patty2
Lid-
Items
22 -
Registratiedatum
-
Laatst bezocht
Over patty2
- Verjaardag 02-12-1969
patty2's prestaties
-
wat de computer ook weigert is een download van office dit heb ik wel nodig want ik kan nu niets met de computer als iemand een bijlage stuurt bij de mail kan ik deze niet eens lezen. het belangrijkste is herstel van de d schijf omdat hij hier op blijft blokkeren en alles hiernaar verwijst en mijn dokumenten erop staan dit is gebleken na het maken van een map mijn dokumenten op c: toen gaf hij aan dat er op d bestanden staan maar kwamen niet over naar c wel de mappen ---------- Post toegevoegd om 18:53 ---------- Vorige post was om 18:49 ---------- bericht 9 is al geprobeerd maar hij blijft om pro vragen een vriend van mij heeft windows 7 op zijn computer en heeft gisteren voor mij een kopie gedraaid van zijn editie hem kennende is dit een legale versie want die kan hij via zijn baas kopen. ---------- Post toegevoegd om 18:53 ---------- Vorige post was om 18:53 ---------- de d schijf is een partitie van c
-
de cd er al in werkt niet. heb vanmiddag al geprobeerd of iemand een xp pro cd heeft helaas iedereen heeft vista of 7 dus dat gaat niet lukken kan ik niet de software die er nu op staat er af gooien en dan de cd van windows 7 (is een kopie) erop zetten weet alleen niet hoe dat werkt maar misschien is dat de enige manier gezien ik geen goede cd te pakken kan krijgen is het trouwens niet vreemd dat hij om pro vraagt terwijll ik zeker weet dat de home edition erop staat want anders had ik die cd niet gehad want op mijn laptop staat vista en meer pc 's heb ik niet
-
krijg een foutmelding windows kan het bestand sfc/scannow niet vinden opdrachtprompt is toch via start en dan uitvoeren??? ---------- Post toegevoegd om 14:24 ---------- Vorige post was om 14:14 ---------- opdrachtpromp inmiddels gevonden. ik heb geen cd meer van windows xp maar wel wel van windows 7 deze accepteert hij niet is het mogelijk om via windows xp te downloaden en dan deze cd's in te voeren voor herstel??
-
Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databaseversie: 6224 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 31-3-2011 13:25:29 mbam-log-2011-03-31 (13-25-29).txt Scantype: Snelle scan Objecten gescand: 156444 Verstreken tijd: 11 minuut/minuten, 11 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) ---------- Post toegevoegd om 11:50 ---------- Vorige post was om 11:39 ---------- Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:48:53, on 31-3-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NETGEAR\WPN111\wpn111.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102024041390 O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.gamehouse.com/games/DoggieDash.cab O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} (CPlayFirstWeddingDasControl Object) - http://www.gamehouse.com/games/WeddingDash2.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/games/GoBitGamesPlayer.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: Google Updateservice (gupdate1c9cbf2a8a5fa46) (gupdate1c9cbf2a8a5fa46) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE -- End of file - 7935 bytes
-
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:50:51, on 30-3-2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Norman\Npm\bin\ELOGSVC.EXE C:\Norman\Npm\Bin\Zanda.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\Lexmark 1200 Series\lxczbmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NETGEAR\WPN111\wpn111.exe C:\Norman\Npm\bin\NJEEVES.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Woofi R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Woofi R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: (no name) - {7FF99715-3016-4381-84CE-E4E4C9673020} - (no file) O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Eigenaar\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10n_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,83/mcinsctl.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102024041390 O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://www.gamehouse.com/games/DoggieDash.cab O16 - DPF: {74EF5274-F439-2168-B543-14745B625C72} (CPlayFirstWeddingDasControl Object) - http://www.gamehouse.com/games/WeddingDash2.cab O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://www.gamehouse.com/games/GoBitGamesPlayer.