: Windows Vista SP2 (WinNT 6.00.1906)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\taskeng.exe
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
  C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
  C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
  C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
  C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
  C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
  C:\Program Files\IDT\WDM\sttray.exe
  C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
  C:\Program Files\Common Files\Java\Java Update\jusched.exe
  C:\Program Files\AVG\AVG10\avgtray.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
  C:\Windows\ehome\ehtray.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
  C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
  C:\Windows\ehome\ehmsas.exe
  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
  C:\Windows\system32\conime.exe
  C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
  C:\Program Files\Common Files\Java\Java Update\jucheck.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
  R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O1 - Hosts: ::1 localhost
  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
  O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
  O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
  O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngin0.dll
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
  O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
  O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
  O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
  O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
  O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
  O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
  O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
  O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
  O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
  O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
  O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
  O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
  O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
  O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
  O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
  O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab
  O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
  O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
  O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
  O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe
  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
  O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
  O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe
  O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
  O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


  End of file - 15447 bytes

  En van MBAM (1ste scan):
  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6647

  Windows 6.0.6002 Service Pack 2 (Safe Mode)
  Internet Explorer 9.0.8112.16421

  23-5-2011 9:26:33
  mbam-log-2011-05-23 (09-26-33).txt

  Scantype: Volledige scan (C:\|D:\|)
  Objecten gescand: 395772
  Verstreken tijd: 57 minuut/minuten, 7 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 0
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 2
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)


  En na een 2de snelle scan (computer was al weer een keer vastgelopen vlak na de 1ste scan):

  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6647

  Windows 6.0.6002 Service Pack 2
  Internet Explorer 9.0.8112.16421

  23-5-2011 10:36:50
  mbam-log-2011-05-23 (10-36-50).txt

  Scantype: Snelle scan
  Objecten gescand: 170341
  Verstreken tijd: 10 minuut/minuten, 2 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 0
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 0
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)


  Door bij de mapopties 'alle bestanden weergeven' aan te vinken, kan ik nu wel weer mijn bestanden zien - maar alleen de bestanden die ik na het verwijderen van het virus heb gemaakt / gedownload zijn actief.
  Voor de rest kom ik hier niet echt verder mee :(
 • Hoi Lottie, ik wil dat jij onderstaande gaat doen:

  [b:e7626d5dcb]Welk programma[/b:e7626d5dcb]: ComboFix
  [b:e7626d5dcb]Waarvoor/waarom[/b:e7626d5dcb]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
  en zo mogelijk op te schonen.
  [b:e7626d5dcb]Moeilijkheidsgraad[/b:e7626d5dcb]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
  [b:e7626d5dcb]Downloadlokatie[/b:e7626d5dcb]: Dit programma absoluut naar het bureaublad downloaden!
  [b:e7626d5dcb]Download ComboFix via één van deze locaties[/b:e7626d5dcb]:
  [list:e7626d5dcb][*:e7626d5dcb][b:e7626d5dcb]Bleepingcomputer[/b:e7626d5dcb]
  [*:e7626d5dcb][b:e7626d5dcb]ForoSpyware[/b:e7626d5dcb]
  [*:e7626d5dcb][b:e7626d5dcb]Geekstogo[/b:e7626d5dcb][/list:u:e7626d5dcb]
  [b:e7626d5dcb]Hier[/b:e7626d5dcb] zie je hoe je ComboFix moet gebruiken.

  Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
  [b:e7626d5dcb]Hier[/b:e7626d5dcb] en [b:e7626d5dcb]hier[/b:e7626d5dcb] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

  [b:e7626d5dcb]Voor alle duidelijkheid nogmaals[/b:e7626d5dcb]: ComboFix dient vanaf het bureaublad gestart te worden.

  [b:e7626d5dcb]Opmerkingen[/b:e7626d5dcb]:
  [list:e7626d5dcb][*:e7626d5dcb] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
  [*:e7626d5dcb]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
  [*:e7626d5dcb]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:e7626d5dcb]
  [b:e7626d5dcb]ComboFix is opgestart[/b:e7626d5dcb]:
  [list:e7626d5dcb][*:e7626d5dcb]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
  [*:e7626d5dcb]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
  [*:e7626d5dcb]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
  [*:e7626d5dcb]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
  [*:e7626d5dcb]Post de inhoud van dit logbestand in je volgende bericht.
  [*:e7626d5dcb]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:e7626d5dcb]
  [b:e7626d5dcb]Belangrijke opmerking[/b:e7626d5dcb]:
  [list:e7626d5dcb][*:e7626d5dcb][b:e7626d5dcb]
 • Dit is de logfile van combofix:

  ComboFix 11-05-23.02 - Lottie 24-05-2011 11:47:55.1.2 - x86
  Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1783 [GMT 2:00]
  Gestart vanuit: c:\users\Lottie\Desktop\ComboFix.exe
  AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
  SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
  SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  C:\Install.exe
  c:\users\Lottie\AppData\Roaming\.#
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-04-24 to 2011-05-24 ))))))))))))))))))))))))))))))
  .
  .
  2011-05-24 09:54 . 2011-05-24 09:54 ——– d—–w- c:\users\Default\AppData\Local\temp
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\users\Lottie\AppData\Roaming\Malwarebytes
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\programdata\Malwarebytes
  2011-05-23 04:11 . 2010-12-20 16:09 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
  2011-05-23 04:11 . 2010-12-20 16:08 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
  2011-05-23 04:01 . 2011-05-23 04:01 388096 —-a-r- c:\users\Lottie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2011-05-23 04:01 . 2011-05-23 04:01 ——– d—–w- c:\program files\Trend Micro
  2011-05-22 21:52 . 2011-05-22 17:37 16432 —-a-w- c:\windows\system32\lsdelete.exe
  2011-05-22 17:37 . 2011-05-22 17:37 98392 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
  2011-05-22 17:30 . 2011-04-29 10:12 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
  2011-05-22 17:29 . 2011-05-22 17:29 ——– d—–w- c:\program files\Lavasoft
  2011-05-22 17:29 . 2011-05-22 17:30 ——– d–h–w- c:\programdata\Lavasoft
  2011-05-22 16:59 . 2011-05-22 16:59 ——– d—–w- c:\windows\BDOSCAN8
  2011-05-22 11:55 . 2011-05-24 09:47 1527796 —-a-w- c:\windows\system32\PerfStringBackup.TMP
  2011-05-22 11:08 . 2011-05-22 11:08 ——– d–h–w- c:\programdata\WindowsSearch
  2011-05-15 11:36 . 2011-05-15 11:36 ——– d–h–w- c:\program files\iPod
  2011-05-14 08:54 . 2011-05-14 10:39 ——– d–h–w- c:\programdata\MFAData
  2011-05-10 20:55 . 2011-04-07 12:01 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
  2011-04-28 20:02 . 2011-03-03 15:40 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
  2011-04-28 20:02 . 2011-03-03 13:35 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
  2011-04-28 20:01 . 2011-03-12 21:55 876032 —-a-w- c:\windows\system32\XpsPrint.dll
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-04-10 17:58 . 2011-04-10 17:58 0 —ha-w- c:\windows\system32\ConduitEngine.tmp
  2011-04-06 14:20 . 2011-04-06 14:20 91424 —ha-w- c:\windows\system32\dnssd.dll
  2011-04-06 14:20 . 2011-04-06 14:20 107808 —ha-w- c:\windows\system32\dns-sd.exe
  2011-03-10 17:03 . 2011-04-15 20:27 1162240 —-a-w- c:\windows\system32\mfc42u.dll
  2011-03-10 17:03 . 2011-04-15 20:26 1136640 —-a-w- c:\windows\system32\mfc42.dll
  2011-03-03 15:42 . 2011-04-15 20:26 739328 —-a-w- c:\windows\system32\inetcomm.dll
  2011-03-03 15:40 . 2011-04-28 20:02 173056 —-a-w- c:\windows\apppatch\AcXtrnal.dll
  2011-03-03 15:40 . 2011-04-28 20:02 542720 —-a-w- c:\windows\apppatch\AcLayers.dll
  2011-03-03 15:40 . 2011-04-28 20:02 458752 —-a-w- c:\windows\apppatch\AcSpecfc.dll
  2011-03-03 15:40 . 2011-04-28 20:02 2159616 —-a-w- c:\windows\apppatch\AcGenral.dll
  2011-03-03 13:25 . 2011-04-15 20:26 2041856 —-a-w- c:\windows\system32\win32k.sys
  2011-03-02 15:44 . 2011-04-15 20:26 86528 —-a-w- c:\windows\system32\dnsrslvr.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
  2011-01-17 14:54 175912 —ha-w- c:\program files\ConduitEngine\prxConduitEngin0.dll
  .
  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  2011-01-17 14:54 175912 —ha-w- c:\program files\Vuze_Remote\prxtbVuz0.dll
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngin0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
  .
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
  "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
  "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
  "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
  "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
  "TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
  "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
  "UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
  "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
  "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
  "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
  "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
  "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
  "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
  "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
  "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
  "Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
  "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
  "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-10-26 450659]
  "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
  "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
  "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
  "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
  "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
  "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
  @="Service"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  @="Driver"
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-05-16 2151128]
  R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-29 15232]
  R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 93344]
  R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 32800]
  R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
  S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-29 64512]
  S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/17 03:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 16:04 87536]
  S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe [2008-06-27 77824]
  S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
  S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
  S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]
  S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]
  S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]
  S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
  S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360]
  S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
  .
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  bthsvcs REG_MULTI_SZ BthServ
  HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
  hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
  HPService REG_MULTI_SZ HPSLPSVC
  LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
  .
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
  ezSharedSvc
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  2008-06-09 08:14 451872 —ha-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
  .
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.nu.nl/
  mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  uInternet Settings,ProxyOverride = *.local
  IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  IE: Converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
  IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Selectie converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  Trusted Zone: r-w.nl\ex
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  URLSearchHooks-{87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
  .
  .
  .
  **************************************************************************
  .
  catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2011-05-24 11:55
  Windows 6.0.6002 Service Pack 2 NTFS
  .
  scannen van verborgen processen …
  .
  scannen van verborgen autostart items …
  .
  scannen van verborgen bestanden …
  .
  Scan succesvol afgerond
  verborgen bestanden: 0
  .
  **************************************************************************
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
  "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  Voltooingstijd: 2011-05-24 12:02:45
  ComboFix-quarantined-files.txt 2011-05-24 10:02
  .
  Pre-Run: 407.927.050.240 bytes beschikbaar
  Post-Run: 406.951.989.248 bytes beschikbaar
  .
  - - End Of File - - CBD141974AF3A2696673208C742CBAAE

