Vraag & Antwoord

Beveiliging & privacy

Popups door HP-software?

13 antwoorden
  • Mijn HP-printer PSC 1417 heeft problemen. Niet alleen dat ik er niet mee kan scannen, maar bij opstarten van PC komen er popups. Dit heb ik wel vaker gehad. In Msconfig kan ik niets vinden dat hier op duidt. Het advies is een HJT te plaatsen: Logfile of HijackThis v1.99.1 Scan saved at 10:25:05, on 14-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UltraVNC\WinVNC.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MAILWA~2\MAILWA~1.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Frans\Bureaublad\F.J.Stols\kleine programma's\schoonmaak\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~2\MAILWA~1.EXE O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Verjaardagen] C:\Program Files\Verjaardagen\Verjaardagen.exe auto O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Startup: RegVac.lnk = C:\Program Files\RegVac\regvac.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159339342187 O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O20 - AppInit_DLLs: ,ˆ‹ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing) Zo zie ik zelf o.a. dat er nog steeds Symantec software op zit. Wellicht nog meer dat er niet thuis hoort?
  • voor je symantec te verwijderen. http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/172d11361b05da508525695b005ca287/9163ea0b7308d62d80256fe000519e78?OpenDocument en even dieper graven. Download [url=http://download.bleepingcomputer.com/sUBs/combofix.exe][b:f08b1565bd]Combofix[/b:f08b1565bd][/url] naar je Bureaublad.[list:f08b1565bd] Dubbelklik [b:f08b1565bd]Combofix.exe[/b:f08b1565bd] Volg de instructies, aanvaard de disclaimer door "y" of "Y" te typen. Tijdens het runnen van de fix, [b:f08b1565bd]NIET[/b:f08b1565bd] in het venster klikken, want dit zal je pc doen vasthangen.[/list:u:f08b1565bd] Wanneer de fix voltooid is en na herstart, zal de log [b:f08b1565bd]combofix.txt[/b:f08b1565bd] openen. [i:f08b1565bd]Plaats deze log in je volgende post samen met een nieuw HijackThis log.[/i:f08b1565bd] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren. Juisterr
  • Deze adviezen van Juisterr had ik al eens eerder zien langs komen.Hijack: Logfile of HijackThis v1.99.1 Scan saved at 9:25:03, on 15-11-2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\UltraVNC\WinVNC.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MAILWA~2\MAILWA~1.EXE C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Documents and Settings\Frans\Bureaublad\F.J.Stols\kleine programma's\schoonmaak\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MailWasher] C:\PROGRA~1\MAILWA~2\MAILWA~1.EXE O4 - HKCU\..\Run: [Gadwin PrintScreen 3.5] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [Verjaardagen] C:\Program Files\Verjaardagen\Verjaardagen.exe auto O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Snelstart HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O15 - Trusted Zone: http://toolbar.imageshack.us O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159339342187 O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab O20 - AppInit_DLLs: ,ˆ‹ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC.exe" -service (file missing) en Combofix: Frans - 06-11-15 9:33:59,90 Service Pack 2 ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Frans\Bureaublad" ((((((((((((((((((((((((((((((( Files Created from 2006-10-15 to 2006-11-15 )))))))))))))))))))))))))))))))))) 2006-11-12 14:07 995,328 --a------ C:\WINDOWS\beeldv32.exe 2006-11-10 15:02 545 --a------ C:\WINDOWS\UC.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\RAR.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\PKZIP.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\LHA.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\ARJ.PIF 2006-10-17 13:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll 2006-10-17 13:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-10-17 13:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-10-17 13:33 180,736 --------- C:\WINDOWS\system32\ieui.dll 2006-10-17 13:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 13:01 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-10-17 12:58 61,952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 12:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 12:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 12:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-15 09:30 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-15 09:23 -------- d-------- C:\Documents and Settings\Frans\Application Data\MailWasherPro 