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,20/mcgdmgr.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O20 - AppInit_DLLs: O21 - SSODL: Javas - {87785437-754D-402C-9FDE-260D69CAF41F} - java.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE O23 - Service: Google Updateservice (gupdate1c9cbf2a8a5fa46) (gupdate1c9cbf2a8a5fa46) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Norman NJeeves - Norman ASA - C:\Norman\Npm\bin\NJEEVES.EXE O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Norman\nse\bin\NSESVC.EXE -- End of file - 8301 bytes
-
door het gebruik van mijn laptop, lange tijd mijn computer niet meer gebruikt na voedingsproblemen met laptop mijn computer weer eens opgestart bij het afsluiten heeft hij geprobeerd alle updtes vanuit windows binnen te halen en hier is het fout gegaan. Na het opnieuw opstarten kende mijn computer mijn d schijf niet meer kan geen word meer gebruiken en exel en tot overmaat van ramp staan al mijn foto's en dokumenten op de d schijf. hij geeft aan dat de d schijf geformatteerd moet worden. geprobeerd een herstelpunt te maken maar ook dit mocht niet baten vanavond geprobeerd windows opnieuw te installeren maar blijft steken geeft aan dat er ongeldige tekens in pad d staan en geeft ook aan dat jij bestanden mist en dus niet kan upgraden bij alles wat ik probeer te gebruiken geeft hij aan dat de configuratie niet goed is, zelfs bij het verwijderen van de updates van windows geeft hij dit aan en kan deze dus ook niet meer verwijderen. heeft iemand dit eerder meegemaakt en zo ja is er een oplossing want dit blondje heeft geen backup van alle bestanden
-
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
de computer is opgeschoond zoals beschreven Thanks -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
Hoi hier de log van combofix ComboFix 09-05-26.02 - patty 26-05-2009 22:30.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.1790.1004 [GMT 2:00] Gestart vanuit: d:\willem\Privé\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Windows\Start Menu\Programs\System Security c:\windows\Packet.dll c:\windows\system32\Packet.dll D:\install.exe . (((((((((((((((((((( Bestanden Gemaakt van 2009-04-26 to 2009-05-26 )))))))))))))))))))))))))))))) . 2009-05-26 20:34 . 2009-05-26 20:35 -------- d-----w c:\users\patty\AppData\Local\temp 2009-05-26 10:00 . 2009-05-06 09:06 4784464 ----a-w c:\programdata\Microsoft\Windows Defender\Definition Updates\{C21CE47A-EF3F-4034-B7E1-C56B0C1AE6AB}\mpengine.dll 2009-05-26 09:59 . 2009-05-26 09:59 -------- d-----w c:\program files\Trend Micro 2009-05-24 13:33 . 2009-05-26 10:44 -------- d--h--w C:\$AVG8.VAULT$ 2009-05-24 13:03 . 2009-05-24 13:03 -------- d-----w c:\program files\AVG 2009-05-24 13:03 . 2009-05-24 13:03 -------- d-----w c:\programdata\avg8 2009-05-24 12:48 . 2009-05-24 12:48 2855 ----a-w c:\users\patty\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif 2009-05-24 12:48 . 2009-05-24 12:48 -------- d--h--w c:\windows\PIF 2009-05-24 11:20 . 2009-05-24 11:20 -------- d-----w c:\programdata\Kaspersky Lab Setup Files 2009-05-22 18:40 . 2009-05-24 13:33 -------- d-----w c:\programdata\15142304 2009-05-19 20:21 . 2009-05-20 13:38 -------- d-----w c:\program files\HyvesToolbar 2009-05-19 20:09 . 2009-05-19 20:10 -------- d--h--w c:\windows\msdownld.tmp 2009-05-15 19:14 . 2009-05-15 19:14 -------- d-----w c:\program files\Ask Search Assistant 2009-05-12 13:50 . 2009-05-12 13:50 -------- d-----w c:\programdata\GameHouse 2009-05-11 19:32 . 2009-05-11 22:01 -------- d-----w c:\users\patty\AppData\Local\SpookyManor 2009-05-08 07:54 . 2009-05-08 07:54 -------- d-----w c:\users\patty\AppData\Roaming\Total Eclipse 2009-05-07 12:16 . 2009-05-07 12:16 -------- d-----w c:\users\patty\AppData\Roaming\Playrix Entertainment 2009-05-07 08:51 . 2009-05-12 08:51 -------- d-----w c:\programdata\SpinTop Games 2009-05-05 13:48 . 2009-05-05 13:48 -------- d-----w c:\programdata\Enkord 2009-05-04 15:19 . 