melbie

het probleem is daardoor niet verdwenen

vista

hoe kan ik dat doen?

kleine 2 weken

Ik heb een opstart probleem met de computer. Nu geeft hij bij configuatiescherm het volgend probleem aan bij opstarten: Beschrijving The Windows User-Mode Driver Framework detected that a driver host-process disconnected unexpectedly. This report contains information about the process and the drivers running within and will be used to improve the quality of these drivers. Probleem met handtekening Naam van probleemgebeurtenis: WUDFHostProblem EventClass: HostProblem Problem: HostDisconnect DetectedBy: 2 UMDFVersion: 6.0.6001.18000. (longhorn_rtm.080118-1840) ExitCode: 103 Operation: 0 Message: 0 Status: ffffffff Versie van besturingssysteem: 6.0.6001.2.1.0.768.3 Landinstelling-id: 1043 Extra informatie over het probleem Bucket-id: 158446613 Wat moet ik hier mee doen??

hartstikke bedankt voor alles.. Ik ga verder op zoek.. misschien dat de tips nog werken.. Mvg

is er uberhaupt nog iets aan dit opstart probleem te doen? Ik ben mijn laptop volgend jaar voor school veel nodig (ga ICT doen) dus zou dan wel graag willen dat alles goed doet.

het opstarten duurt nog steeds zolang... het heeft geen invloed gehad.. Wat was de boosdoener als ik vragen mag?