  Mijn programma's, documenten en favorieten zijn trouwens weer allemaal normaal zichtbaar!
 • Hallo Lotte, ik had al het vermoeden dat ComboFix je documenten enz. terug zou geven!

  Open een nieuw kladblok bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:412ee41cf6]Kladblok[/b:412ee41cf6]".


  Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


  [b:412ee41cf6]
 • Zie onderstaand het logfile van de 2de scan met combofix:
  ComboFix 11-05-23.02 - Lottie 24-05-2011 15:45:55.2.2 - x86
  Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3068.1871 [GMT 2:00]
  Gestart vanuit: c:\users\Lottie\Desktop\ComboFix.exe
  gebruikte Opdracht switches :: c:\users\Lottie\Desktop\CFScript.txt
  AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
  SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
  SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  .
  FILE ::
  "c:\windows\system32\conduitengine.tmp"
  .
  .
  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  c:\program files\ConduitEngine
  c:\program files\ConduitEngine\appContextMenu.xml
  c:\program files\ConduitEngine\ConduitEngin0.dll
  c:\program files\ConduitEngine\ConduitEngine.dll
  c:\program files\ConduitEngine\ConduitEngineHelper.exe
  c:\program files\ConduitEngine\ConduitEngineUninstall.exe
  c:\program files\ConduitEngine\engineContextMenu.xml
  c:\program files\ConduitEngine\EngineSettings.json
  c:\program files\ConduitEngine\INSTALL.LOG
  c:\program files\ConduitEngine\prxConduitEngin0.dll
  c:\program files\ConduitEngine\prxConduitEngine.dll
  c:\program files\ConduitEngine\toolbar.cfg
  c:\windows\system32\conduitengine.tmp
  .
  .
  (((((((((((((((((((( Bestanden Gemaakt van 2011-04-24 to 2011-05-24 ))))))))))))))))))))))))))))))
  .
  .
  2011-05-24 13:51 . 2011-05-24 13:51 ——– d—–w- c:\users\Default\AppData\Local\temp
  2011-05-24 09:30 . 2011-05-24 09:30 ——– d—–w- c:\users\Lottie\AppData\Roaming\AVG
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\users\Lottie\AppData\Roaming\Malwarebytes
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\programdata\Malwarebytes
  2011-05-23 04:11 . 2010-12-20 16:09 38224 —-a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  2011-05-23 04:11 . 2011-05-23 04:11 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
  2011-05-23 04:11 . 2010-12-20 16:08 20952 —-a-w- c:\windows\system32\drivers\mbam.sys
  2011-05-23 04:01 . 2011-05-23 04:01 388096 —-a-r- c:\users\Lottie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
  2011-05-23 04:01 . 2011-05-23 04:01 ——– d—–w- c:\program files\Trend Micro
  2011-05-22 21:52 . 2011-05-22 17:37 16432 —-a-w- c:\windows\system32\lsdelete.exe
  2011-05-22 17:37 . 2011-05-22 17:37 98392 —-a-w- c:\windows\system32\drivers\SBREDrv.sys
  2011-05-22 17:30 . 2011-04-29 10:12 64512 —-a-w- c:\windows\system32\drivers\Lbd.sys
  2011-05-22 17:29 . 2011-05-22 17:29 ——– d—–w- c:\program files\Lavasoft
  2011-05-22 17:29 . 2011-05-22 17:30 ——– d—–w- c:\programdata\Lavasoft
  2011-05-22 16:59 . 2011-05-22 16:59 ——– d—–w- c:\windows\BDOSCAN8
  2011-05-22 11:08 . 2011-05-22 11:08 ——– d—–w- c:\programdata\WindowsSearch
  2011-05-15 11:36 . 2011-05-15 11:36 ——– d—–w- c:\program files\iPod
  2011-05-14 08:54 . 2011-05-24 10:46 ——– d—–w- c:\programdata\MFAData
  2011-05-10 20:55 . 2011-04-07 12:01 2409784 —-a-w- c:\program files\Windows Mail\OESpamFilter.dat
  2011-04-28 20:02 . 2011-03-03 15:40 28672 —-a-w- c:\windows\system32\Apphlpdm.dll
  2011-04-28 20:02 . 2011-03-03 13:35 4240384 —-a-w- c:\windows\system32\GameUXLegacyGDFs.dll
  2011-04-28 20:01 . 2011-03-12 21:55 876032 —-a-w- c:\windows\system32\XpsPrint.dll
  .
  .
  .
  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  2011-04-06 14:20 . 2011-04-06 14:20 91424 —-a-w- c:\windows\system32\dnssd.dll
  2011-04-06 14:20 . 2011-04-06 14:20 107808 —-a-w- c:\windows\system32\dns-sd.exe
  2011-03-10 17:03 . 2011-04-15 20:27 1162240 —-a-w- c:\windows\system32\mfc42u.dll
  2011-03-10 17:03 . 2011-04-15 20:26 1136640 —-a-w- c:\windows\system32\mfc42.dll
  2011-03-03 15:42 . 2011-04-15 20:26 739328 —-a-w- c:\windows\system32\inetcomm.dll
  2011-03-03 15:40 . 2011-04-28 20:02 173056 —-a-w- c:\windows\apppatch\AcXtrnal.dll
  2011-03-03 15:40 . 2011-04-28 20:02 542720 —-a-w- c:\windows\apppatch\AcLayers.dll
  2011-03-03 15:40 . 2011-04-28 20:02 458752 —-a-w- c:\windows\apppatch\AcSpecfc.dll
  2011-03-03 15:40 . 2011-04-28 20:02 2159616 —-a-w- c:\windows\apppatch\AcGenral.dll
  2011-03-03 13:25 . 2011-04-15 20:26 2041856 —-a-w- c:\windows\system32\win32k.sys
  2011-03-02 15:44 . 2011-04-15 20:26 86528 —-a-w- c:\windows\system32\dnsrslvr.dll
  .
  .
  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
  .
  .
  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
  REGEDIT4
  .
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  2011-01-17 14:54 175912 —-a-w- c:\program files\Vuze_Remote\prxtbVuz0.dll
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuz0.dll" [2011-01-17 175912]
  .
  [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
  .
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
  "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
  "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
  "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-24 1348904]
  "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-11-28 1148200]
  "TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-12-25 1316136]
  "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-12-25 189736]
  "UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-11-14 218408]
  "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224]
  "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
  "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-11-26 210216]
  "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-10-10 206128]
  "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-10-30 210216]
  "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
  "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
  "WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
  "Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
  "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
  "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-10-26 450659]
  "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
  "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
  "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
  "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
  "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
  "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  "EnableUIADesktopToggle"= 0 (0x0)
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
  @="Service"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
  @="Driver"
  .
  R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-05-16 2151128]
  R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-04-29 15232]
  R3 RTL2832UBDA;REALTEK 2832U BDA Driver;c:\windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 93344]
  R3 RTL2832UUSB;REALTEK 2832U USB Driver;c:\windows\system32\Drivers\RTL2832UUSB.sys [2009-10-26 32800]
  R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
  S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-04-29 64512]
  S2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/04/17 03:12];c:\program files\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 16:04 87536]
  S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312]
  S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe [2008-06-27 77824]
  S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
  S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
  S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-12-17 365952]
  S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-02-09 296320]
  S2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-02-09 116096]
  S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-11-19 222512]
  S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
  S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-10-23 107360]
  S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-08-28 3664384]
  .
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  bthsvcs REG_MULTI_SZ BthServ
  HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
  hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
  HPService REG_MULTI_SZ HPSLPSVC
  LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
  .
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
  ezSharedSvc
  .
  [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
  2008-06-09 08:14 451872 —-a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
  .
  .
  ——- Bijkomende Scan ——-
  .
  uStart Page = hxxp://www.nu.nl/
  mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  uInternet Settings,ProxyOverride = *.local
  IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  IE: Converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
  IE: Geselecteerde koppelingen converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  IE: Geselecteerde koppelingen converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  IE: Koppelingsdoel converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Koppelingsdoel converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  IE: Selectie converteren naar Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  IE: Selectie converteren naar bestaande PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  Trusted Zone: r-w.nl\ex
  .
  - - - - ORPHANS VERWIJDERD - - - -
  .
  BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\prxConduitEngin0.dll
  Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\ConduitEngine\prxConduitEngin0.dll
  AddRemove-conduitEngine - c:\program files\ConduitEngine\ConduitEngineUninstall.exe
  .
  .
  .
  **************************************************************************
  .
  catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  Rootkit scan 2011-05-24 15:52
  Windows 6.0.6002 Service Pack 2 NTFS
  .
  scannen van verborgen processen …
  .
  scannen van verborgen autostart items …
  .
  scannen van verborgen bestanden …
  .
  Scan succesvol afgerond
  verborgen bestanden: 0
  .
  **************************************************************************
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
  "ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\000.fcl"
  .
  ——————— VERGRENDELDE REGISTER SLEUTELS ———————
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  @Denied: (A) (Users)
  @Denied: (A) (Everyone)
  @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  "BlindDial"=dword:00000000
  .
  Voltooingstijd: 2011-05-24 15:53:47
  ComboFix-quarantined-files.txt 2011-05-24 13:53
  ComboFix2.txt 2011-05-24 10:02
  .
  Pre-Run: 399.883.161.600 bytes beschikbaar
  Post-Run: 399.917.989.888 bytes beschikbaar
  .
  - - End Of File - - D2902B0A1250FCFA2F75950A018A7F6C


