Update manager storing

[averheijden]

geacht forum,
ik heb weer min of meer hetzelfde probleem als enige jaren terug

Bij het open, wat dan totaal niet lukt, van een MS office programma zolas word of powerpoint komt er weer een klein tabbladje met update manager, waar op een gegevn moment ook niet werkt
Nu heb ik weer op uw aanraden toendertijd het program hi-jack this en dit is het resultaat
Ziet u misschien wat de fout hierin kan zijn
Dank bij voorbaat
Alfons

[hjt]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:04:49, on 3/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
c:\windows\system32\smss.exe
c:\windows\system32\winlogon.exe
c:\windows\system32\services.exe
c:\windows\system32\lsass.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\system32\spoolsv.exe
c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
c:\program files\microsoft\bingbar\seaport.exe
c:\program files\bonjour\mdnsresponder.exe
c:\windows\system32\cisvc.exe
c:\windows\system32\svchost.exe
c:\program files\ahead\incd\incdsrv.exe
c:\program files\java\jre6\bin\jqs.exe
c:\program files\common files\lightscribe\lssrvc.exe
c:\program files\pinnacle\mediaserver\microsoft sql server\mssql$pinnaclesys\binn\sqlservr.exe
c:\program files\norton 360\norton 360\engine\5.1.0.29\ccsvchst.exe
c:\windows\system32\svchost.exe
c:\windows\system32\nvsvc32.exe
c:\windows\explorer.exe
c:\windows\system32\svchost.exe
c:\windows\system32\svchost.exe
c:\windows\vmsnap23.exe
c:\windows\domino.exe
c:\program files\freecorder\flvsrvc.exe
c:\windows\system32\ctfmon.exe
c:\program files\windows live\messenger\msnmsgr.exe
c:\program files\skype\phone\skype.exe
c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe
c:\windows\system32\searchindexer.exe
c:\program files\hewlett-packard\shared\hpqwmiex.exe
c:\program files\norton 360\norton 360\engine\5.1.0.29\ccsvchst.exe
c:\windows\system32\svchost.exe
c:\documents and settings\alfons verheijden\bureaublad\snippy.exe
c:\windows\system32\cidaemon.exe
c:\program files\outlook express\msimn.exe
c:\program files\messenger\msmsgs.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\internet explorer\iexplore.exe
c:\program files\microsoft\bingbar\bingbar.exe
c:\program files\microsoft\bingbar\bingapp.exe
c:\windows\system32\msiexec.exe
c:\documents and settings\alfons verheijden\local settings\temporary internet files\content.ie5\523llw77\hijackthis[1].exe