2006-11-15 09:18 -------- d-------- C:\Program Files\Symantec Technical Support 2006-11-14 15:56 -------- d-------- C:\Program Files\Common Files\ACD Systems 2006-11-14 15:54 -------- d-------- C:\Program Files\Celestia 2006-11-13 21:23 -------- d-------- C:\Program Files\Verjaardagen 2006-11-13 11:57 -------- d-------- C:\Documents and Settings\Frans\Application Data\Image Zone Express 2006-11-13 11:56 589 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_UI.log 2006-11-13 11:56 450 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_PROTOCOL.log 2006-11-13 11:56 0 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_API.log 2006-11-13 10:56 -------- d-------- C:\Program Files\Common Files\Sonic Shared 2006-11-13 10:56 -------- d-------- C:\Program Files\Common Files 2006-11-13 10:55 -------- d-------- C:\Program Files\Common Files\HP 2006-11-12 19:48 834 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_UI.log 2006-11-12 19:46 450 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_PROTOCOL.log 2006-11-12 19:46 0 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_API.log 2006-11-12 16:57 -------- d-------- C:\Program Files\Hewlett-Packard 2006-11-10 14:49 -------- d-------- C:\Program Files\Spyware Doctor 2006-11-10 14:46 -------- d-------- C:\Program Files\OpenOffice.org 2.0 2006-11-10 11:15 -------- d-------- C:\Program Files\Yahoo! 2006-11-09 18:41 -------- d---s---- C:\Documents and Settings\Frans\Application Data\Microsoft 2006-11-09 15:31 -------- d-------- C:\Program Files\Hitman Pro 2006-11-09 14:52 -------- d-------- C:\Program Files\ESET 2006-11-09 14:39 -------- d-------- C:\Program Files\SpywareBlaster 2006-11-08 19:51 -------- d-------- C:\Documents and Settings\Frans\Application Data\OpenOffice.org2 2006-11-08 11:28 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-11-08 11:26 -------- d-------- C:\Program Files\Microsoft Works 2006-11-08 11:26 -------- d-------- C:\Program Files\Microsoft Office 2006-11-08 11:26 -------- d-------- C:\Program Files\Common Files\DESIGNER 2006-11-08 11:25 -------- d-------- C:\Program Files\Common Files\System 2006-11-08 09:40 -------- d-------- C:\Program Files\Java 2006-11-07 09:14 -------- d-------- C:\Program Files\UltraVNC 2006-11-06 21:49 79232 --a------ C:\Documents and Settings\Frans\Application Data\GDIPFONTCACHEV1.DAT 2006-11-03 08:57 -------- d-------- C:\Program Files\WinZip 2006-11-03 08:57 -------- d-------- C:\Program Files\PhotoDeluxe 2.0 2006-11-01 14:56 -------- d-------- C:\Program Files\Internet Explorer 2006-10-22 09:47 -------- d-------- C:\Program Files\Foxit Software 2006-10-17 13:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-10-17 13:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-10-17 13:33 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 13:01 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-10-17 13:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-10-17 13:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-10-17 13:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-10-17 13:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-10-17 13:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-10-17 13:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-10-17 13:00 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 12:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-10-15 19:53 -------- d-------- C:\Program Files\A1Click Ultra PC Cleaner 2006-10-15 19:35 -------- d-------- C:\Program Files\RegVac 2006-10-15 17:15 -------- d-------- C:\Documents and Settings\Frans\Application Data\VUPlayer 2006-10-15 12:23 -------- d-------- C:\Program Files\KeyPass 2006-10-15 12:03 -------- d-------- C:\Documents and Settings\Frans\Application Data\WinPatrol 2006-10-15 12:02 -------- d-------- C:\Program Files\BillP Studios 2006-10-15 11:57 -------- d-------- C:\Program Files\FreshDevices 2006-10-09 12:57 -------- d-------- C:\Program Files\Easy Rolodex 2.1 2006-10-09 10:34 -------- d-------- C:\Program Files\Easy Rolodex 3.0 2006-10-09 10:10 -------- d-------- C:\Program Files\Zabaware 2006-10-07 15:13 -------- d-------- C:\Program Files\GalleryPlayer 2006-10-07 15:13 -------- d-------- C:\Program Files\Gadwin Systems 2006-10-07 13:42 -------- d-------- C:\Program Files\Motherboard Monitor 5 2006-10-07 09:18 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-07 09:18 -------- d-------- C:\Program Files\ToniArts 2006-10-06 11:45 -------- d-------- C:\Program Files\WashAndGo 2006-10-06 10:14 -------- d-------- C:\Program Files\Karen's Power Tools 2006-10-03 