Run DLL32 host proces werkt niet meer ?

vicky_i · 16 december 2009

hallo , ik krijg de melding steeds dat windows hostproces Run dll niet meer werkt , wat is dit ?

is dit iets belangrijks en wat kan ik eraan doen ?

Groeten ,

Vicky

Jean-Pierre · 16 december 2009

Dit kan allerlei oorzaken hebben.

Allereerst eens zien of we virussen en malware kunnen schrappen van dat lijstje,dus voer onderstaande eens uit.

Onze specialist terzake zal dat logje dan eens nakijken en indien nodig u verder helpen.

Download HiJackThis

Dubbelklik op HJTInstall.exe

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

HijackThis zal openen na het installeren.

Klik op "Do a systemscan and save a logfile".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

N.B. : gebruikers van Windows Vista en Windows 7 zullen eerst moeten rechtsklikken op HijackThis.exe en dan kiezen voor "Run as Administrator".

vicky_i · 16 december 2009

ik kan geen CTRL A doen en er komt te staan dat hij geen log kan vinden ofzo

vicky_i · 19 december 2009

dit is wat ik steeds krijg , wat moet ik dus doen nu ?

groeten

kape · 19 december 2009

Doe eerst even dit :

Download HostsXpert

Unzip het programma naar je Bureaublad.

Open de map en dubbelklik op Hoster.exe

Klik op "Restore Microsofts Original Hosts File"

Klik op "OK" en sluit het programma.

en daarna opnieuw HijackThis. Krijg je dan het schermpje nog steeds, gewoon wegklikken en doorgaan.

vicky_i · 19 december 2009

oke , heb dat dus gedaan ,

maar kreeg weer inderdaad die melding en kon nu ook geen logfile opslaan dus heb ik het zo gedaan in printscreen :

de vier beelden volgen de lijst gewoon op ( hoop dat je me kan helpen )

kape · 19 december 2009

Zo goed als onmogelijk om daarmee te werken, maar dit is al zeker te fixen met HijackThis :

02 Kiwee Toolbar

03 Toolbar Kiwee Toolbar

09 Extra Button Trace

09 Extra Tool Visual Route Trace

016 DPF Cab Builder Kiwee

En probeer dan eens of je - als je de foutmelding over die hosts krijgt - niet gewoon

kan doorklikken voor de correcte werking van HijackThis ?

19 december 2009 aangepast door kape

vicky_i · 19 december 2009

zal het eens proberen , mercikes

---------- Post toegevoegd om 17:22 ---------- Vorige post was om 17:08 ----------

nope , werkt allemaal niet , ik probeer op fix te drukken maar hij geeft steeds foutmeldingen

en dan kom ik automatisch op i net uit , ben echt een leek op dit gebied , sorryyyy ( shame shame )

19 december 2009 aangepast door kape

kape · 19 december 2009

Eerst iets anders dan :

Download KittyFix naar je Bureaublad.

KittyFix is de nieuwe versie van Combofix. Alles wat je hieronder leest over Combofix, geldt dus ook voor KittyFix.

Lees hier meer over correct gebruik van Combofix.

OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.

Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

Dubbelklik op Combofix.exe om het te starten.
Indien je Combofix al eerder hebt gebruikt, kan je een waarschuwing krijgen dat een update beschikbaar is. Sta toe dat ComboFix wordt geupdate.
Volg de instructies, aanvaard de disclaimer door op Ja te klikken.
Indien de Recovery Console niet geïnstalleerd is, wordt je gevraagd om dit alsnog te doen door op JA te klikken in het "Query - Recovery Console" venster (enkel voor XP, niet voor VISTA).
Klik op OK en Ja om automatisch de Recovery Console te laten installeren.
Klik na afloop terug op Ja om het scannen op malware te starten.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.

Wanneer de fix voltooid is en na herstart, zal de log Combofix.txt openen.

Post dit logje in je volgende antwoord.

vicky_i · 19 december 2009

dit is de log die ik uitkwam :

ComboFix 09-12-18.03 - vicky iliaens 19/12/2009 18:13:18.1.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.1918.940 [GMT 1:00]

Gestart vanuit: c:\users\vicky iliaens\Downloads\KittyFix.exe

AV: Kaspersky Internet Security *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FW: Kaspersky Internet Security *enabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

SP: Kaspersky Internet Security *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

.

ADS - system32: deleted 12 bytes in 1 streams.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\FunWebProducts

c:\program files\MyWebSearch

c:\program files\MyWebSearch\bar\Settings\s_pid.dat

c:\users\vicky iliaens\AppData\Roaming\Desktopicon

c:\users\vicky iliaens\AppData\Roaming\Desktopicon\eBayShortcuts.exe

c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF

c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_4dbwk3vzg0jwqwajd3g1keoenv0vowdp\1.5.2.0\user.config

c:\users\vicky iliaens\AppData\Roaming\Kaspersky_Key_Finder_(KKF\Kaspersky_Key_Finder_V1.5_Url_ckqc3jgdmsjkw1foyhjkdx1yso2dt04k\1.5.2.0\user.config

c:\users\vicky iliaens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Productregistratie.lnk

c:\users\vicky iliaens\x.exe

c:\windows\Cursors\aero_link.cur

c:\windows\system32\DEBUG.log

c:\windows\TEMP\logishrd\LVPrcInj07.dll

c:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl . . . . konden niet verwijderd worden

.

(((((((((((((((((((( Bestanden Gemaakt van 2009-11-19 to 2009-12-19 ))))))))))))))))))))))))))))))

.

2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Gast\AppData\Local\temp

2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp

2009-12-19 17:28 . 2009-12-19 17:28 -------- d-----w- c:\users\Bruno\AppData\Local\temp

2009-12-16 14:12 . 2009-12-16 14:12 -------- d-----w- c:\program files\TrendMicro

2009-12-14 04:33 . 2009-12-14 04:33 249856 ------w- c:\windows\Setup1.exe

2009-12-14 04:33 . 2009-12-14 04:33 73216 ----a-w- c:\windows\ST6UNST.EXE

2009-12-14 03:44 . 2009-12-14 03:44 -------- d-----w- c:\program files\Recuva

2009-12-13 05:25 . 2009-12-13 05:25 -------- d-----w- c:\program files\Windows Portable Devices

2009-12-13 02:06 . 2009-12-14 03:14 -------- d-----w- c:\program files\PowerDataRecovery

2009-12-13 02:05 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll

2009-12-13 02:05 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll

2009-12-13 02:05 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll

2009-12-13 02:03 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll

2009-12-13 02:03 . 2009-10-01 01:01 33280 ----a-w- c:\windows\system32\WpdConns.dll

2009-12-13 02:03 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll

2009-12-13 02:03 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2009-12-13 02:03 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll

2009-12-13 02:03 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll

2009-12-13 02:03 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll

2009-12-13 02:03 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll

2009-12-13 02:03 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll

2009-12-13 02:03 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll

2009-12-13 02:03 . 2009-10-01 01:01 40448 ----a-w- c:\windows\system32\drivers\WpdUsb.sys

2009-12-13 02:03 . 2009-10-01 01:01 226816 ----a-w- c:\windows\system32\WpdMtp.dll

2009-12-13 02:03 . 2009-10-01 01:01 61952 ----a-w- c:\windows\system32\WpdMtpUS.dll

2009-12-13 02:01 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-12-13 02:01 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-12-13 02:01 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-12-12 23:08 . 2009-12-17 01:46 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\skypePM

2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\ca-ES

2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\eu-ES

2009-12-12 20:47 . 2009-12-12 20:47 -------- d-----w- c:\windows\system32\vi-VN

2009-12-12 20:04 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll

2009-12-12 20:04 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll

2009-12-12 20:04 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll

2009-12-12 20:04 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll

2009-12-12 20:04 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll

2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll

2009-12-12 20:04 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll

2009-12-12 20:04 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll

2009-12-12 20:04 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll

2009-12-12 20:04 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll

2009-12-12 20:04 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe

2009-12-12 19:41 . 2009-04-11 06:32 43496 ----a-w- c:\windows\system32\drivers\pciidex.sys

2009-12-12 19:40 . 2009-04-11 06:28 286720 ----a-w- c:\windows\system32\rasapi32.dll

2009-12-12 19:39 . 2009-04-11 06:28 677376 ----a-w- c:\windows\system32\imapi2fs.dll

2009-12-12 19:07 . 2009-12-12 19:07 -------- d-----w- c:\windows\system32\EventProviders

2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----w- c:\program files\Common Files\Skype

2009-12-12 15:27 . 2009-12-12 15:27 -------- d-----r- c:\program files\Skype

2009-12-12 12:22 . 2009-12-12 22:52 -------- d-----w- c:\programdata\hostsvr

2009-12-10 02:07 . 2009-11-09 12:31 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-10 02:07 . 2009-11-09 10:36 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-10 02:07 . 2009-11-09 12:30 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-09 16:20 . 2009-10-07 11:36 243712 ----a-w- c:\windows\system32\rastls.dll

2009-11-26 02:02 . 2009-10-29 09:17 2048 ----a-w- c:\windows\system32\tzres.dll

2009-11-25 07:08 . 2009-08-11 16:44 1401856 ----a-w- c:\windows\system32\msxml6.dll

2009-11-25 07:08 . 2009-08-11 16:44 1248768 ----a-w- c:\windows\system32\msxml3.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-12-19 17:35 . 2007-09-14 12:47 667114 ----a-w- c:\windows\system32\perfh013.dat

2009-12-19 17:35 . 2007-09-14 12:47 126648 ----a-w- c:\windows\system32\perfc013.dat

2009-12-19 17:31 . 2008-03-02 02:01 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs

2009-12-19 17:30 . 2009-01-22 23:48 8365088 --sha-w- c:\windows\system32\drivers\fidbox.dat

2009-12-19 17:30 . 2009-01-22 23:48 68528 --sha-w- c:\windows\system32\drivers\fidbox.idx

2009-12-19 17:30 . 2009-01-22 23:48 6216 --sha-w- c:\windows\system32\drivers\fidbox2.idx

2009-12-19 17:30 . 2009-01-22 23:48 1196064 --sha-w- c:\windows\system32\drivers\fidbox2.dat

2009-12-19 17:29 . 2009-06-16 23:33 -------- d-sh--w- c:\programdata\MPK

2009-12-19 15:01 . 2008-11-27 20:24 -------- d-----w- c:\programdata\Kaspersky Lab

2009-12-17 06:49 . 2008-03-12 02:49 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Skype

2009-12-16 14:12 . 2009-12-16 14:12 388096 ----a-r- c:\users\vicky iliaens\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe

2009-12-13 16:06 . 2009-12-13 16:06 658696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2009-12-13 05:25 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-12-13 05:25 . 2009-12-13 05:25 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf

2009-12-13 05:24 . 2009-12-13 05:24 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-12-12 23:08 . 2009-12-12 23:08 56 ---ha-w- c:\programdata\ezsidmv.dat

2009-12-12 22:53 . 2009-08-07 22:15 -------- d-----w- c:\program files\Unlocker

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration

2009-12-12 20:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery

2009-12-12 20:47 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender

2009-12-12 15:27 . 2008-03-12 02:47 -------- d-----w- c:\programdata\Skype

2009-12-12 13:11 . 2008-07-21 05:29 -------- d-----w- c:\program files\Samsung

2009-12-09 01:30 . 2007-09-14 03:42 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-12-05 04:30 . 2009-02-08 20:29 -------- d-----w- c:\users\vicky iliaens\AppData\Roaming\Audacity

2009-12-04 00:33 . 2008-06-15 10:26 5288 ----a-w- c:\users\vicky iliaens\AppData\Roaming\wklnhst.dat

2009-11-21 06:40 . 2009-12-09 16:21 916480 ----a-w- c:\windows\system32\wininet.dll