log malware: Malwarebytes' Anti-Malware 1.38 Database versie: 2337 Windows 6.0.6001 Service Pack 1 26-6-2009 12:45:05 mbam-log-2009-06-26 (12-45-05).txt Scan type: Snelle Scan Objecten gescand: 77386 Verstreken tijd: 7 minute(s), 53 second(s) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata bestanden geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige items gevonden) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige items gevonden) Registersleutels geïnfecteerd: (Geen kwaadaardige items gevonden) Registerwaarden geïnfecteerd: (Geen kwaadaardige items gevonden) Registerdata bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Mappen geïnfecteerd: (Geen kwaadaardige items gevonden) Bestanden geïnfecteerd: (Geen kwaadaardige items gevonden) Log combofix: ComboFix 09-06-25.05 - Melanie 26-06-2009 12:49.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2047.1057 [GMT 2:00] Gestart vanuit: c:\users\Melanie\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\desktop.ini E:\Autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-26 to 2009-06-26 )))))))))))))))))))))))))))))) . 2009-06-26 10:56 . 2009-06-26 10:56 -------- d-----w- c:\users\Melanie\AppData\Local\temp 2009-06-26 10:36 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-26 10:36 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-26 10:36 . 2009-06-26 10:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2 2009-06-11 13:28 . 2009-06-11 13:28 139152 ----a-w- c:\users\Melanie\AppData\Roaming\PnkBstrK.sys 2009-06-11 13:28 . 2009-06-11 13:28 794408 ----a-w- c:\windows\system32\pbsvc.exe 2009-06-10 13:30 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-10 13:30 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-10 13:29 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-04 14:03 . 2009-05-15 13:32 1283448 ----a-w- c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe 2009-06-04 14:03 . 2009-05-15 13:32 729088 ----a-w- c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll 2009-06-04 11:45 . 2007-03-20 13:49 2781184 ----a-w- c:\users\Melanie\AppData\Roaming\Adobe\Dreamweaver 9\Configuration\Flash Player\authplay.dll 2009-06-04 10:40 . 2007-03-23 03:05 29272 ----a-r- c:\windows\system32\AdobePDF.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-26 09:49 . 2009-05-19 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-26 07:36 . 2009-03-16 17:30 34 ----a-w- c:\windows\system32\BD2030.DAT 2009-06-25 20:57 . 2009-04-08 18:22 -------- d-----w- c:\programdata\Google Updater 2009-06-23 21:26 . 2009-04-23 19:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-06-23 21:10 . 2009-04-23 19:28 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-22 07:50 . 2008-01-21 06:47 670308 ----a-w- c:\windows\system32\perfh013.dat 2009-06-22 07:50 . 2008-01-21 06:47 127900 ----a-w- c:\windows\system32\perfc013.dat 2009-06-15 14:30 . 2009-03-17 16:42 55487 ----a-w- c:\users\Melanie\AppData\Roaming\nvModes.dat 2009-06-15 13:51 . 2009-04-17 10:36 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-15 13:51 . 2009-04-17 10:35 189640 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-14 12:07 . 2009-02-28 16:09 -------- d-----w- c:\programdata\Microsoft Help 2009-06-04 08:48 . 2009-03-01 12:46 -------- d-----w- c:\users\Melanie\AppData\Roaming\uTorrent 2009-06-04 08:30 . 2009-05-04 20:32 -------- d-----w- c:\users\Melanie\AppData\Roaming\DivX 2009-05-19 19:45 . 2009-04-08 18:22 -------- d-----w- c:\program files\Google 2009-05-19 19:39 . 2009-05-19 19:39 -------- d-----w- c:\users\Melanie\AppData\Roaming\Malwarebytes 2009-05-19 19:39 . 2009-05-19 19:39 -------- d-----w- c:\programdata\Malwarebytes 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----w- c:\program files\Trend Micro 2009-05-18 17:51 . 2009-05-12 19:03 -------- d-----w- c:\programdata\Zylom 2009-05-17 12:03 . 2009-05-17 12:03 -------- d-----w- c:\program files\Lavalys 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft SQL Server 2009-05-16 13:12 . 2009-05-16 13:04 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft Synchronization Services 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-05-16 13:11 . 2009-05-16 13:11 193824 ----a-w- c:\programdata\Microsoft\VBExpress\9.0\1033\ResourceCache.dll 2009-05-16 13:10 . 2009-05-16 13:10 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll 2009-05-16 13:03 . 2009-05-16 13:03 -------- d-----w- c:\program files\Microsoft SDKs 2009-05-15 16:21 . 2009-05-15 14:08 -------- d-----w- c:\users\Melanie\AppData\Roaming\Notepad++ 2009-05-15 14:08 . 2009-05-15 14:08 -------- d-----w- c:\program files\Notepad++ 2009-05-14 15:05 . 2009-02-28 16:05 -------- d-----w- c:\users\Melanie\AppData\Roaming\DAEMON Tools Lite 2009-05-14 05:43 . 2009-05-14 05:43 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-05-14 05:43 . 2009-05-14 05:43 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-05-13 20:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-13 12:29 . 2009-02-28 15:59 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-05-12 19:03 . 2009-05-12 19:03 -------- d-----w- c:\program files\Zylom Games 2009-05-04 20:31 . 2009-05-04 20:30 -------- d-----w- c:\program files\DivX 2009-05-04 20:31 . 2009-05-04 20:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-05-04 20:30 . 2009-05-04 20:30 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-05-04 14:21 . 2009-04-23 19:48 -------- d-----w- c:\programdata\Lavasoft 2009-05-04 14:21 . 2009-04-23 19:48 -------- d-----w- c:\program files\Lavasoft 2009-04-24 16:05 . 2009-06-10 13:31 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-10 13:31 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-10 13:31 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-23 12:42 . 2009-06-10 13:31 636928 ----a-w- c:\windows\system32\localspl.dll 2009-04-21 11:55 . 2009-06-10 13:31 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-04-17 10:35 . 2009-04-17 10:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll 2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll 2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll 2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll 2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll 2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll 2009-04-09 13:21 . 2009-04-09 13:21 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys 2009-04-09 13:21 . 2009-04-09 13:21 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys 2009-04-09 13:21 . 2009-04-09 13:21 133000 ----a-w- c:\windows\system32\drivers\epfw.sys 2009-04-09 13:18 . 2009-04-09 13:18 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys 2009-04-09 13:10 . 2009-04-09 13:10 113960 ----a-w- c:\windows\system32\drivers\eamon.sys 2009-04-09 09:05 . 2009-04-09 09:05 86016 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\ZylomHost.exe 2009-04-09 09:05 . 2009-04-09 09:05 49152 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\ZylomAdapter.dll 2009-04-09 09:04 . 2009-04-09 09:04 1810432 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\cookingdash.exe 2009-04-06 10:14 . 2009-04-06 10:14 86016 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\ZylomHost.exe 2009-04-06 10:14 . 2009-04-06 10:14 49152 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\ZylomAdapter.dll 2009-04-06 10:14 . 2009-04-06 10:14 1974272 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\PetShopHop.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2009-03-06 2356088] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768] "BsMnt"="c:\windows\BisonCam\BsMnt.exe" [2007-03-15 172032] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "NvSvc"="c:\windows\system32\nvsvc.dll" [2009-02-28 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-28 8501792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-28 81920] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-09-07 561152] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-04 148888] "Acrobat Assistant 8.0"="e:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2009-02-28 4669440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-2-22 2938184] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{DD3AEED5-F8E3-411E-A91A-AF45EDF6BC34}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{AF7C98C0-AC58-4164-AB07-F807C9430C36}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{81C1091D-8A2A-459E-AFD7-208FA5BCD7A4}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{533C90E6-52E1-4640-BDDA-478FDE20385F}"= UDP:3703:Adobe Version Cue CS3 Server "{38C70365-5E06-42FE-B0F1-BBD87FF46144}"= UDP:3704:Adobe Version Cue CS3 Server "{ED05EE4B-8FA2-46A9-8EB9-9BB04372BBCD}"= UDP:50900:Adobe Version Cue CS3 Server "{723B5A69-E7A8-47CE-B9AA-6A21764EFF8C}"= UDP:50901:Adobe Version Cue CS3 Server "{CE508F1A-CC0A-4ECE-840E-6FA3F12210BD}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{4F4C03A4-CC73-4F5A-85EC-7ED9089FCDED}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "TCP Query User{02430E35-56A6-4B44-9852-A73CC80D6E56}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= UDP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "UDP Query User{100C6891-4C1A-4B03-B9CA-55DB9C5F9610}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= TCP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "TCP Query User{C2DE9500-81E9-446D-BD99-8C82E394B456}f:\\rct.exe"= UDP:F:\rct.exe:rct "UDP Query User{5F377653-4E33-4A15-B52F-EC8B7F330B32}f:\\rct.exe"= TCP:F:\rct.exe:rct "TCP Query User{335467CD-684F-4185-B1A2-B38ED6A7CE06}c:\\program files\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing "UDP Query User{BE65CD35-2EDC-4D97-A91A-29A95ABA3206}c:\\program files\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing "{FF5AA665-34FD-4715-8422-79898A1447F3}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{66F7EBAB-5C0C-4DC5-B33F-487C5F096F14}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{83C5C7E5-CB39-4849-86CD-A4E7C7BD7424}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{F491C38D-BBF7-4FD6-BDC4-310F74137E58}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [3-4-2007 11:04 39680] R0 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [2-4-2007 17:11 35712] R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [9-4-2009 15:18 107256] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [9-4-2009 15:19 731840] R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [9-4-2009 