Windows Explorer sluit automatisch af

kape · 11 november 2010

Uitstekend ... En wat Hitman Pro betreft : ben daar persoonlijk niet echt zo'n fan van. Zou die van de PC halen. Je hebt genoeg andere tools aan boord die hetzelfde werk doen, maar dan beter. Maar dat is een persoonlijke keuze. Laat maar weten wat je er mee wil doen, dan ruimen we - indien je dat wenst - Hitman Pro ineens mee op bij de "grote schoonmaak" ?

12 november 2010 aangepast door kape

Floris · 12 november 2010

Prima. Ik had het er alleen maar opgezet om dit probleem op te lossen. Dus laten we hem maar opruimen.

kape · 12 november 2010

Eerste opruiming : Hitman Pro !

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\system32\drivers\hitmanpro35.sys

Driver::

hitmanpro35.sys

Folder::

c:\documents and settings\All Users\Application Data\Hitman Pro

c:\program files\Hitman Pro 3.5

Registry::

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HitmanPro35"=-

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Floris · 12 november 2010

ComboFix 10-11-11.01 - 12-11-2010 9:25.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.459 [GMT 1:00]

Gestart vanuit: c:\documents and settings\F.\Mijn documenten\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\F.\Bureaublad\cfscript.txt

AV: Lavasoft Ad-Watch Live! Antivirus *On-access scanning enabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

FILE ::

"c:\windows\system32\drivers\hitmanpro35.sys"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\14d02158d1dc4c498d1acd9638684120\Name.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\1760917c94a6dfc5d7404399c61fafee\mysql.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\20252d6e001ae3774b425e81ba09b666\Fcntl.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\2076671ee5d0a5323570c92c74abac6f\Process.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\23fe5d76b9491fa255db2281ac7687d5\Service.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\2f0807b0946b0fe6a4923ffadf1218fc\vxs.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\461090bfc26706cc26ffa02662c1592c\Syck.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\48a4e6ef370984d8d9ce53660d66a7a5\Unicode.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\4e3813a1edb6903dcc223941e51f7e18\Parser.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\52831fecbfbbfee1a05b91977e499808\File.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\52ade7602469b51858072e874c345e37\ReadKey.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\5f6960e0234e0b14396e4c82a1f56c8f\HiRes.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\5ff67c77560df778223e3ec495b98f1e\Hebrew.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\62aa3b09ac39e34fd76505142c94e975\Storable.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\6a834a555edd63cb8706466e7c1666f2\Hostname.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\6c1da131f436ce35edb0690f338bdad8\File.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\6c25de79371a4db1d7e8eff0d11d5337\Base64.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\6eca2cf2961ac400050de852a1cbef9b\Byte.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\7020d50af327e3fc94b98242c307fc81\Cwd.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\76c0175b78e6f49c7544e19221d4457d\IO.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\7f9ff3ad81764beeba03ee61ad6c13d3\Scan.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\81368e51ca54d10b955b02b2e5382e48\Peek.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\855297e7b4b860331fdbdd53426f5e15\Dumper.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\86351894c58e4804ca004825fea78bbb\Encode.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\880556fb31088a703b58d0705c4f2b53\DBI.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\89c552b9aa641030773cbce7545c6143\XS.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\90198bd2c008178752393a8740fa6369\XS.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\9076f6dacaea506ecfb169822b132706\MD5.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\952d7675581ad6751c38c1bc1610a553\EV.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\b7b4505cb0a127c242f14d779e410e03\POSIX.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\bb8ac2d2050e30577927a7ac95d99cd9\GD.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\c06adade199b7f380d57181669fb22c1\Util.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\c8b0e39733c3e73e232a64a5c305ca76\API.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\e1ea0dbaf8a3ac5d1f0be83f219f8571\FastCalc.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\e775fca35641b4340ecf5cdba1fc6f62\Expat.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\ea4a4f99088551dd603ccfbabfaf3932\XSAccessor.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\f48694173221cfa9bad4275e2389b498\Win32.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\fc665959964b1312aee9d476290accdc\SHA1.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\fc8b9fd242032de837413f14e26ce21c\Zlib.dll