r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://fr.news.yahoo.com/[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/?linkid=69157[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\main,local page =
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
r3 - default urlsearchhook is missing
o2 - bho: hp print enhancer - {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
o2 - bho: adobe pdf reader help bij koppelingen - {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: babylon toolbar helper - {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\bh\babylontoolbar.dll
o2 - bho: symantec nco bho - {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\norton 360\engine\5.1.0.29\coieplg.dll
o2 - bho: symantec intrusion prevention - {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\norton 360\engine\5.1.0.29\ips\ipsbho.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\grooveshellextensions.dll
o2 - bho: ssvhelper class - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
o2 - bho: windows live aanmelden - help - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: google toolbar helper - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar_32.dll
o2 - bho: google toolbar notifier bho - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
o2 - bho: bing bar helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\bingext.dll (file missing)
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
o2 - bho: jqsiestartdetectorimpl - {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
o2 - bho: hp smart bho class - {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
o3 - toolbar: imageshack toolbar - {6932d140-abc4-4073-a44c-d4a541665e35} - c:\program files\imageshacktoolbar\imageshacktoolbar.dll
o3 - toolbar: babylon toolbar - {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\babylontoolbartlbr.dll
o3 - toolbar: bing bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\bingext.dll (file missing)
o3 - toolbar: google toolbar - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar_32.dll
o3 - toolbar: norton toolbar - {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\norton 360\engine\5.1.0.29\coieplg.dll
o4 - hklm\..\run: [sunjavaupdatesched] c:\program files\java\jre6\bin\jusched.exe
o4 - hklm\..\run: [nvcpldaemon] rundll32.exe c:\windows\system32\nvcpl.dll,nvstartup
o4 - hklm\..\run: [cpqset] c:\program files\hpq\default settings\cpqset.exe
o4 - hklm\..\run: [apsdaemon] c:\program files\common files\apple\apple application support\apsdaemon.exe
o4 - hklm\..\run: [bigdogpath323vmsnap] c:\windows\vmsnap23.exe
o4 - hklm\..\run: [bigdogpath323domino] c:\windows\domino.exe
o4 - hklm\..\run: [adobe arm] c:\program files\common files\adobe\arm\1.0\adobearm.exe
o4 - hklm\..\run: [high definition audio property page shortcut] chdaudpropshortcut.exe
o4 - hklm\..\run: [freecorder flv service] c:\program files\freecorder\flvsrvc.exe /run
o4 - hkcu\..\run: [registry reviver] c:\program files\reviversoft\registry reviver\registryreviver.exe
o4 - hkcu\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe
o4 - hkcu\..\run: [msnmsgr] c:\program files\windows live\messenger\msnmsgr.exe /background
o4 - hkcu\..\run: [skype] c:\program files\skype\phone\skype.exe /nosplash /minimized
o4 - hkcu\..\run: [nbj] c:\program files\ahead\nero backitup\nbj.exe
o4 - hkcu\..\run: [ldm] c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe
o4 - hkcu\..\runonce: [] c:\program files\internet explorer\iexplore.exe [noparse]http://www.symantec.com/techsupp/servlet/productmessages?module=2007&error=0&language=nl&product=symnrt&version=2008.0.3.16&build=symantec&a=00000082.0000001f.0000005e&b=00000082.00000045.00000119&c=00000082.000000e6.0000026f[/noparse]
o4 - hkus\s-1-5-19\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'lokale service')
o4 - hkus\s-1-5-20\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'netwerkservice')
o4 - hkus\s-1-5-18\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'system')
o4 - hkus\.default\..\run: [ctfmon.exe] c:\windows\system32\ctfmon.exe (user 'default user')
o4 - startup: jacquie lawson village advent calendar.lnk = c:\program files\jacquie lawson village advent calendar\jacquie lawson village advent calendar.exe
o9 - extra button: (no name) - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra 'tools' menuitem: sun java console - {08b0e5c0-4fcb-11cf-aaa5-00401c608501} - c:\program files\java\jre6\bin\jp2iexp.dll
o9 - extra button: in weblog opnemen - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\windows\system32\shdocvw.dll
o9 - extra 'tools' menuitem: &in weblog opnemen met windows live writer - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\windows\system32\shdocvw.dll
o9 - extra button: verzenden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra 'tools' menuitem: verz&enden naar onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~2\office12\onbttnie.dll
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~2\office12\refiebar.dll
o9 - extra button: hp slim selecteren - {dde87865-83c5-48c4-8357-2f5b1aa84522} - c:\windows\system32\shdocvw.dll
o9 - extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra 'tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - c:\windows\network diagnostic\xpnetdiag.exe
o9 - extra button: messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o9 - extra 'tools' menuitem: windows messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - c:\program files\messenger\msmsgs.exe
o10 - unknown file in winsock lsp: c:\windows\system32\nwprovau.dll
o14 - iereset.inf: start_page_url=[noparse]http://ie.redirect.hp.com/svs/rdr?type=3&tp=iehome&locale=nl_be&c=q306&bd=pavilion&pf=laptop[/noparse]
o16 - dpf: {14c1b87c-3342-445f-9b5e-365ff330a3ac} (hewlett-packard online support services) - [noparse]http://h20278.www2.hp.com/hpisweb/customer/cabs/hpisdatamanager.cab[/noparse]
o16 - dpf: {6414512b-b978-451d-a0d8-fcfdf33e833c} (wuwebcontrol class) - [noparse]http://update.microsoft.com/windowsupdate/v6/v5controls/en/x86/client/wuweb_site.cab?1153066304406[/noparse]
o16 - dpf: {6932d140-abc4-4073-a44c-d4a541665e35} (imageshack toolbar) - [noparse]http://toolbar.imageshack.us/toolbar/imageshacktoolbar.cab[/noparse]
o16 - dpf: {6a344d34-5231-452a-8a57-d064ac9b7862} (symantec download manager) - [noparse]https://webdl.symantec.com/activex/symdlmgr.cab[/noparse]
o16 - dpf: {6e32070a-766d-4ee6-879c-dc1fa91d2fc3} (muwebcontrol class) - [noparse]http://update.microsoft.com/microsoftupdate/v6/v5controls/en/x86/client/muweb_site.cab?1154200313640[/noparse]
o16 - dpf: {7808423a-e554-4fca-9f5b-e9c06c10c7b7} - [noparse]http://eapp.e-private.lu/eappconws/static/js/webcleaner/component.cab[/noparse]
o16 - dpf: {b8be5e93-a60c-4d26-a2dc-220313175592} (msn games - installer) - [noparse]http://cdn2.zone.msn.com/binframework/v10/zpaframework.cab102118.cab[/noparse]
o16 - dpf: {cac677b6-4963-4305-9066-0bd135cd9233} (ipsuploader4 control) - [noparse]https://as.photoprintit.de/ips-opdata/layout/default01/activex/ipsuploader4.cab[/noparse]
o16 - dpf: {e2883e8f-472f-4fb0-9522-ac9bf37916a7} - [noparse]http://platformdl.adobe.com/nos/getplusplus/1.6/gp.cab[/noparse]
o16 - dpf: {f773e7b2-62a9-4524-9109-87d2f0befaa4} (chesscontrol class) - [noparse]http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab[/noparse]
o16 - dpf: {ff3c5a9f-5a91-4930-80e8-4709194c2ad3} - [noparse]http://zone.msn.com/bingame/zpagames/checkerszpa.cab55579.cab[/noparse]
o16 - dpf: {ffbb3f3b-0a5a-4106-be53-dfe1e2340cb1} - [noparse]http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.2.cab[/noparse]
o18 - protocol: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd} - c:\program files\microsoft office\office12\groovesystemservices.dll
o22 - sharedtaskscheduler: preloader van browseui - {438755c2-a8ba-11d1-b96b-00a0c90312e1} - c:\windows\system32\browseui.dll
o22 - sharedtaskscheduler: cache-daemon voor onderdeelcategorieën - {8c7461ef-2b13-11d2-be35-3078302c2030} - c:\windows\system32\browseui.dll
o23 - service: apple mobile device - apple inc. - c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
o23 - service: bonjour-service (bonjour service) - apple inc. - c:\program files\bonjour\mdnsresponder.exe
o23 - service: google updateservice (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google software updater (gusvc) - google - c:\program files\google\common\google updater\googleupdaterservice.exe
o23 - service: hpqwmiex - hewlett-packard development company, l.p. - c:\program files\hewlett-packard\shared\hpqwmiex.exe
o23 - service: installdriver table manager (idrivert) - macrovision corporation - c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe
o23 - service: incd file system service (incdsrv) - ahead software - c:\program files\ahead\incd\incdsrv.exe
o23 - service: ipod-service (ipod service) - apple inc. - c:\program files\ipod\bin\ipodservice.exe
o23 - service: java quick starter (javaquickstarterservice) - sun microsystems, inc. - c:\program files\java\jre6\bin\jqs.exe
o23 - service: jetdrive windowsclosingservice - unknown owner - c:\windows\system32\windowsclosingservice (file missing)
o23 - service: lightscribeservice direct disc labeling service (lightscribeservice) - hewlett-packard company - c:\program files\common files\lightscribe\lssrvc.exe
o23 - service: norton 360 (n360) - symantec corporation - c:\program files\norton 360\norton 360\engine\5.1.0.29\ccsvchst.exe
o23 - service: nvidia display driver service (nvsvc) - nvidia corporation - c:\windows\system32\nvsvc32.exe
o23 - service: pinnacle systems media service (pinnaclesys.mediaserver) - pinnacle systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe
o23 - service: roxmediadb12 - sonic solutions - c:\program files\common files\roxio shared\12.0\sharedcom\roxmediadb12.exe
o23 - service: roxio hard drive watcher 12 (roxwatch12) - sonic solutions - c:\program files\common files\roxio shared\12.0\sharedcom\roxwatch12.exe
o23 - service: symantec remoteassist - symantec, inc. - c:\program files\common files\symantec shared\support controls\ssrc.exe
--
end of file - 14270 bytes