  Het viel me net op dat de programma's nu wel weer zichtbaar zijn, maar dat bij de onderliggende menu's leeg zijn. Via Windows verkenner kan ik ze wel terugvinden en starten.
 • Hoi Lotte, nu graag eerst een update hoe jouw Windows heeft gereageerd op beide scans!
 • Hoi Abraham,

  Na de 2de scan geen reactie van Windows kunnen merken. Na de 1ste scan werden alle 'inactieve' icoontjes weer actief en waren bij het menu start de programma's weer zichtbaar. Als je alleen verder gaat kijken, dan zijn de mappen onder de programma headings leeg (behalve bij de bureau-accessoires en de programma's die na het verwijderen van het virus zijn verwijderd).
  de programma's zijn wel te vinden via Windows verkenner en volgens mij werken ze ook. Alleen Itunes reageert tot nu toe niet, Microsoft Office, Adobe reader en nog een aantal programma's wel.
 • Hoi Lotte, dan wil ik dat je nu eerst het volgende doet:

  [b:68a5a978a4]Welk programma[/b:68a5a978a4]: Malwarebytes MBAM
  [b:68a5a978a4]Waarvoor/waarom[/b:68a5a978a4]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware.
  [b:68a5a978a4]Moeilijkheidsgraad[/b:68a5a978a4]: geen.

  [b:68a5a978a4]Download Malwarebytes MBAM via één van deze locaties[/b:68a5a978a4]:
  [list:68a5a978a4] [*:68a5a978a4][b:68a5a978a4]Download.com[/b:68a5a978a4]
  [*:68a5a978a4][b:68a5a978a4]Softpedia.com[/b:68a5a978a4][*:68a5a978a4][b:68a5a978a4]Majorgeeks.com[/b:68a5a978a4][/list:u:68a5a978a4]
  [b:68a5a978a4]Allereerst[/b:68a5a978a4]:[list:68a5a978a4][*:68a5a978a4] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus.
  [*:68a5a978a4] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:68a5a978a4]
  [b:68a5a978a4]Malwarebytes MBAM opstarten[/b:68a5a978a4]:
  Windows 2000 en Windows XP: start MBAM middels dubbelklik op de snelkoppeling.
  Windows Vista en Windows 7: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.

  [b:68a5a978a4]Scannen[/b:68a5a978a4]:
  [list:68a5a978a4][*:68a5a978a4] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'.
  [*:68a5a978a4]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'.
  [*:68a5a978a4]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:68a5a978a4]
  [b:68a5a978a4]Infecties gevonden[/b:68a5a978a4]:
  [list:68a5a978a4][*:68a5a978a4]Klik nu eerst op OK om de melding weg te klikken
  [*:68a5a978a4]Klik vervolgens rechtsonder op de knop Bekijk resultaten.
  [*:68a5a978a4]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde.
  [*:68a5a978a4]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  [*:68a5a978a4]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken!
  [*:68a5a978a4]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:68a5a978a4]
  [b:68a5a978a4]MBAM-Log[/b:68a5a978a4]:
  [list:68a5a978a4][*:68a5a978a4] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:68a5a978a4]
  [b:68a5a978a4]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:68a5a978a4]
 • MBAM scan uitgevoerd, geen infecties gevonden:

  Malwarebytes' Anti-Malware 1.50.1.1100
  www.malwarebytes.org

  Databaseversie: 6647

  Windows 6.0.6002 Service Pack 2
  Internet Explorer 9.0.8112.16421

  24-5-2011 20:37:13
  mbam-log-2011-05-24 (20-37-13).txt

  Scantype: Snelle scan
  Objecten gescand: 163506
  Verstreken tijd: 3 minuut/minuten, 50 seconde(n)

  Geheugenprocessen geïnfecteerd: 0
  Geheugenmodulen geïnfecteerd: 0
  Registersleutels geïnfecteerd: 0
  Registerwaarden geïnfecteerd: 0
  Registerdata geïnfecteerd: 0
  Mappen geïnfecteerd: 0
  Bestanden geïnfecteerd: 0

  Geheugenprocessen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Geheugenmodulen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registersleutels geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerwaarden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Registerdata geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Mappen geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)

  Bestanden geïnfecteerd:
  (Geen kwaadaardige objecten gedetecteerd)
 • Hoi Lotte, dan de volgende scan:

  [b:28ecb8ab0d]Welk programma[/b:28ecb8ab0d]: Kaspersky [b:28ecb8ab0d]TDSSKiller[/b:28ecb8ab0d]
  [b:28ecb8ab0d]Waarvoor/waarom[/b:28ecb8ab0d]: Rootkitscanner
  [b:28ecb8ab0d]Moeilijkheidsgraad[/b:28ecb8ab0d]: geen
  [b:28ecb8ab0d]Downloadlokatie[/b:28ecb8ab0d]: Dit programma absoluut naar het bureaublad downloaden of anders daar naar toe verplaatsen!
  [b:28ecb8ab0d]Download[/b:28ecb8ab0d] [b:28ecb8ab0d]TDSSKiller[/b:28ecb8ab0d] [b:28ecb8ab0d]hier[/b:28ecb8ab0d].