15:21 38240] R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [28-2-2009 17:45 61440] R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [27-2-2009 18:07 185640] R3 MGHwCtrl;MGHwCtrl;c:\windows\System32\drivers\MGHwCtrl.sys [28-2-2009 17:45 19456] S2 gupdate1c9b8771cb734b1;Google Updateservice (gupdate1c9b8771cb734b1);c:\program files\Google\Update\GoogleUpdate.exe [8-4-2009 20:23 133104] --- Andere Services/Drivers In Geheugen --- *Deregistered* - MBAMSwissArmy . Inhoud van de 'Gedeelde Taken' map 2009-06-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-08 18:22] 2009-06-26 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 18:23] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 10.66.10.25:8080 FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\ FF - prefs.js: browser.startup.homepage - Vinden.nl FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - plugin: e:\program files\Adobe\Acrobat 8.0\Acrobat\browser\nppdf32.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-26 12:56 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "EditionName"=" " "PackageTag"=dword:6090e758 "AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\" "DataDir"="ESET\\ESET Smart Security\\" "InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\" "LanguageId"=dword:00000413 "ProductBase"=dword:00000001 "ProductCode"="{D0A46409-11C3-493C-83C5-97BA05419A12}" "ProductName"="ESET Smart Security" "ProductType"="ess" "ProductVersion"="4.0.424.0" "UniqueId"="000445F449F1C97B" "ScannerBuild"=dword:00001283 "ScannerVersionId"=dword:00000f9d "ScannerVersion"="Locked/open ESET for status." "FixId"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(372) c:\windows\system32\TosBtExt.dll c:\windows\BisonCam\KBHookDLL.dll c:\users\Melanie\AppData\Local\Temp\catchme.dll c:\windows\system32\ac3acm.acm . Voltooingstijd: 2009-06-26 13:01 ComboFix-quarantined-files.txt 2009-06-26 11:00 Pre-Run: 12.170.866.688 bytes beschikbaar Post-Run: 12.116.443.136 bytes beschikbaar 230 --- E O F --- 2009-06-25 21:03 Log Hijack ComboFix 09-06-25.05 - Melanie 26-06-2009 12:49.1 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.31.1043.18.2047.1057 [GMT 2:00] Gestart vanuit: c:\users\Melanie\Downloads\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Aanwezig AV is actief . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\desktop.ini E:\Autorun.inf . (((((((((((((((((((( Bestanden Gemaakt van 2009-05-26 to 2009-06-26 )))))))))))))))))))))))))))))) . 2009-06-26 10:56 . 2009-06-26 10:56 -------- d-----w- c:\users\Melanie\AppData\Local\temp 2009-06-26 10:36 . 2009-06-17 09:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-26 10:36 . 2009-06-17 09:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-26 10:36 . 2009-06-26 10:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2 2009-06-11 13:28 . 2009-06-11 13:28 139152 ----a-w- c:\users\Melanie\AppData\Roaming\PnkBstrK.sys 2009-06-11 13:28 . 2009-06-11 13:28 794408 ----a-w- c:\windows\system32\pbsvc.exe 2009-06-10 13:30 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-10 13:30 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-10 13:29 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-04 14:03 . 2009-05-15 13:32 1283448 ----a-w- c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe 2009-06-04 14:03 . 2009-05-15 13:32 729088 ----a-w- c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll 2009-06-04 11:45 . 2007-03-20 13:49 2781184 ----a-w- c:\users\Melanie\AppData\Roaming\Adobe\Dreamweaver 9\Configuration\Flash Player\authplay.dll 2009-06-04 10:40 . 2007-03-23 03:05 29272 ----a-r- c:\windows\system32\AdobePDF.dll . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-26 09:49 . 2009-05-19 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-26 07:36 . 2009-03-16 17:30 34 ----a-w- c:\windows\system32\BD2030.DAT 2009-06-25 20:57 . 2009-04-08 18:22 -------- d-----w- c:\programdata\Google Updater 2009-06-23 21:26 . 2009-04-23 19:28 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-06-23 21:10 . 2009-04-23 19:28 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-22 07:50 . 2008-01-21 06:47 670308 ----a-w- c:\windows\system32\perfh013.dat 2009-06-22 07:50 . 2008-01-21 06:47 127900 ----a-w- c:\windows\system32\perfc013.dat 2009-06-15 14:30 . 2009-03-17 16:42 55487 ----a-w- c:\users\Melanie\AppData\Roaming\nvModes.dat 2009-06-15 13:51 . 2009-04-17 10:36 138520 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-06-15 13:51 . 2009-04-17 10:35 189640 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-06-14 12:07 . 2009-02-28 16:09 -------- d-----w- c:\programdata\Microsoft Help 2009-06-04 08:48 . 2009-03-01 12:46 -------- d-----w- c:\users\Melanie\AppData\Roaming\uTorrent 2009-06-04 08:30 . 2009-05-04 20:32 -------- d-----w- c:\users\Melanie\AppData\Roaming\DivX 2009-05-19 19:45 . 2009-04-08 18:22 -------- d-----w- c:\program files\Google 2009-05-19 19:39 . 2009-05-19 19:39 -------- d-----w- c:\users\Melanie\AppData\Roaming\Malwarebytes 2009-05-19 19:39 . 2009-05-19 19:39 -------- d-----w- c:\programdata\Malwarebytes 2009-05-19 18:57 . 2009-05-19 18:57 -------- d-----w- c:\program files\Trend Micro 2009-05-18 17:51 . 2009-05-12 19:03 -------- d-----w- c:\programdata\Zylom 2009-05-17 12:03 . 2009-05-17 12:03 -------- d-----w- c:\program files\Lavalys 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft SQL Server 2009-05-16 13:12 . 2009-05-16 13:04 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft Synchronization Services 2009-05-16 13:12 . 2009-05-16 13:12 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2009-05-16 13:11 . 2009-05-16 13:11 193824 ----a-w- c:\programdata\Microsoft\VBExpress\9.0\1033\ResourceCache.dll 2009-05-16 13:10 . 2009-05-16 13:10 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll 2009-05-16 13:03 . 2009-05-16 13:03 -------- d-----w- c:\program files\Microsoft SDKs 2009-05-15 16:21 . 2009-05-15 14:08 -------- d-----w- c:\users\Melanie\AppData\Roaming\Notepad++ 2009-05-15 14:08 . 2009-05-15 14:08 -------- d-----w- c:\program files\Notepad++ 2009-05-14 15:05 . 2009-02-28 16:05 -------- d-----w- c:\users\Melanie\AppData\Roaming\DAEMON Tools Lite 2009-05-14 05:43 . 2009-05-14 05:43 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-05-14 05:43 . 2009-05-14 05:43 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-05-13 20:27 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-13 12:29 . 2009-02-28 15:59 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-05-12 19:03 . 2009-05-12 19:03 -------- d-----w- c:\program files\Zylom Games 2009-05-04 20:31 . 2009-05-04 20:30 -------- d-----w- c:\program files\DivX 2009-05-04 20:31 . 2009-05-04 20:31 -------- d-----w- c:\program files\Common Files\PX Storage Engine 2009-05-04 20:30 . 2009-05-04 20:30 -------- d-----w- c:\program files\Common Files\DivX Shared 2009-05-04 14:21 . 2009-04-23 19:48 -------- d-----w- c:\programdata\Lavasoft 2009-05-04 14:21 . 2009-04-23 19:48 -------- d-----w- c:\program files\Lavasoft 2009-04-24 16:05 . 2009-06-10 13:31 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-10 13:31 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-10 13:31 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-23 12:42 . 2009-06-10 13:31 636928 ----a-w- c:\windows\system32\localspl.dll 2009-04-21 11:55 . 2009-06-10 13:31 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-04-17 10:35 . 2009-04-17 10:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll 2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll 2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll 2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll 2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll 2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll 2009-04-09 13:21 . 2009-04-09 13:21 38240 ----a-w- c:\windows\system32\drivers\epfwwfp.sys 2009-04-09 13:21 . 2009-04-09 13:21 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys 2009-04-09 13:21 . 2009-04-09 13:21 133000 ----a-w- c:\windows\system32\drivers\epfw.sys 2009-04-09 13:18 . 2009-04-09 13:18 107256 ----a-w- c:\windows\system32\drivers\ehdrv.sys 2009-04-09 13:10 . 2009-04-09 13:10 113960 ----a-w- c:\windows\system32\drivers\eamon.sys 2009-04-09 09:05 . 2009-04-09 09:05 86016 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\ZylomHost.exe 2009-04-09 09:05 . 2009-04-09 09:05 49152 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\ZylomAdapter.dll 2009-04-09 09:04 . 2009-04-09 09:04 1810432 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\cookingdash\nl-NL\cookingdash.exe 2009-04-06 10:14 . 2009-04-06 10:14 86016 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\ZylomHost.exe 2009-04-06 10:14 . 2009-04-06 10:14 49152 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\ZylomAdapter.dll 2009-04-06 10:14 . 2009-04-06 10:14 1974272 ----a-w- c:\programdata\Zylom\ZylomGamesPlayer\zylom\petshophop\nl-NL\PetShopHop.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] "AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2009-03-06 2356088] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768] "BsMnt"="c:\windows\BisonCam\BsMnt.exe" [2007-03-15 172032] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "NvSvc"="c:\windows\system32\nvsvc.dll" [2009-02-28 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-28 8501792] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-28 81920] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2007-09-07 561152] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-04 148888] "Acrobat Assistant 8.0"="e:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-10-14 623992] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2009-02-28 4669440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-2-22 2938184] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{DD3AEED5-F8E3-411E-A91A-AF45EDF6BC34}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{AF7C98C0-AC58-4164-AB07-F807C9430C36}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{81C1091D-8A2A-459E-AFD7-208FA5BCD7A4}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{533C90E6-52E1-4640-BDDA-478FDE20385F}"= UDP:3703:Adobe Version Cue CS3 Server "{38C70365-5E06-42FE-B0F1-BBD87FF46144}"= UDP:3704:Adobe Version Cue CS3 Server "{ED05EE4B-8FA2-46A9-8EB9-9BB04372BBCD}"= UDP:50900:Adobe Version Cue CS3 Server "{723B5A69-E7A8-47CE-B9AA-6A21764EFF8C}"= UDP:50901:Adobe