18:39 -------- d-------- C:\Program Files\Colorfolder 2006-10-02 16:12 98096 --a------ C:\Documents and Settings\Frans\Application Data\Update_HP_RedboxHprblog_HPSU.log 2006-10-02 16:05 -------- d-------- C:\Program Files\HP 2006-09-30 12:32 -------- d-------- C:\Program Files\Winamp 2006-09-26 09:23 -------- d-------- C:\Program Files\ewido anti-spyware 4.0 2006-09-25 12:28 -------- d-------- C:\Program Files\SpeedFan 2006-09-25 12:28 -------- d-------- C:\Program Files\SereneScreen 2006-09-25 12:26 -------- d-------- C:\Documents and Settings\Frans\Application Data\SiteAdvisor 2006-09-13 06:07 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-12 16:51 1245184 --a------ C:\WINDOWS\system32\msxml4.dll 2006-09-06 17:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll 2006-08-21 13:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-16 12:59 100352 --a------ C:\WINDOWS\system32\6to4svc.dll 2006-08-15 09:50 352256 --a------ C:\WINDOWS\system32\IJL151.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MailWasher"="C:\\PROGRA~1\\MAILWA~2\\MAILWA~1.EXE" "Gadwin PrintScreen 3.5"="C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe /nosplash" "Verjaardagen"="C:\\Program Files\\Verjaardagen\\Verjaardagen.exe auto" "NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] "backup"="C:\\WINDOWS\\pss\\Snelstart HP Image Zone.lnkCommon Startup" "location"="Common Startup" "item"="Snelstart HP Image Zone" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] "backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE " "item"="WinZip Quick Pick" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Wireless Client Manager.lnk] "backup"="C:\\WINDOWS\\pss\\Wireless Client Manager.lnkCommon Startup" "location"="Common Startup" "item"="Wireless Client Manager" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Frans^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0.lnk] "path"="C:\\Documents and Settings\\Frans\\Menu Start\\Programma's\\Opstarten\\OpenOffice.org 2.0.lnk" "backup"="C:\\WINDOWS\\pss\\OpenOffice.org 2.0.lnkStartup" "location"="Startup" "command"="C:\\PROGRA~1\\OPENOF~1.0\\program\\QUICKS~1.EXE " "item"="OpenOffice.org 2.0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Mixer" "hkey"="HKLM" "command"="Mixer.exe /startup" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotKey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mHotkey" "hkey"="HKLM" "command"="mHotkey.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CopernicDesktopSearch" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeRAM XP Pro" "hkey"="HKCU" "command"="\"\\FreeRAM XP Pro.exe\" -win" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPWuSchd2" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows" "item"="??? ?" "hkey"="HKCU" "command"="??? ?" "inimapping"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBJ" "hkey"="HKCU" "command"="\"C:\\PROGRA~1\\Ahead\\NEROBA~1\\NBJ.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuria] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nuria" "hkey"="HKCU" "command"="C:\\Program Files\\Nuria\\Nuria.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RUNDLL32" "hkey"="HKLM" "command"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PicasaMediaDetector" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Verjaardagen] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PrintScreen" "hkey"="HKCU" "command"="C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe /nosplash" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WashAndGo - Cleanup of old Backupfiles] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="checker" "hkey"="HKCU" "command"="C:\\Program Files\\WashAndgo\\checker.exe /check" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winampa" "hkey"="HKLM" "command"="C:\\Program Files\\Winamp\\winampa.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSASCui" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinVNC" "hkey"="HKLM" "command"="\"C:\\Program Files\\UltraVNC\\WinVNC.exe\" -servicehelper" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "EventSystem"=dword:00000003 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\MP Scheduled Scan.job Completion time: 06-11-15 9:35:12.18 C:\ComboFix.txt ... 06-11-15 09:35 C:\ComboFix2.txt ... 06-08-15 16:31 (einde) De exe van Symantec (via IE) van 4,6 Mb deed niks, althans niet dat ik zag.De Combofix pas na intikken Y en Enter.In HJT is Symantec nog te vinden, alleen heb ik daar waarschijnlijk geen last van. Wèl van de Hp mal-functies! Alvast dank voor de inspectie.