2009-05-04 15:19 -------- d-----w c:\windows\Sun 2009-05-04 00:14 . 2009-05-04 00:14 -------- d-----w c:\programdata\Artogon 2009-05-01 10:52 . 2006-09-26 10:03 98304 ----a-w c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll 2009-05-01 10:52 . 2006-09-26 10:03 161976 ----a-w c:\programdata\Zylom\ZylomGamesPlayer\zylomgamesplayer.dll 2009-05-01 10:51 . 2009-05-14 10:20 -------- d-----w c:\program files\Zylom Games 2009-04-30 22:21 . 2009-04-30 22:22 -------- d-----w c:\programdata\NVIDIA . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-26 16:27 . 2008-05-14 11:17 12 ----a-w c:\windows\bthservsdp.dat 2009-05-26 14:39 . 2008-07-11 20:32 -------- d-----w c:\programdata\Google Updater 2009-05-26 14:38 . 2009-04-30 22:21 27839 ----a-w c:\programdata\nvModes.dat 2009-05-24 12:01 . 2006-11-02 16:11 667352 ----a-w c:\windows\system32\perfh013.dat 2009-05-24 12:01 . 2006-11-02 16:11 126854 ----a-w c:\windows\system32\perfc013.dat 2009-05-24 11:51 . 2008-05-23 10:01 7620 ----a-w c:\users\patty\AppData\Local\d3d9caps.dat 2009-05-15 19:14 . 2009-03-20 17:48 -------- d-----w c:\program files\Messenger Plus! Live 2009-05-14 10:02 . 2008-12-01 05:58 -------- d-----w c:\users\patty\AppData\Roaming\Zylom 2009-05-13 05:48 . 2007-07-27 22:29 -------- d-----w c:\programdata\Microsoft Help 2009-05-13 05:44 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-05-13 05:18 . 2008-07-11 20:32 -------- d-----w c:\program files\Google 2009-05-07 08:40 . 2008-12-07 22:11 -------- d-----w c:\programdata\GoBit Games 2009-05-05 14:28 . 2009-01-22 07:41 -------- d-----w c:\users\patty\AppData\Roaming\SpinTop Games 2009-05-05 10:45 . 2008-05-28 21:26 -------- d-----w c:\program files\TomTom HOME 2 2009-05-05 07:45 . 2009-04-25 08:54 11952 ----a-w c:\windows\system32\avgrsstx.dll 2009-05-05 07:45 . 2009-04-25 08:54 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-05-05 07:45 . 2009-04-25 08:54 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys 2009-05-05 07:44 . 2009-04-25 08:54 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-05-04 21:53 . 2009-04-05 22:18 -------- d-----w c:\users\patty\AppData\Roaming\PlayFirst 2009-05-04 21:53 . 2009-04-05 22:18 -------- d-----w c:\programdata\PlayFirst 2009-05-04 15:03 . 2008-12-14 23:04 -------- d-----w c:\program files\RealArcade 2009-05-04 11:01 . 2007-07-27 22:39 -------- d-----w c:\program files\Acer GameZone 2009-05-01 10:49 . 2008-12-17 14:39 -------- d-----w c:\programdata\Zylom 2009-04-30 08:52 . 2008-04-24 10:36 27335 ----a-w c:\users\patty\AppData\Roaming\nvModes.dat 2009-04-29 12:18 . 2008-04-23 13:02 -------- d-----w c:\program files\Yahoo! 2009-04-29 12:09 . 2008-06-06 09:52 -------- d-----w c:\program files\Java 2009-04-26 06:58 . 2008-04-23 13:05 -------- d-----w c:\program files\Launch Manager 2009-04-26 06:58 . 2007-07-27 22:03 -------- d-----w c:\program files\Common Files\LightScribe 2009-04-26 06:56 . 2009-01-28 21:20 -------- d-----w c:\programdata\JollyBear 2009-04-25 21:17 . 2009-04-20 21:31 -------- d-----w c:\program files\Hyves Desktop 2009-03-17 03:38 . 2009-04-15 02:42 13824 ----a-w c:\windows\system32\apilogen.dll 2009-03-17 03:38 . 2009-04-15 02:42 24064 ----a-w c:\windows\system32\amxread.dll 2009-03-11 15:04 . 2009-03-11 15:04 921928 ----a-w c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-03-09 03:19 . 2009-01-02 00:52 410984 ----a-w c:\windows\system32\deploytk.dll 2009-03-08 11:34 . 2009-05-19 20:06 914944 ----a-w c:\windows\system32\wininet.dll 2009-03-08 11:34 . 2009-05-19 20:06 43008 ----a-w c:\windows\system32\licmgr10.dll 2009-03-08 11:33 . 2009-05-19 20:06 18944 ----a-w c:\windows\system32\corpol.dll 2009-03-08 11:33 . 2009-05-19 20:06 109056 ----a-w c:\windows\system32\iesysprep.dll 2009-03-08 11:33 . 2009-05-19 20:06 109568 ----a-w c:\windows\system32\PDMSetup.exe 2009-03-08 11:33 . 2009-05-19 20:06 132608 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-08 11:33 . 2009-05-19 20:06 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe 2009-03-08 11:33 . 2009-05-19 20:06 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe 2009-03-08 11:33 . 