Version Cue CS3 Server "{CE508F1A-CC0A-4ECE-840E-6FA3F12210BD}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{4F4C03A4-CC73-4F5A-85EC-7ED9089FCDED}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "TCP Query User{02430E35-56A6-4B44-9852-A73CC80D6E56}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= UDP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "UDP Query User{100C6891-4C1A-4B03-B9CA-55DB9C5F9610}c:\\program files\\hasbro interactive\\rollercoaster tycoon\\rct.exe"= TCP:c:\program files\hasbro interactive\rollercoaster tycoon\rct.exe:rct "TCP Query User{C2DE9500-81E9-446D-BD99-8C82E394B456}f:\\rct.exe"= UDP:F:\rct.exe:rct "UDP Query User{5F377653-4E33-4A15-B52F-EC8B7F330B32}f:\\rct.exe"= TCP:F:\rct.exe:rct "TCP Query User{335467CD-684F-4185-B1A2-B38ED6A7CE06}c:\\program files\\shareaza\\shareaza.exe"= UDP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing "UDP Query User{BE65CD35-2EDC-4D97-A91A-29A95ABA3206}c:\\program files\\shareaza\\shareaza.exe"= TCP:c:\program files\shareaza\shareaza.exe:Shareaza Ultimate File Sharing "{FF5AA665-34FD-4715-8422-79898A1447F3}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{66F7EBAB-5C0C-4DC5-B33F-487C5F096F14}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{83C5C7E5-CB39-4849-86CD-A4E7C7BD7424}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{F491C38D-BBF7-4FD6-BDC4-310F74137E58}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R0 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [3-4-2007 11:04 39680] R0 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [2-4-2007 17:11 35712] R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [9-4-2009 15:18 107256] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [9-4-2009 15:19 731840] R2 epfwwfp;epfwwfp;c:\windows\System32\drivers\epfwwfp.sys [9-4-2009 15:21 38240] R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [28-2-2009 17:45 61440] R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [27-2-2009 18:07 185640] R3 MGHwCtrl;MGHwCtrl;c:\windows\System32\drivers\MGHwCtrl.sys [28-2-2009 17:45 19456] S2 gupdate1c9b8771cb734b1;Google Updateservice (gupdate1c9b8771cb734b1);c:\program files\Google\Update\GoogleUpdate.exe [8-4-2009 20:23 133104] --- Andere Services/Drivers In Geheugen --- *Deregistered* - MBAMSwissArmy . Inhoud van de 'Gedeelde Taken' map 2009-06-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-08 18:22] 2009-06-26 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-08 18:23] . . ------- Bijkomende Scan ------- . uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = 10.66.10.25:8080 FF - ProfilePath - c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\ FF - prefs.js: browser.startup.homepage - Vinden.nl FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.145.5\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll FF - plugin: c:\programdata\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll FF - plugin: c:\users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\a4zbv2a3.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll FF - plugin: e:\program files\Adobe\Acrobat 8.0\Acrobat\browser\nppdf32.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2009-06-26 12:56 Windows 6.0.6001 Service Pack 1 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "EditionName"=" " "PackageTag"=dword:6090e758 "AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\" "DataDir"="ESET\\ESET Smart Security\\" "InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\" "LanguageId"=dword:00000413 "ProductBase"=dword:00000001 "ProductCode"="{D0A46409-11C3-493C-83C5-97BA05419A12}" "ProductName"="ESET Smart Security" "ProductType"="ess" "ProductVersion"="4.0.424.0" "UniqueId"="000445F449F1C97B" "ScannerBuild"=dword:00001283 "ScannerVersionId"=dword:00000f9d "ScannerVersion"="Locked/open ESET for status." "FixId"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(372) c:\windows\system32\TosBtExt.dll c:\windows\BisonCam\KBHookDLL.dll c:\users\Melanie\AppData\Local\Temp\catchme.dll c:\windows\system32\ac3acm.acm . Voltooingstijd: 2009-06-26 13:01 ComboFix-quarantined-files.txt 2009-06-26 11:00 Pre-Run: 12.170.866.688 bytes beschikbaar Post-Run: 12.116.443.136 bytes beschikbaar 230 --- E O F --- 2009-06-25 21:03 ---------- Post added at 13:04 ---------- Previous post was at 13:03 ---------- log hijack: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:02:59, on 26-6-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\BisonCam\BisonHK.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Java\jre6\bin\jusched.exe E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe C:\Windows\system32\conime.exe C:\ComboFix\hidec.exe C:\Windows\system32\cmd.exe C:\Windows\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\ComboFix\Catchme.tmp C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.66.10.25:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (file missing) O4 - HKLM\..\Run: [bisonHK] C:\Windows\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [bsMnt] C:\Windows\BisonCam\BsMnt.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9b8771cb734b1) (gupdate1c9b8771cb734b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 6951 bytes