  • volgens mij zit je met een worm. Doe onderstaande tool eerst, start dan opnieuw op en doe dan nogmaals de combofix. plaats beide logjes. Download en installeer [url=http://www.ewido.net/en/download/][b:34ca49eaf3]AVG Anti-Spyware[/b:34ca49eaf3][/url].[list:34ca49eaf3] Na de installatie, open AVG Anti-Spyware: * onder "[b:34ca49eaf3]Status[/b:34ca49eaf3]", klik op [b:34ca49eaf3]Change state[/b:34ca49eaf3] naast "Resident shield". (wijzig van active naar [b:34ca49eaf3]inactive[/b:34ca49eaf3]!) * onder "[b:34ca49eaf3]Update[/b:34ca49eaf3]", klik op de [b:34ca49eaf3]Start update[/b:34ca49eaf3] knop. * onder "[b:34ca49eaf3]Scanner[/b:34ca49eaf3]", tab "Settings":[list:34ca49eaf3]- onder "How to act?", klik op "[u:34ca49eaf3]Recommended actions[/u:34ca49eaf3]" en selecteer [b:34ca49eaf3]Quarantine[/b:34ca49eaf3]. ([b:34ca49eaf3]ZEER BELANGRIJK![/b:34ca49eaf3]) * onder "Reports", selecteer [b:34ca49eaf3]Automatically generate report after every scan[/b:34ca49eaf3] en [u:34ca49eaf3]verwijder[/u:34ca49eaf3] het vinkje bij [b:34ca49eaf3]Only if threats were found[/b:34ca49eaf3][/list:u:34ca49eaf3] Sluit AVG Anti-Spyware. Laat het [b:34ca49eaf3]nog niet[/b:34ca49eaf3] scannen.[/list:u:34ca49eaf3] Start op in [url=http://www.hijackthis.nl/veiligemodus.html]veilige modus[/url] Start [b:34ca49eaf3]AVG Anti-Spyware[/b:34ca49eaf3].[list:34ca49eaf3]* Klik op [b:34ca49eaf3]Scan[/b:34ca49eaf3] en kies [b:34ca49eaf3]Complete System Scan[/b:34ca49eaf3]. Na de scan; volg onderstaande instructies : [color=blue:34ca49eaf3]BELANGRIJK : Klik niet op de "Save Scan Report" knop vooraleer je de "Apply all Actions" knop hebt aangeklikt ![/color:34ca49eaf3] * Draag er zorg voor dat [b:34ca49eaf3]Set all elements to[/b:34ca49eaf3]: op [b:34ca49eaf3]Quarantine[/b:34ca49eaf3] staat [color=blue:34ca49eaf3](1)[/color:34ca49eaf3], zoniet klik op de link en kies [b:34ca49eaf3]Quarantine[/b:34ca49eaf3] in de popup menu.[color=blue:34ca49eaf3] (2)[/color:34ca49eaf3] (Dit geldt niet voor cookies, deze worden onveranderlijk gedelete !) * Onderaan het venster klik op de [b:34ca49eaf3]Apply all Actions[/b:34ca49eaf3] knop. [color=blue:34ca49eaf3](3)[/color:34ca49eaf3] [img:34ca49eaf3]http://home.scarlet.be/~topalex/ewidoscan.jpg[/img:34ca49eaf3] * Wanneer je de melding krijgt 'All actions have been applied', klik je onderaan op de knop [b:34ca49eaf3]Save Report[/b:34ca49eaf3]. * Klik in het menu bovenaan op [b:34ca49eaf3]Reports[/b:34ca49eaf3]. Kopieer het rapport van de scan en plaats dat hier in je volgende bericht.[/list:u:34ca49eaf3] succes.