2009-05-19 20:06 103936 ----a-w c:\windows\system32\SetDepNx.exe 2009-03-08 11:33 . 2009-05-19 20:06 420352 ----a-w c:\windows\system32\vbscript.dll 2009-03-08 11:32 . 2009-05-19 20:06 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-08 11:32 . 2009-05-19 20:06 71680 ----a-w c:\windows\system32\iesetup.dll 2009-03-08 11:32 . 2009-05-19 20:06 66560 ----a-w c:\windows\system32\wextract.exe 2009-03-08 11:32 . 2009-05-19 20:06 169472 ----a-w c:\windows\system32\iexpress.exe 2009-03-08 11:31 . 2009-05-19 20:06 34816 ----a-w c:\windows\system32\imgutil.dll 2009-03-08 11:31 . 2009-05-19 20:06 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-08 11:31 . 2009-05-19 20:06 45568 ----a-w c:\windows\system32\mshta.exe 2009-03-08 11:22 . 2009-05-19 20:06 156160 ----a-w c:\windows\system32\msls31.dll 2009-03-03 04:46 . 2009-04-15 02:42 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-03-03 04:46 . 2009-04-15 02:42 3547632 ----a-w c:\windows\system32\ntoskrnl.exe 2009-03-03 04:39 . 2009-04-15 02:42 183296 ----a-w c:\windows\system32\sdohlp.dll 2009-03-03 04:39 . 2009-04-15 02:42 551424 ----a-w c:\windows\system32\rpcss.dll 2009-03-03 04:39 . 2009-04-15 02:42 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-03-03 04:37 . 2009-04-15 02:42 98304 ----a-w c:\windows\system32\iasrecst.dll 2009-03-03 04:37 . 2009-04-15 02:42 54784 ----a-w c:\windows\system32\iasads.dll 2009-03-03 04:37 . 2009-04-15 02:42 44032 ----a-w c:\windows\system32\iasdatastore.dll 2009-03-03 03:04 . 2009-04-15 02:42 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-03-03 02:38 . 2009-04-15 02:42 17408 ----a-w c:\windows\system32\iashost.exe 2006-10-11 08:04 . 2008-12-07 22:11 61036 ----a-w c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:04 . 2008-12-07 22:11 48742 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:05 . 2008-12-07 22:11 29313 ----a-w c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:05 . 2008-12-07 22:11 41082 ----a-w c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:04 . 2008-12-07 22:11 166510 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "eAudio"="c:\acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 1286144] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-17 845360] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2007-08-15 772616] "PlayMovie"="c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 206952] "WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 92704] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-24 1947928] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-07-06 4669440] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552] c:\users\patty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-7-28 535336] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{F553EEA1-3AEB-4AEE-9AF7-CB476B11DCED}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{51F089C7-C7C6-4685-A97A-B70308A94146}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{C67A14D1-73CC-40B6-B119-DB3E19BF938F}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{42F4982D-D4B6-4A9E-9F51-D74DC9465B58}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{0DC47E39-EB25-4BB2-B0F2-6A6DE5510BE0}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{026C3BB4-0F17-4021-AD8D-51FFAFA2CE84}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{2C50F552-0969-4351-B600-044AA32088DA}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{3403759A-D544-4417-8E0F-747834AD69C3}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{DB955835-20AF-4B90-B37D-FBE1E385F31A}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{1F236D98-350A-4507-B6B9-E875C218FE3D}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{E7E6A8BA-91D7-4BB8-A7B4-E661296392FA}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{1B72E2C3-936C-4641-8C3B-F455CF3C3439}"= UDP:86:BroadCam Web Server "{140F8BFF-C1AA-40D5-B193-745DDC622289}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe "{8B3978F7-EF1A-4940-B1A5-10020A158FDD}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{ED6DCBFB-CB33-40A6-846A-6FA2BE4E6762}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [25-4-2009 10:54 325896] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [25-4-2009 10:54 108552] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [23-4-2008 15:07 13560] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [24-5-2009 15:03 908568] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [24-5-2009 15:03 298776] R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [28-7-2007 7:47 32256] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . Inhoud van de 'Gedeelde Taken' map 2009-05-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-11 20:54] . - - - - ORPHANS VERWIJDERD - - - - HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) SafeBoot-procexp90.Sys . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.startpagina.nl/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://nl.intl.acer.yahoo.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab FF - ProfilePath - c:\users\patty\AppData\Roaming\Mozilla\Firefox\Profiles\k2dl5oad.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.plusnetwork.com FF - prefs.js: browser.search.selectedEngine - Ask FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll FF - component: c:\program files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.hideGoButton", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&mozver={moz:version}-{moz:buildid}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-05-26 22:35 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2009-05-26 22:37 ComboFix-quarantined-files.txt 2009-05-26 20:37 Pre-Run: 45.310.726.144 bytes beschikbaar Post-Run: 45.231.640.576 bytes beschikbaar 261 --- E O F --- 2009-05-26 10:00 -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
heb via hijack deze files gefixed zoals jullie het noemen. Moet er nu nog een log gemaakt worden. en de andere vraag die ik heb is het beter om niet meer via internet explorer te werken maar bv via mozilla firefox -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
Hoi Hier de log van de scan, hoop dat er niet nog meer problemen zijn Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:00:16, on 26-5-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Users\patty\AppData\Local\Temp\RtkBtMnt.exe C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hyves.net - Always in touch with your friends R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl - alles op een rijtje! (ook op mobiel) R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer wordt aangeboden door Hyves R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Empowering Technology Launcher.lnk = C:\Acer\Empowering Technology\eAPLauncher.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Planner voor Automatische LiveUpdate - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8675 bytes -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
ik heb in de veilige modus met msconfig het fijne programma uit kunnen zetten. Ik heb alle onbekende programma's uitgezet en daarna kon ik het verwijderen. Ook heb ik mijn beveiligingscedntrum uitgezet omdat het virus daar binnen is gekomen. Heb inmiddels mijn computer gescanned en er is niets meer gevonden. Iedereen super bedankt voor alle hulp groetjes, Patty -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
in de veilige modus geeft hij geen mogelijkheid tot een herstelpunt dus helaas lukt dit ook niet. hij geeft aan dat er geen herstelpunten zijn op de computer. Ik kan het security programma wel verwijderen bij programma's hij staat niet meer in de lijst maar zodra de computer op de normale modus over gaat begint hij direct weer te scannen dus het zit er nog steeds in. Ook als ik zoek op security onder computer vindt hij helemaal niets. Ik ga nu nog 1 keer proberen een scan te maken in de veilige modus -
[OPGELOST] system security 2009
patty2 reageerde op patty2's topic in Archief Bestrijding malware & virussen
Ik heb de computer even met rust gelaten want ik ging er bijna mee gooien. Heb opgestart in de veilige modus en geprobeerd iets te downloaden, het leuke is dat mijn computer dan gewoon uitschakeld. Ga nu nog een poging doen om in de veilige modus een online scan te maken of hijack te installeren
OVER ONS
PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!