2009-11-21 06:34 . 2009-12-09 16:21 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-11-21 06:34 . 2009-12-09 16:21 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-11-21 04:59 . 2009-12-09 16:21 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-11-19 11:10 . 2008-11-27 19:58 680 ----a-w- c:\users\vicky iliaens\AppData\Local\d3d9caps.dat

2009-11-02 19:42 . 2009-10-02 22:34 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-10-14 13:11 . 2008-11-27 20:24 95259 ----a-w- c:\windows\system32\drivers\klick.dat

2009-10-14 13:11 . 2008-11-27 20:24 108059 ----a-w- c:\windows\system32\drivers\klin.dat

2009-10-01 01:02 . 2009-12-13 02:04 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

2009-10-01 01:02 . 2009-12-13 02:04 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

2009-10-01 01:01 . 2009-12-13 02:04 81920 ----a-w- c:\windows\system32\wpdbusenum.dll

2009-09-25 02:10 . 2009-12-13 02:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll

2009-09-25 02:07 . 2009-12-13 02:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2009-09-25 02:04 . 2009-12-13 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll

2009-09-25 01:49 . 2009-12-13 02:04 1554432 ----a-w- c:\windows\system32\xpsservices.dll

2009-09-25 01:48 . 2009-12-13 02:04 351232 ----a-w- c:\windows\system32\XpsPrint.dll

2009-09-25 01:38 . 2009-12-13 02:04 847360 ----a-w- c:\windows\system32\OpcServices.dll

2009-09-25 01:36 . 2009-12-13 02:04 280064 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2009-09-25 01:35 . 2009-12-13 02:04 135680 ----a-w- c:\windows\system32\XpsRasterService.dll

2009-09-25 01:33 . 2009-12-13 02:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll

2009-09-25 01:33 . 2009-12-13 02:04 829440 ----a-w- c:\windows\system32\d3d10warp.dll

2009-09-25 01:33 . 2009-12-13 02:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll

2009-09-25 01:32 . 2009-12-13 02:04 252928 ----a-w- c:\windows\system32\dxdiag.exe

2009-09-25 01:31 . 2009-12-13 02:04 519680 ----a-w- c:\windows\system32\d3d11.dll

2009-09-25 01:31 . 2009-12-13 02:04 486912 ----a-w- c:\windows\system32\d3d10level9.dll

2009-09-25 01:31 . 2009-12-13 02:04 161280 ----a-w- c:\windows\system32\d3d10_1.dll

2009-09-25 01:31 . 2009-12-13 02:04 218112 ----a-w- c:\windows\system32\d3d10_1core.dll

2009-09-25 01:31 . 2009-12-13 02:04 1030144 ----a-w- c:\windows\system32\d3d10.dll

2009-09-25 01:31 . 2009-12-13 02:04 828928 ----a-w- c:\windows\system32\d2d1.dll

2009-09-25 01:30 . 2009-12-13 02:04 481792 ----a-w- c:\windows\system32\dxgi.dll

2009-09-25 01:30 . 2009-12-13 02:04 190464 ----a-w- c:\windows\system32\d3d10core.dll

2009-09-25 01:27 . 2009-12-13 02:04 634880 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2009-09-25 01:27 . 2009-12-13 02:04 37888 ----a-w- c:\windows\system32\cdd.dll

2009-09-25 01:27 . 2009-12-13 02:04 793088 ----a-w- c:\windows\system32\FntCache.dll

2009-09-25 01:27 . 2009-12-13 02:04 1064448 ----a-w- c:\windows\system32\DWrite.dll

2009-09-24 22:54 . 2009-12-13 02:04 258048 ----a-w- c:\windows\system32\winspool.drv

2009-09-24 22:54 . 2009-12-13 02:04 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2009-09-24 22:54 . 2009-12-13 02:04 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2007-09-14 13:09 . 2007-09-14 12:51 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{0BC6E3FA-78EF-4886-842C-5A1258C4455A}"= "c:\program files\AGI\common\agcutils.dll" [2008-12-01 688128]

[HKEY_CLASSES_ROOT\clsid\{0bc6e3fa-78ef-4886-842c-5a1258c4455a}]

[HKEY_CLASSES_ROOT\agcutils.AGSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{647B16D8-AD7B-4983-82D7-82A270FC9E6D}]

[HKEY_CLASSES_ROOT\agcutils.AGSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]

2008-12-01 00:14 688128 ----a-w- c:\program files\AGI\common\agcutils.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-01 153136]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]

"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-08-14 565008]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-08-14 2407184]

"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-02-05 201992]

"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"SysMon"="c:\programdata\SysMon\SysMon.dll" [2008-01-24 626688]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]

"Mpk.exe"="c:\program files\KGB\Mpk.exe" [2007-10-09 930304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup

backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

2007-05-24 11:13 71176 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]

2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2008-05-22 12:49 13539872 ----a-w- c:\windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2008-05-22 12:49 92704 ----a-w- c:\windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]

2007-02-15 11:59 118784 ----a-w- c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]

2007-04-07 00:56 54936 ----a-w- c:\windows\System32\jureg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WPCUMI]

2006-11-02 12:35 176128 ----a-w- c:\windows\System32\wpcumi.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"VistaSp2"=hex(:99,31,99,d3,6d,7b,ca,01

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 33808]

R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19:02 26640]

S2 AGWinService;AG Windows Service;c:\program files\AGI\common\win32\pythonservice.exe [1/10/2008 23:18 10240]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [26/06/2008 13:21 21504]

S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [6/08/2009 0:35 54632]

S3 fsssvc;De service Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [5/08/2009 21:48 704864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

------- Bijkomende Scan -------

.

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=NL_BE&c=74&bd=Pavilion&pf=desktop

uInternet Settings,ProxyOverride = *.local

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

LSP: c:\windows\system32\wpclsp.dll

DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab

FF - ProfilePath - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\

FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157

FF - prefs.js: keyword.URL - hxxp://kwtb.search.imgag.com/?c=GNKIW29193&sbs=1&sc=2&f=web&vernum=1.0&uid=&did=f8d4a70c-98e2-4081-901d-01bf93043ede&q=

FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

.

- - - - ORPHANS VERWIJDERD - - - -

BHO-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

Toolbar-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - c:\program files\Kiwee Toolbar\2.8.167\KiweeIEToolbar.dll

HKLM-Run-hostsvr - c:\windows\hostsvr\hostsvr.exe

HKLM-RunOnce-FFTI - c:\users\vicky iliaens\AppData\Roaming\Mozilla\Firefox\Profiles\mf6vci4g.default\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\ffti.exe

MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe

MSConfigStartUp-KiweeHook - c:\program files\Kiwee Toolbar\2.8.167\kwtbaim.exe

MSConfigStartUp-SSC Service Utility - c:\program files\SSC Service Utility\ssc_serv.exe

MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

MSConfigStartUp-TrayServer - c:\program files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe

MSConfigStartUp-Uniblue RegistryBooster 2 - c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2009-12-19 18:44

Windows 6.0.6002 Service Pack 2 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:00000000

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'Explorer.exe'(8520)

c:\windows\TEMP\logishrd\LVPrcInj01.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\system32\nvvsvc.exe

c:\windows\system32\rundll32.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

c:\program files\Windows Media Player\wmpnetwk.exe

.

**************************************************************************

.

Voltooingstijd: 2009-12-19 18:53:16 - machine werd herstart

ComboFix-quarantined-files.txt 2009-12-19 17:53

Pre-Run: 157.879.857.152 bytes beschikbaar

Post-Run: 160.725.065.728 bytes beschikbaar

Current=1 Default=1 Failed=0 LastKnownGood=51 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51

- - End Of File - - ABA3A3994C0C207C9231499094BE54E0

Inloggen

Run DLL32 host proces werkt niet meer ?

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

Gerelateerde inhoud

OVER ONS

SITEMAP

Belangrijke informatie