  [b:28ecb8ab0d]Installatie[/b:28ecb8ab0d]:
  [list:28ecb8ab0d][*:28ecb8ab0d] pak het bestand uit op je bureaublad.[/list:u:28ecb8ab0d]

  [b:28ecb8ab0d]TDSSKiller gebruiken[/b:28ecb8ab0d]:
  [list:28ecb8ab0d][*:28ecb8ab0d]Windows 2000 en Windows XP: start "TDSSKiller" middels dubbelklik op TDSSKiller.exe.
  [*:28ecb8ab0d]Windows Vista en Windows 7: start "TDSSKiller" middels rechtsklik op TDSSKiller.exe en dan kiezen voor [b:28ecb8ab0d]Als Administrator uitvoeren[/b:28ecb8ab0d].
  [*:28ecb8ab0d] Nadat de scan klaar is, vindt je het log in de C:\ partitie
  [*:28ecb8ab0d] Post de inhoud van dat log[/list:u:28ecb8ab0d]
 • Log van de TDSSkiller:

  2011/05/24 21:21:42.0845 4604 TDSS rootkit removing tool 2.5.2.0 May 24 2011 11:01:23
  2011/05/24 21:21:42.0972 4604 ================================================================================
  2011/05/24 21:21:42.0972 4604 SystemInfo:
  2011/05/24 21:21:42.0972 4604
  2011/05/24 21:21:42.0973 4604 OS Version: 6.0.6002 ServicePack: 2.0
  2011/05/24 21:21:42.0973 4604 Product type: Workstation
  2011/05/24 21:21:42.0973 4604 ComputerName: LAPTOPLOTTIE
  2011/05/24 21:21:42.0973 4604 UserName: Lottie
  2011/05/24 21:21:42.0973 4604 Windows directory: C:\Windows
  2011/05/24 21:21:42.0973 4604 System windows directory: C:\Windows
  2011/05/24 21:21:42.0973 4604 Processor architecture: Intel x86
  2011/05/24 21:21:42.0973 4604 Number of processors: 2
  2011/05/24 21:21:42.0973 4604 Page size: 0x1000
  2011/05/24 21:21:42.0973 4604 Boot type: Normal boot
  2011/05/24 21:21:42.0973 4604 ================================================================================
  2011/05/24 21:21:43.0959 4604 Initialize success
  2011/05/24 21:21:47.0798 4368 ================================================================================
  2011/05/24 21:21:47.0798 4368 Scan started
  2011/05/24 21:21:47.0798 4368 Mode: Manual;
  2011/05/24 21:21:47.0798 4368 ================================================================================
  2011/05/24 21:21:49.0089 4368 Accelerometer (3b10711ad8656c097e0d16a41b29c54c) C:\Windows\system32\DRIVERS\Accelerometer.sys
  2011/05/24 21:21:49.0219 4368 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
  2011/05/24 21:21:49.0363 4368 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
  2011/05/24 21:21:49.0470 4368 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
  2011/05/24 21:21:49.0557 4368 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
  2011/05/24 21:21:49.0654 4368 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
  2011/05/24 21:21:49.0812 4368 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
  2011/05/24 21:21:49.0938 4368 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
  2011/05/24 21:21:50.0058 4368 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
  2011/05/24 21:21:50.0143 4368 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
  2011/05/24 21:21:50.0244 4368 aliide (3d76fda1a10acc3dc84728f55c29b6d4) C:\Windows\system32\drivers\aliide.sys
  2011/05/24 21:21:50.0360 4368 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
  2011/05/24 21:21:50.0462 4368 amdide (5b92e7839f5a1fbc1b39de67758ad6f8) C:\Windows\system32\drivers\amdide.sys
  2011/05/24 21:21:50.0587 4368 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
  2011/05/24 21:21:50.0689 4368 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
  2011/05/24 21:21:50.0829 4368 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
  2011/05/24 21:21:50.0940 4368 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
  2011/05/24 21:21:51.0050 4368 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
  2011/05/24 21:21:51.0157 4368 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
  2011/05/24 21:21:51.0372 4368 atikmdag (96f5eea88f9146f5f803ad20c4264565) C:\Windows\system32\DRIVERS\atikmdag.sys
  2011/05/24 21:21:51.0595 4368 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
  2011/05/24 21:21:51.0715 4368 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
  2011/05/24 21:21:51.0857 4368 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
  2011/05/24 21:21:51.0981 4368 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
  2011/05/24 21:21:52.0082 4368 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
  2011/05/24 21:21:52.0205 4368 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
  2011/05/24 21:21:52.0310 4368 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
  2011/05/24 21:21:52.0423 4368 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
  2011/05/24 21:21:52.0523 4368 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
  2011/05/24 21:21:52.0818 4368 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
  2011/05/24 21:21:52.0936 4368 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
  2011/05/24 21:21:53.0032 4368 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
  2011/05/24 21:21:53.0134 4368 BTHPORT (5a3abaa2f8eece7aefb942773766e3db) C:\Windows\system32\Drivers\BTHport.sys
  2011/05/24 21:21:53.0236 4368 BTHUSB (94e2941280e3756a5e0bcb467865c43a) C:\Windows\system32\Drivers\BTHUSB.sys
  2011/05/24 21:21:53.0369 4368 btwaudio (229b2c1e776062a4033305d5a9d6e28d) C:\Windows\system32\drivers\btwaudio.sys
  2011/05/24 21:21:53.0476 4368 btwavdt (97062053359f6908e1fb2791bfa54734) C:\Windows\system32\drivers\btwavdt.sys
  2011/05/24 21:21:53.0607 4368 btwrchid (d9269b0e3e3cf46d677fd071a40fe6cd) C:\Windows\system32\DRIVERS\btwrchid.sys
  2011/05/24 21:21:53.0714 4368 BVRPMPR5 (6598d078d5446197aed6b46c6a2a3431) C:\Windows\system32\drivers\BVRPMPR5.SYS
  2011/05/24 21:21:53.0898 4368 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
  2011/05/24 21:21:54.0018 4368 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
  2011/05/24 21:21:54.0122 4368 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
  2011/05/24 21:21:54.0215 4368 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
  2011/05/24 21:21:54.0355 4368 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
  2011/05/24 21:21:54.0458 4368 cmdide (d36372a6ea6805efbe8884d10772313f) C:\Windows\system32\drivers\cmdide.sys
  2011/05/24 21:21:54.0592 4368 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
  2011/05/24 21:21:54.0715 4368 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
  2011/05/24 21:21:54.0825 4368 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
  2011/05/24 21:21:54.0978 4368 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
  2011/05/24 21:21:55.0147 4368 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
  2011/05/24 21:21:55.0274 4368 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
  2011/05/24 21:21:55.0393 4368 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
  2011/05/24 21:21:55.0502 4368 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
  2011/05/24 21:21:55.0620 4368 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
  2011/05/24 21:21:55.0759 4368 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
  2011/05/24 21:21:55.0864 4368 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
  2011/05/24 21:21:56.0018 4368 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
  2011/05/24 21:21:56.0137 4368 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
  2011/05/24 21:21:56.0266 4368 enecir (004b2ea6cc2598ec5f0552e43ce29cef) C:\Windows\system32\DRIVERS\enecir.sys
  2011/05/24 21:21:56.0364 4368 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
  2011/05/24 21:21:56.0519 4368 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
  2011/05/24 21:21:56.0643 4368 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
  2011/05/24 21:21:56.0774 4368 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
  2011/05/24 21:21:56.0880 4368 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
  2011/05/24 21:21:56.0978 4368 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
  2011/05/24 21:21:57.0086 4368 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
  2011/05/24 21:21:57.0216 4368 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
  2011/05/24 21:21:57.0338 4368 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
  2011/05/24 21:21:57.0434 4368 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
  2011/05/24 21:21:57.0563 4368 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
  2011/05/24 21:21:57.0701 4368 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
  2011/05/24 21:21:57.0834 4368 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
  2011/05/24 21:21:57.0925 4368 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
  2011/05/24 21:21:58.0032 4368 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
  2011/05/24 21:21:58.0130 4368 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
  2011/05/24 21:21:58.0232 4368 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
  2011/05/24 21:21:58.0326 4368 hpdskflt (24f3f496c18efc234777723a67a85f81) C:\Windows\system32\DRIVERS\hpdskflt.sys
  2011/05/24 21:21:58.0447 4368 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
  2011/05/24 21:21:58.0602 4368 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
  2011/05/24 21:21:58.0738 4368 hwdatacard (19e6885a061011d8dabe8f64498423fa) C:\Windows\system32\DRIVERS\ewusbmdm.sys
  2011/05/24 21:21:58.0853 4368 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
  2011/05/24 21:21:58.0976 4368 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
  2011/05/24 21:21:59.0078 4368 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
  2011/05/24 21:21:59.0186 4368 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
  2011/05/24 21:21:59.0306 4368 intelide (dd512a049bd7b4bce8a83554c5eff2c1) C:\Windows\system32\drivers\intelide.sys
  2011/05/24 21:21:59.0412 4368 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
  2011/05/24 21:21:59.0528 4368 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
  2011/05/24 21:21:59.0724 4368 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
  2011/05/24 21:21:59.0823 4368 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
  2011/05/24 21:21:59.0946 4368 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
  2011/05/24 21:21:59.0984 4368 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
  2011/05/24 21:22:00.0082 4368 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
  2011/05/24 21:22:00.0161 4368 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
  2011/05/24 21:22:00.0266 4368 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
  2011/05/24 21:22:00.0358 4368 JMCR (ab772e9cc29c29f59cb4b75f9d6f3f96) C:\Windows\system32\DRIVERS\jmcr.sys
  2011/05/24 21:22:00.0442 4368 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
  2011/05/24 21:22:00.0552 4368 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
  2011/05/24 21:22:00.0669 4368 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
  2011/05/24 21:22:00.0809 4368 Lavasoft Kernexplorer (6c4a3804510ad8e0f0c07b5be3d44ddb) C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
  2011/05/24 21:22:00.0933 4368 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys
  2011/05/24 21:22:01.0049 4368 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
  2011/05/24 21:22:01.0164 4368 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
  2011/05/24 21:22:01.0254 4368 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
  2011/05/24 21:22:01.0347 4368 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
  2011/05/24 21:22:01.0443 4368 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
  2011/05/24 21:22:01.0544 4368 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
  2011/05/24 21:22:01.0653 4368 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
  2011/05/24 21:22:01.0752 4368 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
  2011/05/24 21:22:01.0847 4368 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
  2011/05/24 21:22:01.0934 4368 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
  2011/05/24 21:22:02.0021 4368 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
  2011/05/24 21:22:02.0116 4368 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
  2011/05/24 21:22:02.0201 4368 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
  2011/05/24 21:22:02.0292 4368 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
  2011/05/24 21:22:02.0391 4368 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
  2011/05/24 21:22:02.0514 4368 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
  2011/05/24 21:22:02.0626 4368 mrxsmb (5fe5cf325f5b02ebc60832d3440cb414) C:\Windows\system32\DRIVERS\mrxsmb.sys