Malwarebytes' Anti-Malware blijft vastlopen nadat ik op de snelle scan heb geklikt. Ik heb het programma al verwijderd en opnieuw gedownload maar dit mocht geen baat hebben

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:45:03, on 24-6-2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\BisonCam\BisonHK.exe C:\Windows\BisonCam\BsMnt.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\rundll32.exe C:\Windows\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Java\jre6\bin\jusched.exe E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.66.10.25:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [bisonHK] C:\Windows\BisonCam\BisonHK.exe O4 - HKLM\..\Run: [bsMnt] C:\Windows\BisonCam\BsMnt.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth Manager.lnk = ? O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updateservice (gupdate1c9b8771cb734b1) (gupdate1c9b8771cb734b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: SCM Driver Daemon (NishService) - Unknown owner - C:\Program Files\System Control Manager\edd.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Oz128 Driver\o2flash.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- End of file - 8143 bytes

Hallo, Het opstarten van de laptop duurt iedere keer langer. Ik heb een vrij nieuwe laptop 8 maanden oud, maar heb al verschillende problemen gehad. Weet iemand wat ik kan doen?? mvg

Hallo, Ik hoop dat ik het in de goede onderwerp heb geplaatst. Ik heb vandaag een probleem gehad met de FN knop op het toetsenbord. Zodra ik een cijfer, letter e.d. in drukte (zonder dat ik de fn knop raakte) gebeurde er wat er normaal gebeurd als je de FN knop inhoud. Zodra ik die wel inhield en een knop intoets dan doet hij het normale. Het is dus omgedraaid. Hoe kan ik dit probleem oplossen?? Groeten