c:\docume~1\F1084~1.BAN\LOCALS~1\Temp\pdk-F.-2980\perl510.dll

c:\documents and settings\All Users\Application Data\Hitman Pro

c:\documents and settings\All Users\Application Data\Hitman Pro\Banner.bin

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\14d02158d1dc4c498d1acd9638684120\Name.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\1760917c94a6dfc5d7404399c61fafee\mysql.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\20252d6e001ae3774b425e81ba09b666\Fcntl.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\2076671ee5d0a5323570c92c74abac6f\Process.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\23ae7fb85999872530b5a5d4d67a4f44\Registry.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\23fe5d76b9491fa255db2281ac7687d5\Service.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\2d2847f7dd2a1fddd0fdb79d9d64ba93\List.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\2f0807b0946b0fe6a4923ffadf1218fc\vxs.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\461090bfc26706cc26ffa02662c1592c\Syck.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\48a4e6ef370984d8d9ce53660d66a7a5\Unicode.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\4e3813a1edb6903dcc223941e51f7e18\Parser.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\52831fecbfbbfee1a05b91977e499808\File.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\52ade7602469b51858072e874c345e37\ReadKey.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\5f6960e0234e0b14396e4c82a1f56c8f\HiRes.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\5ff67c77560df778223e3ec495b98f1e\Hebrew.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\62aa3b09ac39e34fd76505142c94e975\Storable.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\6a834a555edd63cb8706466e7c1666f2\Hostname.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\6c1da131f436ce35edb0690f338bdad8\File.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\6c25de79371a4db1d7e8eff0d11d5337\Base64.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\6eca2cf2961ac400050de852a1cbef9b\Byte.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\7020d50af327e3fc94b98242c307fc81\Cwd.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\76c0175b78e6f49c7544e19221d4457d\IO.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\7dd16cc839f33995d1a58e2773aa29b8\WinError.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\7f9ff3ad81764beeba03ee61ad6c13d3\Scan.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\81368e51ca54d10b955b02b2e5382e48\Peek.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\855297e7b4b860331fdbdd53426f5e15\Dumper.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\86351894c58e4804ca004825fea78bbb\Encode.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\880556fb31088a703b58d0705c4f2b53\DBI.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\89c552b9aa641030773cbce7545c6143\XS.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\90198bd2c008178752393a8740fa6369\XS.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\9076f6dacaea506ecfb169822b132706\MD5.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\952d7675581ad6751c38c1bc1610a553\EV.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\a7c0cce4e1ac2c1f6d3e71bbe3c9bdd3\Socket.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\b7b4505cb0a127c242f14d779e410e03\POSIX.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\bb8ac2d2050e30577927a7ac95d99cd9\GD.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\c06adade199b7f380d57181669fb22c1\Util.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\c3da4aa4c02db51c7f94d5eaf2438023\OLE.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\c8b0e39733c3e73e232a64a5c305ca76\API.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\e1ea0dbaf8a3ac5d1f0be83f219f8571\FastCalc.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\e775fca35641b4340ecf5cdba1fc6f62\Expat.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\ea4a4f99088551dd603ccfbabfaf3932\XSAccessor.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\f48694173221cfa9bad4275e2389b498\Win32.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\fc665959964b1312aee9d476290accdc\SHA1.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\fc8b9fd242032de837413f14e26ce21c\Zlib.dll

c:\documents and settings\F.\Local Settings\temp\pdk-F.-2980\perl510.dll

c:\program files\Hitman Pro 3.5

c:\program files\Hitman Pro 3.5\HitmanPro35.exe

c:\windows\system32\drivers\hitmanpro35.sys

.

(((((((((((((((((((( Bestanden Gemaakt van 2010-10-12 to 2010-11-12 ))))))))))))))))))))))))))))))

.

2010-11-10 08:24 . 2010-11-10 08:24 -------- d-----w- c:\documents and settings\F.\Application Data\Malwarebytes

2010-11-10 08:21 . 2010-11-10 08:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-11-09 20:13 . 2010-11-12 08:10 -------- d--h--r- c:\documents and settings\F.\Onlangs geopend

2010-11-09 20:11 . 2010-11-09 20:11 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE

2010-11-09 20:11 . 2010-11-09 20:11 -------- d-----r- c:\documents and settings\NetworkService\Favorieten

2010-11-09 19:29 . 2010-11-09 19:29 -------- d--h--r- c:\windows\system32\config\systemprofile\Onlangs geopend

2010-10-25 11:13 . 2010-10-25 11:28 -------- d-----w- c:\documents and settings\F.\Incomplete

2010-10-14 23:42 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll

2010-10-14 23:42 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2010-10-14 23:41 . 2010-08-23 16:13 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-11-10 18:55 . 2010-03-30 11:17 95568 ----a-w- c:\windows\system32\vetredir.dll