  • mogelijk is niet alles naar wens verlopen: na ongeveer 400.000 ietems gescand te hebben kon ik na Äpply all Actions"niet meer zorgen dat Set all elements op Quarantaine stond. Hierbij een rapport: VG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 20:32:12 15-11-2006 + Scan result: :mozilla.95:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.96:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.238:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.239:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.235:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.45:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.94:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.97:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.98:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.99:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.185:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.197:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.210:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.66:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.67:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.68:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.69:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.10:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.11:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.12:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.13:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.14:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.7:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.8:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. :mozilla.9:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Onestat : Cleaned. C:\Documents and Settings\Frans\Cookies\frans@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned. :mozilla.202:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.101:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.104:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.105:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.228:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Trafic : Cleaned. :mozilla.196:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.198:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned. :mozilla.124:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Yadro : Cleaned. :mozilla.125:C:\Documents and Settings\Frans\Application Data\Mozilla\Firefox\Profiles\5ekgpe8t.default\cookies.txt -> TrackingCookie.Yadro : Cleaned. ::Report end Ik heb dus twee maal gescand: de eerste keer een stuk of 20 dingen, die nu ongezien gedeleted zijn, de tweede keer een onestat cookie. Ik hoop dat dit een aanwijzing kan geven?
  • En had je ook als gevraagd nogmaals de combofix gedaan??? zo nee doe die dan nogmaals en plaats het logje aub. Juisterr
  • hier: Frans - 06-11-16 11:56:01,53 Service Pack 2 ComboFix 06.11.9 - Running from: "C:\Documents and Settings\Frans\Bureaublad\F.J.Stols\kleine programma's\schoonmaak\Combofix & Hijackthis" ((((((((((((((((((((((((((((((( Files Created from 2006-10-16 to 2006-11-16 )))))))))))))))))))))))))))))))))) 2006-11-15 18:57 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2006-11-12 14:07 995,328 --a------ C:\WINDOWS\beeldv32.exe 2006-11-10 15:02 545 --a------ C:\WINDOWS\UC.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\RAR.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\PKZIP.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\PKUNZIP.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\NOCLOSE.