  2011/05/24 21:22:02.0766 4368 mrxsmb10 (30b9c769446af379a2afb72b0392604d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
  2011/05/24 21:22:02.0890 4368 mrxsmb20 (fea239b3ec4877e2b7e23204af589ddf) C:\Windows\system32\DRIVERS\mrxsmb20.sys
  2011/05/24 21:22:03.0009 4368 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
  2011/05/24 21:22:03.0096 4368 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
  2011/05/24 21:22:03.0212 4368 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
  2011/05/24 21:22:03.0318 4368 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
  2011/05/24 21:22:03.0433 4368 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
  2011/05/24 21:22:03.0524 4368 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
  2011/05/24 21:22:03.0624 4368 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
  2011/05/24 21:22:03.0762 4368 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
  2011/05/24 21:22:03.0862 4368 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
  2011/05/24 21:22:03.0946 4368 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
  2011/05/24 21:22:04.0065 4368 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
  2011/05/24 21:22:04.0209 4368 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
  2011/05/24 21:22:04.0338 4368 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
  2011/05/24 21:22:04.0431 4368 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
  2011/05/24 21:22:04.0514 4368 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
  2011/05/24 21:22:04.0666 4368 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
  2011/05/24 21:22:04.0759 4368 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
  2011/05/24 21:22:04.0864 4368 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
  2011/05/24 21:22:04.0985 4368 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
  2011/05/24 21:22:05.0168 4368 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
  2011/05/24 21:22:05.0389 4368 NETw5v32 (ba420e8ebfcad35581fe8e4c64f71469) C:\Windows\system32\DRIVERS\NETw5v32.sys
  2011/05/24 21:22:05.0545 4368 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
  2011/05/24 21:22:05.0681 4368 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
  2011/05/24 21:22:05.0808 4368 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
  2011/05/24 21:22:05.0955 4368 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
  2011/05/24 21:22:06.0066 4368 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
  2011/05/24 21:22:06.0163 4368 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
  2011/05/24 21:22:06.0249 4368 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
  2011/05/24 21:22:06.0340 4368 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
  2011/05/24 21:22:06.0439 4368 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
  2011/05/24 21:22:06.0725 4368 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
  2011/05/24 21:22:06.0854 4368 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
  2011/05/24 21:22:06.0976 4368 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
  2011/05/24 21:22:07.0062 4368 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
  2011/05/24 21:22:07.0172 4368 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
  2011/05/24 21:22:07.0263 4368 pciide (1d8b3d8df8eb7fcf2f0ac02f9f947802) C:\Windows\system32\drivers\pciide.sys
  2011/05/24 21:22:07.0364 4368 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
  2011/05/24 21:22:07.0495 4368 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
  2011/05/24 21:22:07.0656 4368 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
  2011/05/24 21:22:07.0779 4368 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
  2011/05/24 21:22:07.0901 4368 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
  2011/05/24 21:22:08.0019 4368 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
  2011/05/24 21:22:08.0153 4368 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
  2011/05/24 21:22:08.0246 4368 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
  2011/05/24 21:22:08.0349 4368 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
  2011/05/24 21:22:08.0444 4368 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
  2011/05/24 21:22:08.0539 4368 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
  2011/05/24 21:22:08.0674 4368 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
  2011/05/24 21:22:08.0811 4368 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
  2011/05/24 21:22:08.0934 4368 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
  2011/05/24 21:22:09.0032 4368 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
  2011/05/24 21:22:09.0140 4368 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
  2011/05/24 21:22:09.0238 4368 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
  2011/05/24 21:22:09.0371 4368 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
  2011/05/24 21:22:09.0503 4368 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
  2011/05/24 21:22:09.0620 4368 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
  2011/05/24 21:22:09.0740 4368 RTL2832UBDA (9f9acc7e0c86d7f2e29fcb6f949173e1) C:\Windows\system32\drivers\RTL2832UBDA.sys
  2011/05/24 21:22:09.0885 4368 RTL2832UUSB (ad5774a01bd623b4e2ef42b82b13a3f0) C:\Windows\system32\Drivers\RTL2832UUSB.sys
  2011/05/24 21:22:09.0997 4368 RTL8169 (174b9514cd1a0c33ce4bbc02a3c81a62) C:\Windows\system32\DRIVERS\Rtlh86.sys
  2011/05/24 21:22:10.0098 4368 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
  2011/05/24 21:22:10.0218 4368 sdbus (126ea89bcc413ee45e3004fb0764888f) C:\Windows\system32\DRIVERS\sdbus.sys
  2011/05/24 21:22:10.0316 4368 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
  2011/05/24 21:22:10.0416 4368 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
  2011/05/24 21:22:10.0519 4368 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
  2011/05/24 21:22:10.0640 4368 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
  2011/05/24 21:22:10.0779 4368 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
  2011/05/24 21:22:10.0881 4368 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
  2011/05/24 21:22:10.0978 4368 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
  2011/05/24 21:22:11.0073 4368 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
  2011/05/24 21:22:11.0184 4368 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
  2011/05/24 21:22:11.0282 4368 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
  2011/05/24 21:22:11.0370 4368 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
  2011/05/24 21:22:11.0506 4368 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
  2011/05/24 21:22:11.0634 4368 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
  2011/05/24 21:22:11.0783 4368 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
  2011/05/24 21:22:11.0903 4368 srv2 (a5940ca32ed206f90be9fabdf6e92de4) C:\Windows\system32\DRIVERS\srv2.sys
  2011/05/24 21:22:12.0021 4368 srvnet (37aa1d560d5fa486c4b11c2f276ada61) C:\Windows\system32\DRIVERS\srvnet.sys
  2011/05/24 21:22:12.0156 4368 STHDA (84c78b53838bdec2b0853adc782cd5de) C:\Windows\system32\DRIVERS\stwrt.sys
  2011/05/24 21:22:12.0280 4368 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
  2011/05/24 21:22:12.0383 4368 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
  2011/05/24 21:22:12.0485 4368 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
  2011/05/24 21:22:12.0578 4368 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
  2011/05/24 21:22:12.0678 4368 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
  2011/05/24 21:22:12.0810 4368 SynTP (a94629c2c456a6d002556563d6b8ad1a) C:\Windows\system32\DRIVERS\SynTP.sys
  2011/05/24 21:22:12.0984 4368 Tcpip (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
  2011/05/24 21:22:13.0129 4368 Tcpip6 (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
  2011/05/24 21:22:13.0244 4368 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
  2011/05/24 21:22:13.0351 4368 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
  2011/05/24 21:22:13.0462 4368 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
  2011/05/24 21:22:13.0585 4368 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
  2011/05/24 21:22:13.0692 4368 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
  2011/05/24 21:22:13.0847 4368 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
  2011/05/24 21:22:13.0954 4368 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
  2011/05/24 21:22:14.0089 4368 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
  2011/05/24 21:22:14.0209 4368 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
  2011/05/24 21:22:14.0336 4368 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
  2011/05/24 21:22:14.0456 4368 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
  2011/05/24 21:22:14.0568 4368 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
  2011/05/24 21:22:14.0679 4368 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
  2011/05/24 21:22:14.0781 4368 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
  2011/05/24 21:22:14.0901 4368 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
  2011/05/24 21:22:15.0030 4368 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\Windows\system32\Drivers\usbaapl.sys
  2011/05/24 21:22:15.0147 4368 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
  2011/05/24 21:22:15.0252 4368 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
  2011/05/24 21:22:15.0347 4368 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
  2011/05/24 21:22:15.0457 4368 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
  2011/05/24 21:22:15.0562 4368 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
  2011/05/24 21:22:15.0668 4368 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
  2011/05/24 21:22:15.0775 4368 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
  2011/05/24 21:22:15.0874 4368 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
  2011/05/24 21:22:15.0975 4368 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
  2011/05/24 21:22:16.0104 4368 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
  2011/05/24 21:22:16.0246 4368 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
  2011/05/24 21:22:16.0343 4368 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
  2011/05/24 21:22:16.0436 4368 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
  2011/05/24 21:22:16.0533 4368 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
  2011/05/24 21:22:16.0646 4368 viaide (ea1aa6e3abb3c194feba12a46de8cf2c) C:\Windows\system32\drivers\viaide.sys
  2011/05/24 21:22:16.0850 4368 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
  2011/05/24 21:22:16.0971 4368 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
  2011/05/24 21:22:17.0056 4368 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
  2011/05/24 21:22:17.0135 4368 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
  2011/05/24 21:22:17.0250 4368 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
  2011/05/24 21:22:17.0339 4368 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
  2011/05/24 21:22:17.0354 4368 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
  2011/05/24 21:22:17.0467 4368 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
  2011/05/24 21:22:17.0573 4368 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
  2011/05/24 21:22:17.0784 4368 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
  2011/05/24 21:22:17.0926 4368 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
  2011/05/24 21:22:18.0040 4368 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
  2011/05/24 21:22:18.0187 4368 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
  2011/05/24 21:22:18.0316 4368 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
  2011/05/24 21:22:18.0411 4368 {55662437-DA8C-40c0-AADA-2C816A897A49} (556b5cfe8d21b256add7f87d7f4b4123) C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
  2011/05/24 21:22:18.0452 4368 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
  2011/05/24 21:22:18.0460 4368 ================================================================================
  2011/05/24 21:22:18.0460 4368 Scan finished
  2011/05/24 21:22:18.0460 4368 ================================================================================
  2011/05/24 21:22:18.0478 3344 Detected object count: 0
  2011/05/24 21:22:18.0478 3344 Actual detected object count: 0
 • Mooi log, geen TDL-rootkitvariant!

  Heb je alweer een antivirusprogramma geïnstalleerd?


  Avast 6\2011 Free is de enigste, die een aantal onderdelen aan boord heeft, die je verder alleen aantreft bij betaalde antivirusprogramma's.

  Avast speelt hier dus duidelijk op de nieuwe bedreigingen van het internet in!
  Bovendien merk je nauwelijks, dat Avast draait!
  Ook heeft Avast een "zandbox" aan boord, waarin je veilig programma's kan testen!

  [b:e2a6aada44]Downloadlink Avast 6 Free[/b:e2a6aada44]

  Andere gratis alternatieven:

  [b:e2a6aada44]Panda Cloud Antivirus[/b:e2a6aada44] - downloadlink
  [b:e2a6aada44]AVG Free 2011[/b:e2a6aada44] - downloadlink
  [b:e2a6aada44]Avira Antivir[/b:e2a6aada44] - downloadlink
  [b:e2a6aada44]Microsoft Security Essentials[/b:e2a6aada44] - downloadlink


  Welke je ook kiest, laat je keuze na updaten een volledige systeemscan doen en post daarna een nieuw Hijack This-log


  De rangschikking van de programma's is gedaan naar ratio van de beveiliging en herkenning van malware.
 • De scan met Avast ging goed - geen bedreiging gevonden. Dit is de logfile van Hijack na de scan:

  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 23:22:42, on 24-5-2011
  Platform: Windows Vista SP2 (WinNT 6.00.1906)
  MSIE: Internet Explorer v9.00 (9.00.8112.16421)
  Boot mode: Normal

  Running processes:
  C:\Windows\system32\Dwm.exe
  C:\Windows\Explorer.EXE
  C:\Windows\system32\taskeng.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
  C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
  C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
  C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
  C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
  C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
  C:\Program Files\IDT\WDM\sttray.exe
  C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
  C:\Program Files\Common Files\Java\Java Update\jusched.exe
  C:\Program Files\iTunes\iTunesHelper.exe
  C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
  C:\Windows\ehome\ehtray.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Windows\ehome\ehmsas.exe
  C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
  C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
  C:\Windows\system32\conime.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\AVAST Software\Avast\AvastUI.exe
  C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=91&bd=Pavilion&pf=cnnb
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
  O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
  O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
  O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
  O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuz0.dll
  O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
  O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
  O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
  O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
  O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
  O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
  O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
  O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
  O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
  O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
  O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
  O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
  O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
  O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
  O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
  O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
  O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
  O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
  O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
  O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
  O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
  O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
  O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
  O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
  O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
  O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
  O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
  O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v911/Navigram.cab
  O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
  O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
  O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
  O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
  O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
  O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
  O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe
  O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
  O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
  O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
  O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
  O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
  O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
  O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
  O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
  O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe
  O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
  O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


  End of file - 13986 bytes
 • Hoi Lotte, dat ziet er goed uit - zo te zien is AVG goed verwijdert.

  Hoe draait jou Windows nu en als ex-AVG gebruikster, hoe bevalt nu Avast?
 • Op zich op ik weinig gemerkt van AVG, pas toen het dit virus niet tegenhield terwijl ik net de upgrade naar 2011 had uitgevoerd. Het verwijderen van AVG viel me wel tegen, ik hou niet zo van programma's die zich niet willen laten verwijderen. Avast werkt nu stilletjes op de achtergrond, dus dat bevalt prima.
 • Heb jij Avast inmiddels een volledige systeemscan laten doen?

  Zoja, heeft Avast dan nog wat gevonden?
 • Ja, Avast heeft een volledige scan uitgevoerd en gelukkig niets kunnen vinden. Nu moet ik alleen het programma menu zien te herstellen, de rest werkt weer.
 • Hoi Lotte, misschien wil dit daarbij helpen:

  ga naar [b:3ca5acacc8]Start[/b:3ca5acacc8] en typ [in de zoekregel [b:3ca5acacc8]cmd[/b:3ca5acacc8]; bovenaan het startmenu zie je nu de betreffende snelkoppeling.
  Klik deze snelkoppeling met rechts aan en kies voor [b:3ca5acacc8]Als administrator uitvoeren[/b:3ca5acacc8].

  In het zwarte venster typ je nu [b:3ca5acacc8]sfc /scannow[/b:3ca5acacc8] gevolgd door indrukken van de Entertoets.

  Denk wel aan de spatie na 'sfc'.
  In het zwarte venster zie nu de voortgang van de scan.

  Is de scan klaar, typ je [b:3ca5acacc8]Exit[/b:3ca5acacc8] gevolgd door indrukken van de Entertoets.


  SFC (SystemFileChecker) houdt in dat systeembestanden gecontroleerd worden op juist funktioneren, zonodig volgt reparatie.


  Let goed op de laatste meldingen in het venster: indien aangegeven wordt, dat herstel afhankelijk is van opnieuw opstarten, doe dit dan.
 • Ik heb de scan uitgevoerd en er zijn een aantal beschadigde bestanden gevonden die niet gerepareerd kunnen worden. ik weet niet of je er wat aan hebt, maar dit is het logfile:

  2011-05-24 23:29:42, Info CBS Archived log file: C:\Windows\Logs\CBS\CBS.log to: C:\Windows\Logs\CBS\CBS.persist.log
  2011-05-24 23:29:42, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
  2011-05-24 23:29:42, Info CSI 00000001@2011/5/24:21:29:42.371 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x7432854e @0x743063a1 @0xb41392 @0xb41ed4 @0xb417cb)
  2011-05-24 23:29:42, Info CSI 00000002@2011/5/24:21:29:42.387 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x7435e7b6 @0x74340f93 @0xb41392 @0xb41ed4 @0xb417cb)
  2011-05-24 23:29:42, Info CSI 00000003@2011/5/24:21:29:42.387 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6df88a50 @0x742e1a0d @0x742e1794 @0xb4360b @0xb42be3 @0xb417cb)
  2011-05-24 23:29:42, Info CBS NonStart: Checking to ensure startup processing was not required.
  2011-05-24 23:29:42, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xf4ff20
  2011-05-24 23:29:42, Info CBS NonStart: Success, startup processing not required as expected.
  2011-05-24 23:29:42, Info CSI 00000005 CSI Store 3201744 (0x0030dad0) initialized
  2011-05-24 23:29:42, Info CBS Session: 30153305:2983182720 initialized.
  2011-05-24 23:29:42, Info CBS Session: 30153305:2983182720 finalized. Reboot required: no
  2011-05-25 07:51:40, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
  2011-05-25 07:51:40, Info CSI 00000001@2011/5/25:05:51:40.425 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6cb7854e @0x6cb563a1 @0xac1392 @0xac1ed4 @0xac17cb)
  2011-05-25 07:51:40, Info CSI 00000002@2011/5/25:05:51:40.643 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6cbae7b6 @0x6cb90f93 @0xac1392 @0xac1ed4 @0xac17cb)
  2011-05-25 07:51:40, Info CSI 00000003@2011/5/25:05:51:40.659 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x6c698a50 @0x6c9a1a0d @0x6c9a1794 @0xac360b @0xac2be3 @0xac17cb)
  2011-05-25 07:51:40, Info CBS NonStart: Checking to ensure startup processing was not required.
  2011-05-25 07:51:40, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xc5fc70
  2011-05-25 07:51:40, Info CBS NonStart: Success, startup processing not required as expected.
  2011-05-25 07:51:41, Info CSI 00000005 CSI Store 2939600 (0x002cdad0) initialized
  2011-05-25 07:51:41, Info CBS Session: 30153375:3525527472 initialized.
  2011-05-25 07:54:14, Info CBS Session: 30153375:3525527472 finalized. Reboot required: no
  2011-05-25 08:01:40, Info CBS Scavenge: Package store indicates there is no component to scavenge, skipping.
  2011-05-25 19:25:12, Info CBS Loaded Servicing Stack v6.0.6002.18005 with Core: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\cbscore.dll
  2011-05-25 19:25:12, Info CSI 00000001@2011/5/25:17:25:12.781 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x5fee854e @0x5fec63a1 @0xac1392 @0xac1ed4 @0xac17cb)
  2011-05-25 19:25:12, Info CSI 00000002@2011/5/25:17:25:12.797 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x5ff1e7b6 @0x5ff00f93 @0xac1392 @0xac1ed4 @0xac17cb)
  2011-05-25 19:25:12, Info CSI 00000003@2011/5/25:17:25:12.797 WcpInitialize (wcp.dll version 0.0.0.5) called (stack @0x5f1d8a50 @0x73401a0d @0x73401794 @0xac360b @0xac2be3 @0xac17cb)
  2011-05-25 19:25:12, Info CBS NonStart: Checking to ensure startup processing was not required.
  2011-05-25 19:25:12, Info CSI 00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xe7fc14
  2011-05-25 19:25:12, Info CBS NonStart: Success, startup processing not required as expected.
  2011-05-25 19:25:12, Info CSI 00000005 CSI Store 2480848 (0x0025dad0) initialized
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027432288 initialized.
  2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027432288 finalized. Reboot required: no
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027588288 initialized.
  2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027588288 finalized. Reboot required: no
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027744288 initialized.
  2011-05-25 19:25:12, Info CBS Read out cached package applicability for package: WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~x86~~7.4.7600.226, ApplicableState: 7, CurrentState:7
  2011-05-25 19:25:12, Info CBS Session: 30153472:3027744288 finalized. Reboot required: no
  2011-05-25 19:25:35, Info CBS Session: 30153472:3254336288 initialized.
  2011-05-25 19:25:35, Info CBS Session: 30153472:3254336288 finalized. Reboot required: no
  2011-05-25 19:25:35, Info CBS Session: 30153472:3254336289 initialized.
  2011-05-25 19:25:35, Info CBS Session: 30153472:3254336289 finalized. Reboot required: no
  2011-05-25 19:25:36, Info CBS Session: 30153472:3267752288 initialized.
  2011-05-25 19:25:36, Info CBS Session: 30153472:3267752288 finalized. Reboot required: no
  2011-05-25 19:25:36, Info CBS Session: 30153472:3267752289 initialized.
  2011-05-25 19:25:37, Info CBS Session: 30153472:3267752289 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3584604288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Package_for_KB2378111~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3584604288 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586320288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586320288 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586476288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-WPD7IP-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18112, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586476288 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586476289 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-DGT-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18107, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586476289 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586632288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Microsoft-Windows-UIRibbon-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18108, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3586632288 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3587256288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~lt-LT~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:08, Info CBS Session: 30153472:3587256288 finalized. Reboot required: no
  2011-05-25 19:26:08, Info CBS Session: 30153472:3587412288 initialized.
  2011-05-25 19:26:08, Info CBS Read out cached package applicability for package: Package_for_KB2345886~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:08, Info CBS Session: 30153472:3587412288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3589440288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB981322~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3589440288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3589596288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2423089~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3589596288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591000288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB977864~31bf3856ad364e35~x86~~6.1.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591000288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB974307~31bf3856ad364e35~x86~~6.1.1.2, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156289 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB966315~31bf3856ad364e35~x86~~6.1.1.2, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156289 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156290 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB972270~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591156290 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591312288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB979910~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591312288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591624288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB971961~31bf3856ad364e35~x86~~8.0.1.1, ApplicableState: 0, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591624288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591780288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2443685~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3591780288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3594900288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2207566~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3594900288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~x86~~6.0.14.0, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368289 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB947821~31bf3856ad364e35~x86~~6.0.12.0, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368289 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368290 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~hr-HR~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595368290 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595680288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2524375~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3595680288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3597708288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2507618~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3597708288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598020288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2508429~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598020288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598020289 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB946253~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598020289 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598176288 initialized.
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598176288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598176289 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2419640~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598176289 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598332288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB982480~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598332288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598488288 initialized.
  2011-05-25 19:26:09, Info CBS Read out cached package applicability for package: Package_for_KB2506223~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598488288 finalized. Reboot required: no
  2011-05-25 19:26:09, Info CBS Session: 30153472:3598800288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB967723~31bf3856ad364e35~x86~~6.0.1.7, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3598800288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602076288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2511455~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602076288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602232288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB970710~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602232288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602388288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB973687~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602388288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602388289 initialized.
  2011-05-25 19:26:10, Info CBS Session: 30153472:3602388289 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3603012288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2393802~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3603012288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3603168288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB975467~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3603168288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604104288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2506212~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604104288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604260288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB978542~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604260288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604416288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-Webservices-Package-TopLevel~31bf3856ad364e35~amd64~~6.0.6001.18302, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604416288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604416289 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-Webservices-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6001.18302, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604416289 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604572288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-AutomationAPI-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6002.18156, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604572288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604572289 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-WPD7IP-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18112, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604572289 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604728288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-DGT-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18107, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604728288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604728289 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Microsoft-Windows-UIRibbon-Package-TopLevel~31bf3856ad364e35~x86~~7.0.6002.18108, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604728289 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604884288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB982665~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3604884288 finalized. Reboot required: no
  2011-05-25 19:26:10, Info CBS Session: 30153472:3605040288 initialized.
  2011-05-25 19:26:10, Info CBS Read out cached package applicability for package: Package_for_KB2117917~31bf3856ad364e35~x86~~6.0.1.5, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:10, Info CBS Session: 30153472:3605040288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660108288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~nb-NO~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660108288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB968816~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981332~31bf3856ad364e35~x86~~8.0.1.0, ApplicableState: 0, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264290 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971737~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660264290 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660420288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_1_for_KB925028~31bf3856ad364e35~x86~~6.0.0.1, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660420288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660732288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~zh-TW~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660732288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660732289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2509553~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660732289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660888288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~hu-HU~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3660888288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981550~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979482~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512290 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2510581~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661512290 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661668288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981349~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661668288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661668289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB973507~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661668289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661824288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979687~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661824288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661980288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB980842~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3661980288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662292288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2416470~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662292288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2483614~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2492386~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916290 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2347290~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3662916290 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663228288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975254~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663228288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663384288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971657~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663384288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663384289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982132~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663384289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663540288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2449742~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663540288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663852288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979744~31bf3856ad364e35~x86~~6.0.2.0, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3663852288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664008288 initialized.
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664008288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664008289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB971029~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664008289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664944288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2481109~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664944288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664944289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB976662~31bf3856ad364e35~x86~~8.0.1.0, ApplicableState: 0, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3664944289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665100288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2478935~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665100288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665256288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982666~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665256288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665412288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2508272~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665412288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665412289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_1_for_KB929399~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: -17, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665412289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665568288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB981997~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665568288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665568289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~de-DE~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665568289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665724288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~he-IL~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665724288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665724289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~en-US~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665724289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665880288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB905866~31bf3856ad364e35~x86~~6.0.48.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3665880288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666036288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~sl-SI~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666036288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666036289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB976470~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666036289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666192288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975558~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666192288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666192289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2503658~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666192289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666504288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~nl-NL~6.0.1.18000, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666504288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666504289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~es-ES~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666504289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666660288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~pt-PT~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666660288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666816288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~sv-SE~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666816288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666816289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~bg-BG~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666816289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666972288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB961501~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666972288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666972289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2505189~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3666972289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667440288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2387149~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667440288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667596288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB975560~31bf3856ad364e35~x86~~6.0.1.5, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667596288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667596289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB982799~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3667596289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668220288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ja-JP~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668220288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668220289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB978601~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668220289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668376288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB979309~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668376288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668376289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~zh-CN~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668376289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668532288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~uk-UA~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668532288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668688288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB968389~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668688288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668688289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~cs-CZ~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668688289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668844288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2522422~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668844288 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668844289 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB2281679~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:16, Info CBS Session: 30153472:3668844289 finalized. Reboot required: no
  2011-05-25 19:26:16, Info CBS Session: 30153472:3669000288 initialized.
  2011-05-25 19:26:16, Info CBS Read out cached package applicability for package: Package_for_KB960859~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 4, CurrentState:0
  2011-05-25 19:26:16, Info CBS Session: 30153472:3669000288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2479943~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB977816~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156290 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Microsoft-Windows-MediaPlayer-OOB-Package-TopLevel~31bf3856ad364e35~x86~~6.0.6000.16386, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669156290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669468288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB971961~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669468288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669624288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB980842~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669624288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669936288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB976768~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3669936288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3670248288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB978886~31bf3856ad364e35~x86~~6.0.1.2, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3670248288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673056288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB956250~31bf3856ad364e35~x86~~6.1.6001.18242, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673056288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673056289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB979899~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673056289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673212288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2412687~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673212288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673368288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB970430~31bf3856ad364e35~x86~~6.0.1.6, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3673368288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3674460288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2483185~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3674460288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3674616288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2305420~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3674616288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB976002~31bf3856ad364e35~x86~~6.0.1.3, ApplicableState: 7, CurrentState:8
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2494132~31bf3856ad364e35~x86~~6.1.1.0, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084290 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2442962~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675084290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675240288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ar-SA~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675240288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675240289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~el-GR~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3675240289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676332288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB2079403~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676332288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676332289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ru-RU~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676332289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676488288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ro-RO~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676488288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676644288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Microsoft-Windows-GroupPolicy-Preferences-CSE-Pack-TopLevel~31bf3856ad364e35~x86~~6.0.6001.18123, ApplicableState: 7, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676644288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676800288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~ko-KR~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676800288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676800289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB973540~31bf3856ad364e35~x86~~6.0.1.0, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676800289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676956288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~da-DK~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3676956288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677112288 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: Package_for_KB979099~31bf3856ad364e35~x86~~6.0.1.1, ApplicableState: 7, CurrentState:7
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677112288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677112289 initialized.
  2011-05-25 19:26:17, Info CBS Read out cached package applicability for package: KB937286~31bf3856ad364e35~x86~fr-FR~6.0.1.18000, ApplicableState: 0, CurrentState:0
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677112289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268289 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268290 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268291 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268291 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268292 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268292 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268293 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677268293 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424289 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424290 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677424290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677736288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677736288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892289 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892290 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892291 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892291 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892292 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892292 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892293 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892293 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892294 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892294 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892295 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892295 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892296 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3677892296 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048289 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048290 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048290 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048291 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048291 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048292 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048292 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048293 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048293 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048294 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048294 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048295 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048295 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048296 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678048296 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204288 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204288 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204289 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204289 finalized. Reboot required: no
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204290 initialized.
  2011-05-25 19:26:17, Info CBS Session: 30153472:3678204290 fina

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.