2010-11-10 18:55 . 2010-03-30 11:17 128336 ----a-w- c:\windows\system32\isafeif.dll

2010-11-04 11:56 . 2010-08-26 10:42 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2010-09-18 10:23 . 2004-08-04 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll

2010-09-18 06:53 . 2004-08-04 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll

2010-09-18 06:53 . 2004-08-04 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll

2010-09-18 06:53 . 2004-08-04 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll

2010-09-10 05:52 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-09-10 05:52 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-09-10 05:52 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts

2010-09-01 11:52 . 2004-08-04 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll

2010-09-01 07:57 . 2004-08-04 12:00 1852928 ----a-w- c:\windows\system32\win32k.sys

2010-08-27 08:03 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll

2010-08-27 05:55 . 2004-08-04 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll

2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll

2010-08-26 13:39 . 2004-08-04 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys

2010-08-23 16:13 . 2004-08-04 12:00 617472 ----a-w- c:\windows\system32\comctl32.dll

2010-08-17 13:17 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe

2010-08-16 08:45 . 2004-08-04 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll

2004-09-10 12:40 . 2004-09-10 12:40 75264 ----a-w- c:\program files\DECCHECK.exe

2009-09-12 21:05 . 2009-09-12 21:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll

2009-09-12 21:06 . 2009-09-12 21:06 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll

2009-09-12 21:06 . 2009-09-12 21:06 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll

2009-09-12 21:06 . 2009-09-12 21:06 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll

2009-09-12 21:06 . 2009-09-12 21:06 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll

2009-09-12 21:07 . 2009-09-12 21:07 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll

2009-09-12 21:06 . 2009-09-12 21:06 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll

2009-09-12 21:06 . 2009-09-12 21:06 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll

2009-08-14 11:33 . 2009-08-14 11:33 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll

2009-09-12 21:06 . 2009-09-12 21:06 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-25 68856]

"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-01 67128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sunkist2k"="c:\program files\Multimedia Card Reader\shwicon2k.exe" [2005-10-07 139264]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"SoundMan"="SOUNDMAN.EXE" [2004-11-02 77824]

"Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-08-12 61952]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]

"PRONoMgrWired"="c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe" [2004-03-02 86016]

"nwiz"="nwiz.exe" [2004-12-15 1490944]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-12-15 86016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-12-15 5513216]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2002-07-16 32768]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]

"AlcWzrd"="ALCWZRD.EXE" [2004-12-10 2749440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe" [2010-10-06 232912]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-3-1 67128]

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-3-22 450560]

Systeempictogram van Squeezebox Server.lnk - c:\program files\Squeezebox\SqueezeTray.exe [2010-10-5 2351191]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiMalware]

"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Intel\\PROSetWired\\NCS\\PROSet\\PROSet.exe"=

"c:\\Program Files\\RALINK\\RT2500 Wireless LAN Card\\Installer\\WINXP\\RaConfig2500.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

"c:\\Program Files\\LimeWire Plus\\LimeWire.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"40353:TCP"= 40353:TCP:limewire

"6346:TCP"= 6346:TCP:Limewire

"1176:UDP"= 1176:UDP:Windows Media Format SDK (iexplore.exe)

"1177:UDP"= 1177:UDP:Windows Media Format SDK (iexplore.exe)

"9000:TCP"= 9000:TCP:Squeezebox Server 9000 tcp (UI)

"9001:TCP"= 9001:TCP:Squeezebox Server 9001 tcp (UI)

"9002:TCP"= 9002:TCP:Squeezebox Server 9002 tcp (UI)

"9003:TCP"= 9003:TCP:Squeezebox Server 9003 tcp (UI)

"9004:TCP"= 9004:TCP:Squeezebox Server 9004 tcp (UI)

"9005:TCP"= 9005:TCP:Squeezebox Server 9005 tcp (UI)

"9006:TCP"= 9006:TCP:Squeezebox Server 9006 tcp (UI)

"9007:TCP"= 9007:TCP:Squeezebox Server 9007 tcp (UI)

"9008:TCP"= 9008:TCP:Squeezebox Server 9008 tcp (UI)

"9009:TCP"= 9009:TCP:Squeezebox Server 9009 tcp (UI)

"9010:TCP"= 9010:TCP:Squeezebox Server 9010 tcp (UI)