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\LHA.PIF 2006-11-10 15:02 545 --a------ C:\WINDOWS\ARJ.PIF 2006-10-17 13:33 6,049,280 --------- C:\WINDOWS\system32\ieframe.dll 2006-10-17 13:33 50,688 --------- C:\WINDOWS\system32\msfeedsbs.dll 2006-10-17 13:33 458,752 --------- C:\WINDOWS\system32\msfeeds.dll 2006-10-17 13:33 180,736 --------- C:\WINDOWS\system32\ieui.dll 2006-10-17 13:05 206,336 --------- C:\WINDOWS\system32\WinFXDocObj.exe 2006-10-17 13:01 13,312 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-10-17 12:58 61,952 --------- C:\WINDOWS\system32\icardie.dll 2006-10-17 12:58 12,288 --------- C:\WINDOWS\system32\msfeedssync.exe 2006-10-17 12:57 266,752 --------- C:\WINDOWS\system32\iertutil.dll 2006-10-17 12:27 380,928 --------- C:\WINDOWS\system32\ieapfltr.dll (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-11-16 11:54 -------- d-------- C:\Program Files\Mozilla Firefox 2006-11-16 11:33 -------- d-------- C:\Documents and Settings\Frans\Application Data\MailWasherPro 2006-11-16 09:28 -------- d-------- C:\Documents and Settings\Frans\Application Data\Image Zone Express 2006-11-15 18:57 -------- d-------- C:\Program Files\Grisoft 2006-11-15 11:07 -------- d-------- C:\Documents and Settings\Frans\Application Data\FastStone 2006-11-15 09:59 -------- d-------- C:\Program Files\HP 2006-11-14 15:56 -------- d-------- C:\Program Files\Common Files\ACD Systems 2006-11-13 21:23 -------- d-------- C:\Program Files\Verjaardagen 2006-11-13 11:56 589 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_UI.log 2006-11-13 11:56 450 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_PROTOCOL.log 2006-11-13 11:56 0 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163411908_API.log 2006-11-13 10:56 -------- d-------- C:\Program Files\Common Files\Sonic Shared 2006-11-13 10:56 -------- d-------- C:\Program Files\Common Files 2006-11-13 10:55 -------- d-------- C:\Program Files\Common Files\HP 2006-11-12 19:48 834 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_UI.log 2006-11-12 19:46 450 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_PROTOCOL.log 2006-11-12 19:46 0 --a------ C:\Documents and Settings\Frans\Application Data\Hewlett-PackardHP PSC 1400 series1163347183_API.log 2006-11-12 16:57 -------- d-------- C:\Program Files\Hewlett-Packard 2006-11-10 11:15 -------- d-------- C:\Program Files\Yahoo! 2006-11-09 18:41 -------- d---s---- C:\Documents and Settings\Frans\Application Data\Microsoft 2006-11-09 15:31 -------- d-------- C:\Program Files\Hitman Pro 2006-11-09 14:52 -------- d-------- C:\Program Files\ESET 2006-11-09 14:39 -------- d-------- C:\Program Files\SpywareBlaster 2006-11-08 19:51 -------- d-------- C:\Documents and Settings\Frans\Application Data\OpenOffice.org2 2006-11-08 11:28 -------- d-------- C:\Program Files\Common Files\Microsoft Shared 2006-11-08 11:26 -------- d-------- C:\Program Files\Microsoft Works 2006-11-08 11:26 -------- d-------- C:\Program Files\Microsoft Office 2006-11-08 11:26 -------- d-------- C:\Program Files\Common Files\DESIGNER 2006-11-08 11:25 -------- d-------- C:\Program Files\Common Files\System 2006-11-08 09:40 -------- d-------- C:\Program Files\Java 2006-11-07 09:14 -------- d-------- C:\Program Files\UltraVNC 2006-11-06 21:49 79232 --a------ C:\Documents and Settings\Frans\Application Data\GDIPFONTCACHEV1.DAT 2006-11-03 08:57 -------- d-------- C:\Program Files\WinZip 2006-11-03 08:57 -------- d-------- C:\Program Files\PhotoDeluxe 2.0 2006-11-01 14:56 -------- d-------- C:\Program Files\Internet Explorer 2006-10-22 09:47 -------- d-------- C:\Program Files\Foxit Software 2006-10-17 13:33 413696 --a------ C:\WINDOWS\system32\vbscript.dll 2006-10-17 13:33 231424 --a------ C:\WINDOWS\system32\webcheck.dll 2006-10-17 13:33 156160 --a------ C:\WINDOWS\system32\msls31.dll 2006-10-17 13:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll 2006-10-17 13:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll 2006-10-17 13:05 105984 --a------ C:\WINDOWS\system32\url.dll 2006-10-17 13:04 101376 --a------ C:\WINDOWS\system32\occache.dll 2006-10-17 13:03 17408 --a------ C:\WINDOWS\system32\corpol.dll 2006-10-17 13:01 71680 --a------ C:\WINDOWS\system32\admparse.dll 2006-10-17 13:01 55296 --a------ C:\WINDOWS\system32\iesetup.dll 2006-10-17 13:01 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll 2006-10-17 13:01 229376 --a------ C:\WINDOWS\system32\ieaksie.dll 2006-10-17 13:01 152064 --a------ C:\WINDOWS\system32\ieakeng.dll 2006-10-17 13:00 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe 2006-10-17 13:00 43008 --a------ C:\WINDOWS\system32\iernonce.dll 2006-10-17 13:00 