Ga naar inhoud

jeff48

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    150

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door jeff48

  1. jeff48
    beste, Ik heb een Canon Pixma MG3200 Serial number LPWA28737 van het jaartal 2012. foutmelding: Kan de Print-service op de lokale computer niet starten. Fout 1053: "de service heeft de start- of stuuropdracht niet op de juiste manier beantwoord" Na het intoetsen "afdrukken" beweerd de PC: geen printers geïnstalleerd. NB. Ik gebruk tevens een "HP scanjet automatic document feeder", louter om te scannen omdat het scan oppervlak groter is dan deze van de Canon. Kan iemand me bij dit probleem helpen? Beste groet Jef
  2. jeff48
    Beste Clarkie, De HP 3650 staat niet meer vermeld bij apparaten - printers dus neem ik aan dat ik die verwijderd heb. De meeste onderdelen van De Canon PIXMA MG3250 zijn eveneens verwijderd maar in het configuratiescherm > programma's - onderdelen krijg ik de met name:Canon MG 3200 series MP drivers niet weg. > "De verwerking kan niet worden vervolgd omdat de windows-service afdrukspooler is gestopt. Start de serviceafdrukspooler en probeer het opnieuw". Dit laatste word ook weergegeven wanneer ik de printer terug wilde instaleren. Tijdens het oplossen van de afdrukspooler via windows hulp krijg ik de foutmelding: Fout 1053 > De service heeft de starter ofstuuropdracht niet op de juiste wijze beantwoord. De CC Cleaning was reeds uitgevoerd. De scanplaat van de HP 7400 is groter dan die van de Canon. Software is windows 7. Beste jahewi, ik ga dit bericht in elk gevalposten en kijken of het opnieuw opstarten de return toets hersteld. Beste groeten,
  3. jeff48
    Beste, Ja, ik heb reeds kunnen afprinten met het apparaat. Ik krijg de melding 'geen printers geïnstalleerd' wanneer ik op afdrukken toets. De enige keuze die ik krijg is 'printer toevoegen'. Als ik naar apparaten - printers in het configuratiescherm ga is de status van de printer: 'probleemoplossing is vereist'. Zou het kunnen dat het probleem gerelateerd is aan het verzoek van de HP support assistant, belangerijke actie maak een herstelset . Deze actie heb ik nog steeds niet gedaan. Ps. De return toets reageert niet en het cursief krijg ik niet ongedaan. Beste groeten, Jef.
  4. jeff48
    Beste, Ik werkte met een scanner HP scanjet 7400 - deze kan in principe ook faxen, printen, kopiëren - maar alleen het scannen werkt naar behoren. Ik werk dus nog steeds met die scanner. Daarnaast printe ik af met een HP deskjet printer 3650 maar deze laatste is kapot en vervangen door een Canon PIXMA MG3250. Ook deze kan afprinten, kopiëren en scannen. Het probleem is dat ik de laatste tijd niet meer kan afprinten met de mededeling: geen printer geïnstalleerd. Kunt u mij door dit probleem loodsen? mvg Jef
  5. jeff48
    Beste, Hiermee wilde ik suggereren dat ik niet meer in het bezit ben van de CD microsoft office ed. 2003. Dus dien ik mij die terug aan te schaffen (of een andere versie die compatibel is met mijn Windows XP). Kan iemand dit bevestigen? Zijn er andere opties?
  6. jeff48
    Indien je niet meer over de CD beschikt dan moet het naar alle waarschijnlijkheid opnieuw aangekocht worden?
  7. jeff48
    Beide methodes geven de foutmelding 1706 of onherstelbare fout bij de installatie of de functie die u wilt gebruiken, bevindt zich op een netwerkbron die niet beschikbaar is. Dit geld zowel voor de ‘herstelling van…’ als voor ‘opnieuw installeren’. In de map OFFICE11 bevindt zich geen submap met PRO11.MSI.
  8. jeff48
    bijvoorbeeld Excel. Een ogenblik geduld. Windows is bezig met het configureren van Microsoft Office Proffessional editie 2003. + knop ANNULEREN De functie die u wilt gebruiken bevindt zich op een netwerk bron die niet beschikbaar is. + knoppen OK en ANNULEREN. Klik op OK om het opnieuw te proberen of type in het onderstaande vak een ander pad naar een map met het installatiepakket PRO11.MSI. Gebruik bron //ROBCA server/drivers/install/Office + knop BLADEREN. Fout 1706: Setup kan de vereiste bestanden niet vinden. Controleer de verbinding met het netwerk of het CD- rom-station. Zie C:program files/microsoft/office 11/1043/Setup.CHM voor andere mogelijke oplossingen voor dit probleem. Onherstelbare fout bij het instaleren. Ik geraak wel in een Word document maar, na veel vijven en zessen. Ik hoop dat ik u voldoende heb ingelicht, zoniet aarzel niet om bijkomende elementen op te vragen om dit probleem op te lossen. Met dank Jef
  9. jeff48
    Hi Kape, Tot nu toe geen boodschap meer gekregen dat het C: station vol is. De PC werk ook aanzienlijk sneller dan voordien. Ik veronderstel dat ik op de boodschap '+ markeer deze vraag als opgelost' mag klikken? Ik kom later nog wel eens terug met een probleem dat al wat langer bestaat. Nogmaals bedankt voor je efforts. Met vriendelijke groet Jef ---------- Post toegevoegd om 18:54 ---------- Vorige post was om 18:45 ---------- Nog een vraagje: mag ik de gedownloade programma's verwijderen?
  10. jeff48
    Ik zal daarvoor even geduld moeten oefenen xD maar van zodra deze popup weer verschijnt laat ik je dat als de bliksem weten ;-) groet, Jef
  11. jeff48
    ComboFix 10-07-26.04 - Gebruiker 27/07/2010 22:37:25.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.32.1043.18.511.193 [GMT 2:00] Gestart vanuit: c:\documents and settings\Gebruiker\Mijn documenten\ComboFix.exe AV: Panda Internet Security 2010 *On-access scanning enabled* (Updated) {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0} FW: Panda Personal Firewall 2010 *enabled* {7B090DC0-8905-4BAF-8040-FD98A41C8FB8} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Gebruiker\Application Data\rbap550.dll c:\documents and settings\Gebruiker\Application Data\RBInternetEncodings550.dll c:\documents and settings\Gebruiker\Application Data\RBJagToolbarItem550.dll c:\documents and settings\Gebruiker\Menu Start\Programma's\Ad-Protect c:\documents and settings\Gebruiker\Menu Start\Programma's\Ad-Protect\Ad-Protect v6.3 Un-Installer.lnk c:\documents and settings\Gebruiker\Menu Start\Programma's\Ad-Protect\Ad-Protect v6.3 Website.lnk c:\documents and settings\Gebruiker\Menu Start\Programma's\Ad-Protect\Ad-Protect v6.3.lnk c:\program files\ad-protect c:\program files\ad-protect\Logs\adp_activity-04122006-171445.log c:\program files\ad-protect\sdebug.log c:\program files\Common Files\Companion Wizard c:\program files\Internet Explorer\2.tmp c:\windows\dat.txt c:\windows\Downloaded Program Files\popcaploader.dll c:\windows\Downloaded Program Files\popcaploader.inf c:\windows\search_res.txt c:\windows\system32\stera.log . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FOPN (((((((((((((((((((( Bestanden Gemaakt van 2010-06-27 to 2010-07-27 )))))))))))))))))))))))))))))) . 2010-07-27 13:02 . 2010-07-27 13:02 -------- d-----w- c:\program files\TP-LINK 2010-07-23 19:21 . 2010-07-23 19:21 -------- d-----w- c:\documents and settings\Gebruiker\Application Data\Malwarebytes 2010-07-23 19:21 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-07-23 19:21 . 2010-07-23 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-07-23 19:21 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-07-23 19:21 . 2010-07-23 19:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-07-23 00:21 . 2010-07-27 19:25 -------- d--h--r- c:\documents and settings\Gebruiker\Onlangs geopend 2010-07-22 23:37 . 2010-07-22 23:37 -------- d-----w- c:\program files\TrendMicro 2010-07-22 18:47 . 2010-07-23 00:19 -------- d-----w- c:\program files\CCleaner 2010-07-22 16:02 . 2010-07-22 16:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ReviverSoft . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-07-27 20:55 . 2009-05-09 13:41 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG.bck 2010-07-27 20:55 . 2009-05-09 13:41 1132 ----a-w- c:\windows\system32\drivers\APPFLTR.CFG 2010-07-27 20:54 . 2009-05-09 13:45 13880 ----a-w- c:\windows\system32\drivers\COMFiltr.sys 2010-07-27 20:53 . 2009-05-09 13:41 260580 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT.bck 2010-07-27 20:53 . 2009-05-09 13:41 260580 ----a-w- c:\windows\system32\drivers\APPFCONT.DAT 2010-07-27 16:09 . 2005-09-03 13:25 -------- d-----w- c:\program files\Google 2010-07-24 11:14 . 2010-07-24 11:14 503808 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-628fe54c-n\msvcp71.dll 2010-07-24 11:14 . 2010-07-24 11:14 499712 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-628fe54c-n\jmc.dll 2010-07-24 11:14 . 2010-07-24 11:14 348160 ----a-w- c:\documents and settings\Gebruiker\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-628fe54c-n\msvcr71.dll 2010-07-22 23:37 . 2010-07-22 23:37 388096 ----a-r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe 2010-06-19 16:53 . 2006-07-13 21:31 -------- d-----w- c:\program files\Java 2010-05-18 16:36 . 2010-05-18 16:36 3584 ------r- c:\documents and settings\Gebruiker\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2010-05-18 16:32 . 2010-05-18 16:32 359656 ----a-w- C:\msicuu2.exe 2010-05-18 16:22 . 2001-09-07 13:00 72336 ----a-w- c:\windows\system32\perfc013.dat 2010-05-18 16:22 . 2001-09-07 13:00 448700 ----a-w- c:\windows\system32\perfh013.dat 2010-05-09 10:22 . 2010-05-09 10:22 262 ----a-w- c:\windows\system32\PavCPL.dat 2006-04-01 19:37 . 2006-04-01 19:37 26922 ----a-w- c:\program files\moviepass Terms.html . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-19 68856] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AME_CSA"="amecsa.cpl" [2002-10-30 757760] "Motive SmartBridge"="c:\progra~1\TELENE~1\SMARTB~1\MotiveSB.exe" [2004-04-07 385024] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 172032] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 49152] "APVXDWIN"="c:\program files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" [2009-06-05 574720] "SCANINICIO"="c:\program files\Panda Security\Panda Internet Security 2009\Inicio.exe" [2009-04-21 56064] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Telenet EasyCare.lnk - c:\program files\Telenet EasyCare\bin\matcli.exe [2006-6-22 217088] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] 2008-03-18 14:58 58672 ----a-w- c:\windows\system32\avldr.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PskSvcRetail] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Pandora's Box\\PndrBox.exe"= "c:\\StubInstaller.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"= R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [9/05/2009 15:38 28544] R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [9/05/2009 15:41 73728] R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [9/05/2009 15:41 52992] R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [9/05/2009 15:41 22072] R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [9/05/2009 15:41 193792] R1 mchInjDrv;madCodeHook DLL injection driver;c:\windows\system32\drivers\mchInjDrv.sys [27/08/2008 15:20 2560] R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [9/05/2009 15:41 158848] R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [9/05/2009 15:37 41144] R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [9/05/2009 15:41 46720] R2 Gwmsrv;Panda Goodware Cache Manager;c:\windows\system32\svchost -k Panda --> c:\windows\system32\svchost -k Panda [?] R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [9/05/2009 15:37 177416] R2 PskSvcRetail;Panda PSK service;c:\program files\Panda Security\Panda Internet Security 2009\psksvc.exe [9/05/2009 15:40 28928] R3 ComFiltr;Panda Anti-Dialer;c:\windows\system32\drivers\COMFiltr.sys [9/05/2009 15:45 13880] R3 NETIMFLT01060034;PANDA NDIS IM Filter Miniport v1.6.0.34;c:\windows\system32\drivers\neti1634.sys [9/05/2009 15:39 197888] R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?] R3 STAC97NA;SigmaTel 3D Environmental Audio;c:\windows\system32\drivers\stac97na.sys [20/09/2002 18:42 296179] R3 STAC97NH;STAC97NH;c:\windows\system32\drivers\stac97nh.sys [20/09/2002 18:43 231983] S1 ctredr15.sys;ctredr15.sys;\??\c:\windows\system32\drivers\ctredr15.sys --> c:\windows\system32\drivers\ctredr15.sys [?] S1 ctredrv.sys;ctredrv.sys;\??\c:\windows\system32\drivers\ctredrv.sys --> c:\windows\system32\drivers\ctredrv.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29/01/2010 14:27 135664] S3 AmeAtmPc;AmeAtmPc;c:\windows\system32\drivers\ameatmpc.sys [27/08/2005 15:03 118391] S3 AtmElan;ATM geëmuleerde LAN;c:\windows\system32\drivers\atmlane.sys [3/08/2004 23:58 55936] S3 AtmLane;ATM LAN-emulatie;c:\windows\system32\drivers\atmlane.sys [3/08/2004 23:58 55936] S3 PLCND532;PLCND532 NDIS Protocol Driver;c:\windows\system32\drivers\PLCND532.sys [10/07/2009 17:17 26656] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] panda REG_MULTI_SZ Gwmsrv . Inhoud van de 'Gedeelde Taken' map 2010-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:27] 2010-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-29 12:27] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms} mWindow Title = Telenet Internet uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = 127.0.0.1 IE: Add to Windows &Live Favorites - Welcome to Windows Live IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab DPF: {BD4C7EDB-A392-11D9-8BFB-0040953018D7} - hxxp://www.streamerp2p.com/sfiles/phasex.cab . . ------- Bestandsassociaties ------- . JSEFile=c:\progra~1\PANDAS~1\PANDAI~2\PAVSCRIP.EXE "%1" %* VBEFile=c:\progra~1\PANDAS~1\PANDAI~2\PAVSCRIP.EXE "%1" %* VBSFile=c:\progra~1\PANDAS~1\PANDAI~2\PAVSCRIP.EXE "%1" %* . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-07-27 22:50 Windows 5.1.2600 Service Pack 2 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,e2,48,75,ac,ab,d1,4e,99,10,f1,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,80,e2,48,75,ac,ab,d1,4e,99,10,f1,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(896) c:\windows\system32\Ati2evxx.dll c:\windows\system32\avldr.dll - - - - - - - > 'explorer.exe'(2476) c:\program files\Panda Security\Panda Internet Security 2009\pavoepl.dll c:\progra~1\TELENE~1\SMARTB~1\SBHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Panda Security\Panda Internet Security 2009\TPSrv.exe c:\program files\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Panda Security\Panda Internet Security 2009\PsCtrls.exe c:\program files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe c:\program files\Common Files\Panda Security\PavShld\pavprsrv.exe c:\program files\Panda Security\Panda Internet Security 2009\pavsrv51.exe c:\program files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE c:\program files\Panda Security\Panda Internet Security 2009\psimsvc.exe c:\windows\system32\wdfmgr.exe c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE c:\windows\system32\Ati2evxx.exe c:\windows\system32\rundll32.exe c:\windows\system32\NotifyPhoneBook.exe c:\program files\Telenet EasyCare\bin\mpbtn.exe c:\program files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE c:\program files\Panda Security\Panda Internet Security 2009\PavBckPT.exe . ************************************************************************** . Voltooingstijd: 2010-07-27 22:57:32 - machine werd herstart ComboFix-quarantined-files.txt 2010-07-27 20:57 Pre-Run: 1.865.420.800 bytes beschikbaar Post-Run: 7.958.482.944 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - D5F74E357B92EAD7E2E03942F202780B
  12. jeff48
    Ik heb Panda internet security 2010: ik vind nergens hoe deze uit te schakelen wel hoe deze te verwiijderen. Dien ik uit te schakelen of te verwijderen?
  13. jeff48
    Hallo Kape, Dit laatste item is verwijderd alsook de c:/program Files/AskSBar die reeds verwijderd was. Het surfen loopt in elk geval sneller dan voorheen. Wat betreft de boodschap: 'het C station is vol' zal ik nog even moeten afwachten tot ik het een tijdje niet meer zie. Indien je zelf nog vermoedens hebt dat het euvel niet helemaal opgelost zou zijn dan zie ik het wel in een replytje. Indien het tegenovergestelde waar is dan markeer ik deze vraag als opgelost. Ik lees tussen de lijnen dat dit één van de laatste berichtjes zou kunnen zijn? Jij bent bedankt voor je deskundige begeleiding. met hartelijke groet, Jef Van Ruyssevelt
  14. jeff48
    Kape, Nieuwe Modem is geplaatst. Dit is de recentste logfile Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 15:22:35, on 27/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe C:\WINDOWS\system32\svchost.exe c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Telenet EasyCare\bin\mpbtn.exe C:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274200942453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142956499015 O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {BD4C7EDB-A392-11D9-8BFB-0040953018D7} (PhaseCaster Widget) - http://www.streamerp2p.com/sfiles/phasex.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/bejeweled2/popcaploader_v6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - HP - C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\hpdj.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe -- End of file - 10264 bytes
  15. jeff48
    Hi Kape, ik ga je weldra dit logje bezorgen maar eerst moet er een nieuwe modem worden geplaatst. De mijne is kapot. Ik krijg nog wel de boodschap dat het C: stion vol is. tot weldra Ps. Dinsdag namiddag wordt een nieuwe modem geplaatst. groetjes, Jef
  16. jeff48