[/hjt]

[averheijden]

L.S
Sorry dat tabbladje is "windows installer" wat zich opent als ik MS WORD, etc wil openen
En die gaan dus niet open door dat hinderlijk tabblad
MVG
alfons

[averheijden]

L.S. is het misschien 016 die verwijderd moet worden?

Ik bedoel
o16 - dpf: {b8be5e93-a60c-4d26-a2dc-220313175592} (msn games - installer) - [noparse]

MVG
Alfons

[Bugs]

Helaas is onze HijackThis expert Kingpin al een tijdje onbereikbaar. Ondanks verwoede pogingen om met haar in contact te komen is dat tot op heden niet gelukt.
Alfons, het enige wat ik je op dit moment kan adviseren om je log te laten beoordelen is om deze te plaatsen op het Nationaal Computerforum.

Het spijt ons dat we je in dit geval niet van dienst kunnen zijn.

[averheijden]

BUGS,

Dank voor de informatie, ik heb daar contact mee opgenomen
Ze hebben me verwezen naar de site: http://support.microsoft.com/kb/297834/nl

Het was dan eenvoudiger dan ik dacht, CD-Rom erin en op "Herstellen" klikken
En alle MS Office programmes werken weer zonder storing als voorheen

MG
Alfons

[Bugs]

Fijn dat het zo is opgelost, Alfons.  Een volgende keer zullen we je weer graag helpen.
Ik sluit het topic af.