123904 --a------ C:\WINDOWS\system32\advpack.dll 2006-10-17 12:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll 2006-10-17 12:56 45568 --a------ C:\WINDOWS\system32\mshta.exe 2006-10-17 12:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll 2006-10-17 12:23 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2006-10-15 19:53 -------- d-------- C:\Program Files\A1Click Ultra PC Cleaner 2006-10-15 19:35 -------- d-------- C:\Program Files\RegVac 2006-10-15 17:15 -------- d-------- C:\Documents and Settings\Frans\Application Data\VUPlayer 2006-10-15 12:03 -------- d-------- C:\Documents and Settings\Frans\Application Data\WinPatrol 2006-10-15 12:02 -------- d-------- C:\Program Files\BillP Studios 2006-10-09 12:57 -------- d-------- C:\Program Files\Easy Rolodex 2.1 2006-10-09 10:34 -------- d-------- C:\Program Files\Easy Rolodex 3.0 2006-10-09 10:10 -------- d-------- C:\Program Files\Zabaware 2006-10-07 15:13 -------- d-------- C:\Program Files\Gadwin Systems 2006-10-07 13:42 -------- d-------- C:\Program Files\Motherboard Monitor 5 2006-10-07 09:18 -------- d--h----- C:\Program Files\InstallShield Installation Information 2006-10-06 11:45 -------- d-------- C:\Program Files\WashAndGo 2006-10-03 18:39 -------- d-------- C:\Program Files\Colorfolder 2006-10-02 16:12 98096 --a------ C:\Documents and Settings\Frans\Application Data\Update_HP_RedboxHprblog_HPSU.log 2006-09-30 12:32 -------- d-------- C:\Program Files\Winamp 2006-09-25 12:26 -------- d-------- C:\Documents and Settings\Frans\Application Data\SiteAdvisor 2006-09-13 06:07 1084416 --a------ C:\WINDOWS\system32\msxml3.dll 2006-09-12 16:51 1245184 --a------ C:\WINDOWS\system32\msxml4.dll 2006-09-06 17:43 22752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll 2006-08-21 13:28 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2006-08-21 10:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2006-08-16 12:59 100352 --a------ C:\WINDOWS\system32\6to4svc.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe" "MailWasher"="C:\\PROGRA~1\\MAILWA~2\\MAILWA~1.EXE" "Gadwin PrintScreen 3.5"="C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe /nosplash" "Verjaardagen"="C:\\Program Files\\Verjaardagen\\Verjaardagen.exe auto" "NBJ"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE" "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\"" "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000005 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Mijn huidige introductiepagina" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\ 00,00,04,00,00,40 "RestoredStateInfo"=hex:18,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook" "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=hex:91,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^HP Digital Imaging Monitor.lnk] "backup"="C:\\WINDOWS\\pss\\HP Digital Imaging Monitor.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\HP\\DIGITA~1\\bin\\hpqtra08.exe " "item"="HP Digital Imaging Monitor" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Snelstart HP Image Zone.lnk] "backup"="C:\\WINDOWS\\pss\\Snelstart HP Image Zone.lnkCommon Startup" "location"="Common Startup" "item"="Snelstart HP Image Zone" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^WinZip Quick Pick.lnk] "backup"="C:\\WINDOWS\\pss\\WinZip Quick Pick.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\WinZip\\WZQKPICK.EXE " "item"="WinZip Quick Pick" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Wireless Client Manager.lnk] "backup"="C:\\WINDOWS\\pss\\Wireless Client Manager.lnkCommon Startup" "location"="Common Startup" "item"="Wireless Client Manager" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Frans^Menu Start^Programma's^Opstarten^OpenOffice.org 2.0.lnk] "path"="C:\\Documents and Settings\\Frans\\Menu Start\\Programma's\\Opstarten\\OpenOffice.org 2.0.lnk" "backup"="C:\\WINDOWS\\pss\\OpenOffice.org 2.0.lnkStartup" "location"="Startup" "command"="C:\\PROGRA~1\\OPENOF~1.0\\program\\QUICKS~1.EXE " "item"="OpenOffice.org 2.0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Mixer" "hkey"="HKLM" "command"="Mixer.exe /startup" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotKey] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mHotkey" "hkey"="HKLM" "command"="mHotkey.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CopernicDesktopSearch" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeRAM XP] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="FreeRAM XP Pro" "hkey"="HKCU" "command"="\"\\FreeRAM XP Pro.exe\" -win" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HPWuSchd2" "hkey"="HKLM" "command"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load] "key"="SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Windows" "item"="??? ?" "hkey"="HKCU" "command"="??? ?" "inimapping"="1" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NBJ" "hkey"="HKCU" "command"="\"C:\\PROGRA~1\\Ahead\\NEROBA~1\\NBJ.exe\"" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroCheck" "hkey"="HKLM" "command"="C:\\WINDOWS\\system32\\NeroCheck.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nuria] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Nuria" "hkey"="HKCU" "command"="C:\\Program Files\\Nuria\\Nuria.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RUNDLL32" "hkey"="HKLM" "command"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwiz" "hkey"="HKLM" "command"="nwiz.exe /install" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PicasaMediaDetector" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Verjaardagen] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PrintScreen" "hkey"="HKCU" "command"="C:\\Program Files\\Gadwin Systems\\PrintScreen\\PrintScreen.exe /nosplash" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WashAndGo - Cleanup of old Backupfiles] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="checker" "hkey"="HKCU" "command"="C:\\Program Files\\WashAndgo\\checker.exe /check" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winampa" "hkey"="HKLM" "command"="C:\\Program Files\\Winamp\\winampa.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MSASCui" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="WinVNC" "hkey"="HKLM" "command"="\"C:\\Program Files\\UltraVNC\\WinVNC.exe\" -servicehelper" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "EventSystem"=dword:00000003 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\MP Scheduled Scan.job Completion time: 06-11-16 11:57:11.07 C:\ComboFix.txt ... 06-11-16 11:57 C:\ComboFix2.txt ... 06-11-15 09:35 C:\ComboFix3.txt ... 06-08-15 16:31
  • al met al lijkt het hierboven een lang verhaal; ik vroeg me af of iemand nog een suggestie heeft: popups die redelijkerwijs met HP-software te maken hebben?
  • Popups door HP? misschien vragen om updates? Kan je eens zo'n popups in een printscreen plaatsen?
  • het goede nieuws is dat ik sinds gisteren alle popups kwijt ben, ook die van een verzoek om een testpagina van de printer HP PSC1417 te maken. Het heeft wel te maken met de "image-zone"(zonder n) van HP. Ergens kwam ik bij MS een middeltje tegen om in uitvoeren>msconfig>algemeen wat vinkjes weg te halen, en later weer terug te plaatsen.Een wat angstige actie, maar het hielp. Eén van de popups waar ik last van had was: "fatal execution Engine Error (0x7927baca) met het bekende rode gevaarskruis. Dit verscheen ook bij de scan-procedure, hoewel die wel bleek te lukken. Ik moet trouwens nog leren hoé je een klein plaatje in een tekst als hier inlast. Maar in ieder geval heel veel dank voor alle tijd en aandacht.
  • inmiddels bijgeschoold via een ander forum [URL=http://img224.imageshack.us/my.php?image=nr003vd4.jpg][img:c94b84e601]http://img224.imageshack.us/img224/1350/nr003vd4.th.jpg[/img:c94b84e601][/URL]
  • probeer je HP een opnieuw te installeren. Die is volgens mij niet helemaal goed geinstalleerd.
  • Dat had ik al een half dozijn keren gedaan, dat was ook het advies van de HP-leverancier (Medion): installeren zònder aangesloten printer, en pas later aansluiten na herstart, enz.enz.Hielp allemaal niks.Maar nogmaals: de pop-ups zijn nu weg.Volgende printer een ander merk.

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.