    Hi Kape, hier de twee logbestanden waarnaar je vroeg. :c:/program Files/AsksBar is verwijderd * Trend Micro HijackThis v2.0.3 * See bottom for version history. The different sections of hijacking possibilities have been separated into the following groups. You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'. R - Registry, StartPage/SearchPage changes R0 - Changed registry value R1 - Created registry value R2 - Created registry key R3 - Created extra registry value where only one should be F - IniFiles, autoloading entries F0 - Changed inifile value F1 - Created inifile value F2 - Changed inifile value, mapped to Registry F3 - Created inifile value, mapped to Registry N - Netscape/Mozilla StartPage/SearchPage changes N1 - Change in prefs.js of Netscape 4.x N2 - Change in prefs.js of Netscape 6 N3 - Change in prefs.js of Netscape 7 N4 - Change in prefs.js of Mozilla O - Other, several sections which represent: O1 - Hijack of auto.search.msn.com with Hosts file O2 - Enumeration of existing MSIE BHO's O3 - Enumeration of existing MSIE toolbars O4 - Enumeration of suspicious autoloading Registry entries O5 - Blocking of loading Internet Options in Control Panel O6 - Disabling of 'Internet Options' Main tab with Policies O7 - Disabling of Regedit with Policies O8 - Extra MSIE context menu items O9 - Extra 'Tools' menuitems and buttons O10 - Breaking of Internet access by New.Net or WebHancer O11 - Extra options in MSIE 'Advanced' settings tab O12 - MSIE plugins for file extensions or MIME types O13 - Hijack of default URL prefixes O14 - Changing of IERESET.INF O15 - Trusted Zone Autoadd O16 - Download Program Files item O17 - Domain hijack O18 - Enumeration of existing protocols and filters O19 - User stylesheet hijack O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key O22 - SharedTaskScheduler autorun Registry key O23 - Enumeration of NT Services O24 - Enumeration of ActiveX Desktop Components Command-line parameters: * /autolog - automatically scan the system, save a logfile and open it * /ihatewhitelists - ignore all internal whitelists * /uninstall - remove all HijackThis Registry entries, backups and quit * /silentautuolog - the same as /autolog, except with no required user intervention * Version history * [v2.0.3 BETA] * Fixed parser issues on winlogon notify * Fixed issues to handle certain environment variables * Rename HJT generates complete scan log [v2.00.0] * AnalyzeThis added for log file statistics * Recognizes Windows Vista and IE7 * Fixed a few bugs in the O23 method * Fixed a bug in the O22 method (SharedTaskScheduler) * Did a few tweaks on the log format * Fixed and improved ADS Spy * Improved Itty Bitty Procman (processes are frozen before they are killed) * Added listing of O4 autoruns from other users * Added listing of the Policies Run items in O4 method, used by SmitFraud trojan * Added /silentautolog parameter for system admins * Added /deleteonreboot [file] parameter for system admins * Added O24 - ActiveX Desktop Components enumeration * Added Enhanced Security Confirguration (ESC) Zones to O15 Trusted Sites check [v1.99.1] * Added Winlogon Notify keys to O20 listing * Fixed crashing bug on certain Win2000 and WinXP systems at O23 listing * Fixed lots and lots of 'unexpected error' bugs * Fixed lots of inproper functioning bugs (i.e. stuff that didn't work) * Added 'Delete NT Service' function in Misc Tools section * Added ProtocolDefaults to O15 listing * Fixed MD5 hashing not working * Fixed 'ISTSVC' autorun entries with garbage data not being fixed * Fixed HijackThis uninstall entry not being updated/created on new versions * Added Uninstall Manager in Misc Tools to manage 'Add/Remove Software' list * Added option to scan the system at startup, then show results or quit if nothing found [v1.99] * Added O23 (NT Services) in light of newer trojans * Integrated ADS Spy into Misc Tools section * Added 'Action taken' to info in 'More info on this item' [v1.98] * Definitive support for Japanese/Chinese/Korean systems * Added O20 (AppInit_DLLs) in light of newer trojans * Added O21 (ShellServiceObjectDelayLoad, SSODL) in light of newer trojans * Added O22 (SharedTaskScheduler) in light of newer trojans * Backups of fixed items are now saved in separate folder * HijackThis now checks if it was started from a temp folder * Added a small process manager (Misc Tools section) [v1.96] * Lots of bugfixes and small enhancements! Among others: * Fix for Japanese IE toolbars * Fix for searchwww.com fake CLSID trick in IE toolbars and BHO's * Attributes on Hosts file will now be restored when scanning/fixing/restoring it. * Added several files to the LSP whitelist * Fixed some issues with incorrectly re-encrypting data, making R0/R1 go undetected until a restart * All sites in the Trusted Zone are now shown, with the exception of those on the nonstandard but safe domain list [v1.95] * Added a new regval to check for from Whazit hijack (Start Page_bak). * Excluded IE logo change tweak from toolbar detection (BrandBitmap and SmBrandBitmap). * New in logfile: Running processes at time of scan. * Checkmarks for running StartupList with /full and /complete in HijackThis UI. * New O19 method to check for Datanotary hijack of user stylesheet. * Google.com IP added to whitelist for Hosts file check. [v1.94] * Fixed a bug in the Check for Updates function that could cause corrupt downloads on certain systems. * Fixed a bug in enumeration of toolbars (Lop toolbars are now listed!). * Added imon.dll, drwhook.dll and wspirda.dll to LSP safelist. * Fixed a bug where DPF could not be deleted. * Fixed a stupid bug in enumeration of autostarting shortcuts. * Fixed info on Netscape 6/7 and Mozilla saying '%shitbrowser%' (oops). * Fixed bug where logfile would not auto-open on systems that don't have .log filetype registered. * Added support for backing up F0 and F1 items (d'oh!). [v1.93] * Added mclsp.dll (McAfee), WPS.DLL (Sygate Firewall), zklspr.dll (Zero Knowledge) and mxavlsp.dll (OnTrack) to LSP safelist. * Fixed a bug in LSP routine for Win95. * Made taborder nicer. * Fixed a bug in backup/restore of IE plugins. * Added UltimateSearch hijack in O17 method (I think). * Fixed a bug with detecting/removing BHO's disabled by BHODemon. * Also fixed a bug in StartupList (now version 1.52.1). [v1.92] * Fixed two stupid bugs in backup restore function. * Added DiamondCS file to LSP files safelist. * Added a few more items to the protocol safelist. * Log is now opened immediately after saving. * Removed rd.yahoo.com from NSBSD list (spammers are starting to use this, no doubt spyware authors will follow). * Updated integrated StartupList to v1.52. * In light of SpywareNuker/BPS Spyware Remover, any strings relevant to reverse-engineers are now encrypted. * Rudimentary proxy support for the Check for Updates function. [v1.91] * Added rd.yahoo.com to the Nonstandard But Safe Domains list. * Added 8 new protocols to the protocol check safelist, as well as showing the file that handles the protocol in the log (O18). * Added listing of programs/links in Startup folders (O4). * Fixed 'Check for Update' not detecting new versions. [v1.9] * Added check for Lop.com 'Domain' hijack (O17). * Bugfix in URLSearchHook (R3) fix. * Improved O1 (Hosts file) check. * Rewrote code to delete BHO's, fixing a really nasty bug with orphaned BHO keys. * Added AutoConfigURL and proxyserver checks (R1). * IE Extensions (Button/Tools menuitem) in HKEY_CURRENT_USER are now also detected. * Added check for extra protocols (O18). [v1.81] * Added 'ignore non-standard but safe domains' option. * Improved Winsock LSP hijackers detection. * Integrated StartupList updated to v1.4. [v1.8] * Fixed a few bugs. * Adds detecting of free.aol.com in Trusted Zone. * Adds checking of URLSearchHooks key, which should have only one value. * Adds listing/deleting of Download Program Files. * Integrated StartupList into the new 'Misc Tools' section of the Config screen! [v1.71] * Improves detecting of O6. * Some internal changes/improvements. [v1.7] * Adds backup function! Yay! * Added check for default URL prefix * Added check for changing of IERESET.INF * Added check for changing of Netscape/Mozilla homepage and default search engine. [v1.61] * Fixes Runtime Error when Hosts file is empty. [v1.6] * Added enumerating of MSIE plugins * Added check for extra options in 'Advanced' tab of 'Internet Options'. [v1.5] * Adds 'Uninstall & Exit' and 'Check for update online' functions. * Expands enumeration of autoloading Registry entries (now also scans for .vbs, .js, .dll, rundll32 and service) [v1.4] * Adds repairing of broken Internet access (aka Winsock or LSP fix) by New.Net/WebHancer * A few bugfixes/enhancements [v1.3] * Adds detecting of extra MSIE context menu items * Added detecting of extra 'Tools' menu items and extra buttons * Added 'Confirm deleting/ignoring items' checkbox [v1.2] * Adds 'Ignorelist' and 'Info' functions [v1.1] * Supports BHO's, some default URL changes [v1.0] * Original release A good thing to do after version updates is clear your Ignore list and re-add them, as the format of detected items sometimes changes. log Malwarebytes Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4342 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 24/07/2010 13:01:06 mbam-log-2010-07-24 (13-01-06).txt Scantype: Snelle scan Objecten gescand: 154712 Verstreken tijd: 17 minuut/minuten, 28 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
  17. jeff48
    Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 1:05:13, on 24/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe C:\WINDOWS\system32\svchost.exe c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\Panda Security\Panda Internet Security 2009\ApVxdWin.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\NotifyPhoneBook.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Telenet EasyCare\bin\mpbtn.exe C:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\PROGRA~1\MSNGAM~1\Windows\zclientm.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\psimreal.exe C:\Program Files\Panda Security\Panda Internet Security 2009\avciman.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: (no name) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - (no file) O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274200942453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142956499015 O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {BD4C7EDB-A392-11D9-8BFB-0040953018D7} (PhaseCaster Widget) - http://www.streamerp2p.com/sfiles/phasex.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/bejeweled2/popcaploader_v6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - HP - C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\hpdj.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe -- End of file - 11099 bytes
  18. jeff48
    Hijackthis: volgende items werden niet gevonden O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O4 - HKLM\..\Run: [bar] C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\CHE7ODYB\SETUP[1].exe O4 - HKCU\..\Run: [securePCCleaner] "C:\Program Files\SecurePCCleaner\GDC.exe" O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) Asksbar werd niet gevonden. Noch via configuratie > software, noch via zoekactie naar deze file. Opnieuw verschijnt “C station is vol”. Hieronder de HijackThis log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4342 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 23/07/2010 21:55:25 mbam-log-2010-07-23 (21-55-25).txt Scantype: Snelle scan Objecten gescand: 153934 Verstreken tijd: 30 minuut/minuten, 0 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 23 Registerwaarden geïnfecteerd: 1 Registerdata geïnfecteerd: 2 Mappen geïnfecteerd: 7 Bestanden geïnfecteerd: 14 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: HKEY_CLASSES_ROOT\browsingsoftware.****pro_bho (Adware.PLayMP3z) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\browsingsoftware.****pro_bho.1 (Adware.PLayMP3z) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b886c1f4-d1d3-45f5-f45e-75eb024320ac} (Adware.PLayMP3z) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b886c1f4-d1d3-45f5-f45e-75eb024320ac} (Adware.PLayMP3z) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\browsingsoftware (Adware.PLayMP3z) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OnlineGuard (Rogue.OnlineGuard) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Registerwaarden geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\adp (Rogue.Multiple) -> Quarantined and deleted successfully. Registerdata geïnfecteerd: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn (Hijack.Desktop) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (2) Good: (0) -> Quarantined and deleted successfully. Mappen geïnfecteerd: C:\Documents and Settings\Gebruiker\Application Data\AdProtect NoSpam (Rogue.AdProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\Arthure\Application Data\AdProtect NoSpam (Rogue.AdProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Application Data\SecurePCCleaner (Rogue.PCCleaner) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Application Data\SecurePCCleaner\Logs (Rogue.PCCleaner) -> Quarantined and deleted successfully. C:\Program Files\BrowsingSoftware (Adware.PLayMP3z) -> Quarantined and deleted successfully. C:\Program Files\OnlineGuard (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Menu Start\Programma's\OnlineGuard (Rogue.OnlineGuard) -> Quarantined and deleted successfully. Bestanden geïnfecteerd: C:\Documents and Settings\Gebruiker\Application Data\AdProtect NoSpam\Settings.xml (Rogue.AdProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\Arthure\Application Data\AdProtect NoSpam\Settings.xml (Rogue.AdProtect) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Application Data\SecurePCCleaner\Logs\update.log (Rogue.PCCleaner) -> Quarantined and deleted successfully. C:\Program Files\BrowsingSoftware\BrowsingSoftware.dat (Adware.PLayMP3z) -> Quarantined and deleted successfully. C:\Program Files\BrowsingSoftware\pcre3.dll (Adware.PLayMP3z) -> Quarantined and deleted successfully. C:\Program Files\BrowsingSoftware\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully. C:\Program Files\OnlineGuard\OnlineGuard.lic (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Program Files\OnlineGuard\OnlineGuard0.og (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Program Files\OnlineGuard\OnlineGuard1.og (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Menu Start\Programma's\OnlineGuard\OnlineGuard.lnk (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Documents and Settings\Gebruiker\Menu Start\Programma's\OnlineGuard\Uninstall.lnk (Rogue.OnlineGuard) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Start\Online Security Guide.url (Rogue.Link) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Menu Start\Security Troubleshooting.url (Rogue.Link) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Api32.dll (Trojan.Agent) -> Quarantined and deleted successfully. groet, Jef
  19. jeff48
    Neen, enkel het C:, F:, H:, I:, J: en K: werd getoond.
  20. jeff48
    Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 1:48:42, on 23/07/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe C:\PROGRAM FILES\PANDA SECURITY\PANDA INTERNET SECURITY 2009\WebProxy.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe C:\Program Files\Panda Security\Panda Internet Security 2009\AVENGINE.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe C:\WINDOWS\system32\svchost.exe c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE C:\WINDOWS\system32\NotifyPhoneBook.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Telenet EasyCare\bin\mpbtn.exe C:\Program Files\Panda Security\Panda Internet Security 2009\SRVLOAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\PavBckPT.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Panda Security\Panda Internet Security 2009\psimreal.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Zita - het Web van Z tot A - Nieuws | Entertainment | Lifestyle | Fun R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll O2 - BHO: BrowsingSoftware - {B886C1F4-D1D3-45F5-F45E-75EB024320AC} - C:\Program Files\BrowsingSoftware\BrowsingSoftware-2.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll (file missing) O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AME_CSA] rundll32 amecsa.cpl,RUN_DLL O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\TELENE~1\SMARTB~1\MotiveSB.exe O4 - HKLM\..\Run: [NapsterShell] "C:\Program Files\Napster\napster.exe" /systray O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2009\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [sCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2009\Inicio.exe" O4 - HKLM\..\Run: [bar] C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\CHE7ODYB\SETUP[1].exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [feedreader.exe] "C:\Program Files\FeedReader30\feedreader.exe" O4 - HKCU\..\Run: [securePCCleaner] "C:\Program Files\SecurePCCleaner\GDC.exe" O4 - HKCU\..\Run: [uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKUS\S-1-5-21-1757981266-1580436667-839522115-1006\..\Run: [incrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c (User '?') O4 - Global Startup: Telenet EasyCare.lnk = C:\Program Files\Telenet EasyCare\bin\matcli.exe O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll (file missing) O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} - http://www.musicnotes.com/download/mnviewer.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274200942453 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142956499015 O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab O16 - DPF: {BD4C7EDB-A392-11D9-8BFB-0040953018D7} (PhaseCaster Widget) - http://www.streamerp2p.com/sfiles/phasex.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://games.pogo.com/online2/pogo/bejeweled2/popcaploader_v6.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpdj - HP - C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\hpdj.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PsCtrls.exe O23 - Service: Panda Function Service (PAVFNSVR) - Unknown owner - C:\Program Files\Panda Security\Panda Internet Security 2009\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\pavsrv51.exe O23 - Service: Panda Host Service (PSHost) - Unknown owner - c:\program files\panda security\panda internet security 2009\firewall\PSHOST.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\psimsvc.exe O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\PskSvc.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Internet Security 2009\TPSrv.exe O24 - Desktop Component 0: Privacy Protection - about:home -- End of file - 12348 bytes
  21. jeff48
    "Om meer schijfruimte ge hebben kan je dit doen: Klik op Deze Computer met de rechtermuis op eigenschappen. Klik op geavanceerd Klik op presatie / instellingen Klik op Geavanceerd Klik onderaan bij Virtueel geheugen op Wijzigen". Het D:/ station wordt niet weergegeven? Ik ga nu ververder met het downloaden van HijackThis en hou je op de hoogte
  22. jeff48
    jawel, buiten C:/ en DVD station D:/ nog een CD-rw-Station E:/, verwisselbare schijven H:-I:-J:-K: en nog een E:/ met daarop aangesloten 'een-buiten-de-computer-opslagplaats (Lacie). Nog steeds geen bericht meer gekregen dat C:/ station vol is. Het is wel zo dat de PC redelijk traag werkt.
  23. jeff48
    De CCleaner heeft zijn werk gedaan. Of nu de vraag is opgelost zal afhangen van de komende dagen zoniet laat ik terug een berichtje achter. Thanks again Jef
  24. jeff48
    Hi stegisoft, Het programma CCleaner is aan het lopen. Ik hoop dat ik later mag eindigen met 'OPGELOST'. Nu al bedankt voor je feedback
  25. jeff48
    Beste, Het lokaal C station is vol. reeds schrijfopruiming gedaan, zo ook defragmentatie, Softwarebestanden verwijderd zoals: google earth. Totale grootte van lokaal C station is 74,5 GB. en de nog beschikbare ruimte is 175 MB. Wil er iemand mij begeleiden bij het oplossen van dit probleem? mvg Jef
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.