"9100:TCP"= 9100:TCP:Squeezebox Server 9100 tcp (UI)

"8000:TCP"= 8000:TCP:Squeezebox Server 8000 tcp (UI)

"10000:TCP"= 10000:TCP:Squeezebox Server 10000 tcp (UI)

"9090:TCP"= 9090:TCP:Squeezebox Server 9090 tcp (UI)

"3483:UDP"= 3483:UDP:Squeezebox Server 3483 udp

"3483:TCP"= 3483:TCP:Squeezebox Server 3483 tcp

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20-9-2009 9:59 64288]

R0 ppa;Stuurprogramma voor Iomega parallelle-poortfilter;c:\windows\system32\drivers\ppa.sys [3-12-2009 10:25 17792]

R2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [26-7-2010 14:17 95568]

R2 RGFILERW;RGFILERW;c:\windows\system32\drivers\RGFILERW.SYS [25-2-2007 12:27 3984]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [26-7-2010 14:17 18136]

R3 P1120VID;Creative WebCam NX Ultra;c:\windows\system32\drivers\P1120Vid.sys [28-5-2007 14:26 1252474]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 130384]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [27-8-2010 15:22 36640]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [12-8-2010 13:15 15264]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [27-8-2010 15:25 96488]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [27-8-2010 15:25 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [27-8-2010 15:25 121576]

S4 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [27-8-2010 15:22 217088]

S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2-2-2010 8:48 135664]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [12-8-2010 13:15 1375992]

S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15-1-2010 13:49 227232]

S4 SqueezeMySQL;SqueezeMySQL;c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\APPLIC~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL --> c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe --defaults-file=c:\docume~1\ALLUSE~1\APPLIC~1\SQUEEZ~1\Cache\my.cnf SqueezeMySQL [?]

S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 753504]

.

Inhoud van de 'Gedeelde Taken' map

2010-11-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-08-12 11:56]

2010-11-04 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]

2010-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 07:48]

2010-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 07:48]

2010-11-12 c:\windows\Tasks\HPpromotions journeysoftware.job

- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 15:36]

2010-11-12 c:\windows\Tasks\User_Feed_Synchronization-{F12E78A9-012F-4783-AB8F-40AE9D15256E}.job

- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.netvibes.com/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://foto.hema.nl/ips-opdata/layout/hema/objects/jordan.cab

FF - ProfilePath - c:\documents and settings\F.\Application Data\Mozilla\Firefox\Profiles\oyd37u7m.Standaardgebruiker\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npicaN.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-HitmanPro35 - c:\program files\Hitman Pro 3.5\HitmanPro35.exe

**************************************************************************

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]

"ImagePath"="\"\""

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,67,0e,a0,5d,a9,59,45,9e,08,6f,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,67,0e,a0,5d,a9,59,45,9e,08,6f,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(3860)

c:\windows\system32\nview.dll

c:\windows\system32\NVWRSNL.DLL

c:\program files\Logitech\SetPoint\lgscroll.dll

c:\windows\system32\nvwddi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\windows\ATKKBService.exe

c:\windows\system32\HPZipm12.exe

c:\windows\SOUNDMAN.EXE

c:\windows\system32\rundll32.exe

c:\windows\ALCWZRD.EXE

c:\program files\Citrix\ICA Client\wfcrun32.exe

c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE

c:\program files\iPod\bin\iPodService.exe

c:\progra~1\SQUEEZ~1\server\SQUEEZ~3.EXE

c:\progra~1\SQUEEZ~1\server\Bin\MSWIN3~1\mysqld.exe

.

**************************************************************************

.

Voltooingstijd: 2010-11-12 09:39:28 - machine werd herstart

ComboFix-quarantined-files.txt 2010-11-12 08:39

ComboFix2.txt 2010-11-10 18:22

Pre-Run: 51.061.088.256 bytes beschikbaar

Post-Run: 51.149.238.272 bytes beschikbaar

- - End Of File - - AEFF62C5C96AF72B04A57A0D43E9711F

kape · 12 november 2010

Problemen van de baan & Hitman Pro verwijderd, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download hier CCleaner en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

That's it !

Floris · 12 november 2010

Fantastisch! Alles uitgevoerd.

Bedankt!

Floris

Inloggen

Windows Explorer sluit automatisch af

Aanbevolen berichten

kape

Link naar reactie

Delen op andere sites

Floris

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

Floris

Link naar reactie

Delen op andere sites

kape

Link naar reactie

Delen op andere sites

Floris

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie