Mededeling

Collapse
No announcement yet.

Logje gerbenp Outerinfo.

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Logje gerbenp Outerinfo.

    Hoi!
    Ik had Revo Uninstaller uitgevoerd maar ik weet niet zeker of Outerinfo eraf is..
    Daarom post ik even een hjt logje, ik las op google dat outerinfo spyware of ad-ware is.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:39:28, on 9-5-2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Mozilla Firefox 3 Beta 5\firefox.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1205408845984
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1209374417642
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
    O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    --
    End of file - 7570 bytes

  • #2
    Klopt. Outerinfo is gerelateerd aan een DNS-hijacker.
    Ik zie geen sporen van deze infectie in je hijackthislog. Aangezien de infectie gebruik kan maken van rootkittechnologie, kan je best tocht nog even een andere log maken die ons wat meer toont. Indien aanwezig zal het logje de boosdoener tonen:
    Download reglooks.exe
    Plaats het op je bureaublad.
    Dubbelklik op reglooks.exe. Doe verder niets en wacht tot er een logfile opent. Post de inhoud van deze logfile.

    Comment


    • #3
      REGLOOKS logfile

      version 0.977
      vr 09-05-2008 22:36:13,45
      running from: "C:\Program Files\Mozilla Firefox"

      --- SSODL regkeys ---

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
      only standard or legit regkeys found


      --- STS regkeys ---

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
      only standard or legit regkeys found


      --- USERINIT regkey ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
      "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"


      --- SHELL regkey ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
      "Shell"="Explorer.exe"


      --- SYSTEM regkey ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
      "System"=""


      --- APPINIT_DLLS regkey ---

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
      "AppInit_DLLs"=""


      --- NOTIFY regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
      "dimsntfy" "DllName"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,\
      "igfxcui" "DLLName"="igfxdev.dll"
      "LMIinit" "DllName"=hex(2):4c,4d,49,69,6e,69,74,2e,64,6c,6c,00


      --- RUN / LOAD regkeys ---

      HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
      "load"=""


      --- BOOTEXECUTE regkey ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
      BootExecute= autocheck autochk *\0\0


      --- PENDINGFILERENAMEOPERATIONS regkey ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
      Pendingfilerenameoperations= \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~nsu.tmp\Au_.exe\0\0\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~n su.tmp\Au_.exe\0\0\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~nsu.tmp\Au_.exe\0\0\0


      --- SHELLEXECUTEHOOKS regkey ---

      HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
      "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""


      --- AUTORUN regkeys ---

      HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
      "AutoRun"=""


      --- HKLM\Run regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
      "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
      "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
      "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
      "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
      "Persistence"="C:\\WINDOWS\\system32\\igfxpers.exe"
      "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_06\\bin\\jusched.exe\""
      "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
      "Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
      "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
      "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
      "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
      [Run\OptionalComponents]
      [Run\OptionalComponents\IMAIL]
      "Installed"="1"
      [Run\OptionalComponents\MAPI]
      "Installed"="1"
      "NoChange"="1"
      [Run\OptionalComponents\MSFS]
      "Installed"="1"


      --- HKLM\RunOnce regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      no HKLM RunOnce keys found


      --- HKLM\RunOnceEx regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
      no HKLM RunOnceEx keys found


      --- HKLM\RunServices regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
      regkey does not exist


      --- HKLM\RunServicesOnce regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
      regkey does not exist


      --- HKCU\Run regkeys ---

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
      "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
      "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
      [Run\AdobeUpdater]
      @=""


      --- HKCU\RunOnce regkeys ---

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
      no HKCU RunOnce keys found


      --- HKCU\RunOnceEx regkeys ---

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
      regkey does not exist


      --- HKCU\RunServices regkeys ---

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
      regkey does not exist


      --- HKCU\RunServicesOnce regkeys ---

      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
      regkey does not exist


      --- HKU\.DEFAULT\Run regkeys - Default user ---

      HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


      --- HKU\S-1-5-18\Run regkeys - user SYSTEM ---

      HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


      --- HKU\S-1-5-19\Run regkeys - User Lokale service ---

      HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


      --- HKU\S-1-5-20\Run regkeys - User Netwerkservice ---

      HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


      --- HKLM\Explorer\Run regkeys ---

      HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
      regkey does not exist


      --- HKCU\Explorer\Run regkeys ---

      HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
      regkey does not exist


      --- Image File Execution regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
      no debuggers found


      --- BROWSER HELPER OBJECTS regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
      "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" FILE ="C:\\Program Files\\Java\\jre1.6.0_06\\bin\\ssv.dll"
      "{7E853D72-626A-48EC-A868-BA8D5E23E045}" regkey not found (ERROR)
      "{9030D464-4C02-4ABF-8ECC-5164760863C6}" FILE ="C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll"
      "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" FILE ="C:\\Program Files\\Google\\GoogleToolbarNotifier\\2.1.1119.1736\\swg.dll"


      --- TOOLBAR regkeys ---

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
      no toolbars found


      --- URLSEARCHHOOKS regkeys ---

      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
      only standard regkeys found


      --- SRCEENSAVER regkey ---

      HKEY_CURRENT_USER\Control Panel\Desktop
      "SCRNSAVE.EXE"="C:\\WINDOWS\\ribbons.scr"


      --- CONTEXTMENUHANDLERS regkeys ---

      HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
      "avast" CLSID ={472083B0-C522-11CF-8763-00608CC02F24} FILE ="C:\\Program Files\\Alwil Software\\Avast4\\ashShell.dll"
      "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
      "Open With" CLSID ={09799AFB-AD67-11d1-ABCD-00C04FC30936} FILE =%SystemRoot%\system32\SHELL32.dll
      "Open With EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
      "Quick Par" CLSID ={D120D80B-BD26-4A74-8E43-2C2AF0966139} FILE ="C:\\Program Files\\QuickPar\\QuickParShlExt.dll"
      "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"
      "{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}" Start Menu Pin FILE =%SystemRoot%\system32\SHELL32.dll

      HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers
      "EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
      "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
      "Sharing" CLSID ={f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} FILE ="ntshrui.dll"
      "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"

      HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers
      "avast" CLSID ={472083B0-C522-11CF-8763-00608CC02F24} FILE ="C:\\Program Files\\Alwil Software\\Avast4\\ashShell.dll"
      "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"


      --- ALTERNATESHELL regkey ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
      "AlternateShell"="cmd.exe"


      --- SAFEBOOT MINIMAL SERVICES ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
      no unknown services found


      --- SAFEBOOT NETWORK SERVICES ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
      no unknown services found


      --- SERVICES ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6to4
      "DisplayName"="IPv6-hulpservice"
      %SystemRoot%\system32\svchost.exe -k netsvcs

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIHdAudAddService
      "DisplayName"="ADI UAA Function Driver for High Definition Audio Service"
      system32\drivers\ADIHdAud.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADM8511
      "DisplayName"="ADMtek ADM8511/AN986 USB To Fast Ethernet Converter"
      system32\DRIVERS\ADM8511.SYS

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AEAudio
      "DisplayName"="AE Audio Service"
      system32\drivers\AEAudio.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswFsBlk
      "DisplayName"="aswFsBlk"
      system32\DRIVERS\aswFsBlk.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswSP
      "DisplayName"="avast! Self Protection"
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirebirdGuardianDefaultInstance
      "DisplayName"="Firebird Guardian - DefaultInstance"
      C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirebirdServerDefaultInstance
      "DisplayName"="Firebird Server - DefaultInstance"
      C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hamachi
      "DisplayName"="Hamachi Network Interface"
      system32\DRIVERS\hamachi.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LHidFilt
      "DisplayName"="Logitech SetPoint KMDF HID Filter Driver"
      system32\DRIVERS\LHidFilt.Sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LHidKe
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMIInfo
      "DisplayName"="LogMeIn Kernel Information Provider"
      \??\C:\Program Files\LogMeIn\x86\RaInfo.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lmimirr
      system32\DRIVERS\lmimirr.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMIRfsDriver
      "DisplayName"="LogMeIn Remote File System Driver"
      \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMouFilt
      "DisplayName"="Logitech SetPoint KMDF Mouse Filter Driver"
      system32\DRIVERS\LMouFilt.Sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ovt530
      "DisplayName"="Webcam Deluxe"
      System32\Drivers\ov530vid.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115bus
      "DisplayName"="Sony Ericsson Device 115 driver (WDM)"
      system32\DRIVERS\s115bus.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mdfl
      "DisplayName"="Sony Ericsson Device 115 USB WMC Modem Filter"
      system32\DRIVERS\s115mdfl.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mdm
      "DisplayName"="Sony Ericsson Device 115 USB WMC Modem Driver"
      system32\DRIVERS\s115mdm.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mgmt
      "DisplayName"="Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)"
      system32\DRIVERS\s115mgmt.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115obex
      "DisplayName"="Sony Ericsson Device 115 USB WMC OBEX Interface"
      system32\DRIVERS\s115obex.sys

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swwd
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{0B1499C0-A958-4D81-BAF3-E07B925A073B}
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{3A17229F-3152-4D24-A96C-0C685D0B352B}
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{521BBBC4-71BB-4624-8113-FFFC48DDCEA2}
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{7C3E6BDB-F0C7-498B-ADA4-C04113EC636B}
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BB9BA741-CB12-4BC1-B6D0-8AA1D98C59E0}
      no imagepath value found

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{D126C68C-CE88-47EE-85B0-BD50579CEBEB}
      no imagepath value found


      --- SECURITYPROVIDERS regkey ---

      HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
      "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


      --- SVCHOST regkey ---

      HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost
      HTTPFilter: HTTPFilter\0\0
      LocalService: Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
      NetworkService: DnsCache\0\0
      netsvcs: 6to4\0AppMgmt\0AudioSrv\0Browser\0CryptSvc\0DMServer\0DHCP\0ERSvc\0EventSystem\0FastUserSwitchingCom patibility\0HidServ\0Ias\0Iprip\0Irmon\0LanmanServer\0LanmanWorkstation\0Messenger\0Netman\0Nla\0Ntm ssvc\0NWCWorkstation\0Nwsapagent\0Rasauto\0Rasman\0Remoteaccess\0Schedule\0Seclogon\0SENS\0Sharedacc ess\0SRService\0Tapisrv\0Themes\0TrkWks\0W32Time\0WZCSVC\0Wmi\0WmdmPmSp\0winmgmt\0wscsvc\0xmlprov\0B ITS\0wuauserv\0ShellHWDetection\0helpsvc\0WmdmPmSN\0napagent\0hkmsvc\0\0
      DcomLaunch: DcomLaunch\0TermService\0\0
      rpcss: RpcSs\0\0
      imgsvc: StiSvc\0\0
      termsvcs: TermService\0\0
      WudfServiceGroup: WUDFSvc\0\0
      eapsvcs: eaphost\0\0
      dot3svc: dot3svc\0\0


      --- WOW-CMDLINE regkeys ---

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
      "cmdline" = %SystemRoot%\system32\ntvdm.exe
      "wowcmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386


      --- DNS SERVER regkeys ---

      no "NameServer" values found


      --- STARTUP FOLDERS ---

      C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\desktop.ini
      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini
      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk


      --- TASK SCHEDULER JOBS ---

      C:\WINDOWS\tasks\Easy Onderhoud.job


      --- File associations ---

      .BAT files: ("%1" %*)
      .COM files: ("%1" %*)
      .EXE files: ("%1" %*)
      .HLP files: (%SystemRoot%\System32\winhlp32.exe %1)
      .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
      .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
      .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*)
      .PIF files: ("%1" %*)
      .REG files: ("regedit.exe" "%1")
      .SCR files: ("%1" /S)
      .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
      .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*)


      FINISHED

      Comment


      • #4
        Herstart de computer en maak een nieuwe log met reglooks.

        Comment


        • #5
          REGLOOKS logfile

          version 0.977
          vr 09-05-2008 22:43:17,57
          running from: "C:\Documents and Settings\Administrator\Bureaublad"

          --- SSODL regkeys ---

          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
          only standard or legit regkeys found


          --- STS regkeys ---

          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
          only standard or legit regkeys found


          --- USERINIT regkey ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
          "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"


          --- SHELL regkey ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
          "Shell"="Explorer.exe"


          --- SYSTEM regkey ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
          "System"=""


          --- APPINIT_DLLS regkey ---

          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
          "AppInit_DLLs"=""


          --- NOTIFY regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
          "dimsntfy" "DllName"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,53,79,73,74,65,6d,33,\
          "igfxcui" "DLLName"="igfxdev.dll"
          "LMIinit" "DllName"=hex(2):4c,4d,49,69,6e,69,74,2e,64,6c,6c,00


          --- RUN / LOAD regkeys ---

          HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
          "load"=""


          --- BOOTEXECUTE regkey ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
          BootExecute= autocheck autochk *\0\0


          --- SHELLEXECUTEHOOKS regkey ---

          HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
          "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""


          --- AUTORUN regkeys ---

          HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
          "AutoRun"=""


          --- HKLM\Run regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "High Definition Audio Property Page Shortcut"="HDAShCut.exe"
          "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\Core\\smax4pnp.exe"
          "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
          "IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
          "HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
          "Persistence"="C:\\WINDOWS\\system32\\igfxpers.exe"
          "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_06\\bin\\jusched.exe\""
          "WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
          "Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
          "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
          "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
          "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
          [Run\OptionalComponents]
          [Run\OptionalComponents\IMAIL]
          "Installed"="1"
          [Run\OptionalComponents\MAPI]
          "Installed"="1"
          "NoChange"="1"
          [Run\OptionalComponents\MSFS]
          "Installed"="1"


          --- HKLM\RunOnce regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
          no HKLM RunOnce keys found


          --- HKLM\RunOnceEx regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
          no HKLM RunOnceEx keys found


          --- HKLM\RunServices regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
          regkey does not exist


          --- HKLM\RunServicesOnce regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
          regkey does not exist


          --- HKCU\Run regkeys ---

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
          "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
          "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
          [Run\AdobeUpdater]
          @=""


          --- HKCU\RunOnce regkeys ---

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
          no HKCU RunOnce keys found


          --- HKCU\RunOnceEx regkeys ---

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
          regkey does not exist


          --- HKCU\RunServices regkeys ---

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
          regkey does not exist


          --- HKCU\RunServicesOnce regkeys ---

          HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
          regkey does not exist


          --- HKU\.DEFAULT\Run regkeys - Default user ---

          HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


          --- HKU\S-1-5-18\Run regkeys - user SYSTEM ---

          HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


          --- HKU\S-1-5-19\Run regkeys - User Lokale service ---

          HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


          --- HKU\S-1-5-20\Run regkeys - User Netwerkservice ---

          HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
          "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


          --- HKLM\Explorer\Run regkeys ---

          HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
          regkey does not exist


          --- HKCU\Explorer\Run regkeys ---

          HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
          regkey does not exist


          --- Image File Execution regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
          no debuggers found


          --- BROWSER HELPER OBJECTS regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
          "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" FILE ="C:\\Program Files\\Java\\jre1.6.0_06\\bin\\ssv.dll"
          "{7E853D72-626A-48EC-A868-BA8D5E23E045}" regkey not found (ERROR)
          "{9030D464-4C02-4ABF-8ECC-5164760863C6}" FILE ="C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll"
          "{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" FILE ="C:\\Program Files\\Google\\GoogleToolbarNotifier\\2.1.1119.1736\\swg.dll"


          --- TOOLBAR regkeys ---

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
          no toolbars found


          --- URLSEARCHHOOKS regkeys ---

          HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
          only standard regkeys found


          --- SRCEENSAVER regkey ---

          HKEY_CURRENT_USER\Control Panel\Desktop
          "SCRNSAVE.EXE"="C:\\WINDOWS\\ribbons.scr"


          --- CONTEXTMENUHANDLERS regkeys ---

          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
          "avast" CLSID ={472083B0-C522-11CF-8763-00608CC02F24} FILE ="C:\\Program Files\\Alwil Software\\Avast4\\ashShell.dll"
          "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
          "Open With" CLSID ={09799AFB-AD67-11d1-ABCD-00C04FC30936} FILE =%SystemRoot%\system32\SHELL32.dll
          "Open With EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
          "Quick Par" CLSID ={D120D80B-BD26-4A74-8E43-2C2AF0966139} FILE ="C:\\Program Files\\QuickPar\\QuickParShlExt.dll"
          "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"
          "{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}" Start Menu Pin FILE =%SystemRoot%\system32\SHELL32.dll

          HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers
          "EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
          "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
          "Sharing" CLSID ={f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} FILE ="ntshrui.dll"
          "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"

          HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers
          "avast" CLSID ={472083B0-C522-11CF-8763-00608CC02F24} FILE ="C:\\Program Files\\Alwil Software\\Avast4\\ashShell.dll"
          "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"


          --- ALTERNATESHELL regkey ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
          "AlternateShell"="cmd.exe"


          --- SAFEBOOT MINIMAL SERVICES ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
          no unknown services found


          --- SAFEBOOT NETWORK SERVICES ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
          no unknown services found


          --- SERVICES ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6to4
          "DisplayName"="IPv6-hulpservice"
          %SystemRoot%\system32\svchost.exe -k netsvcs

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIHdAudAddService
          "DisplayName"="ADI UAA Function Driver for High Definition Audio Service"
          system32\drivers\ADIHdAud.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADM8511
          "DisplayName"="ADMtek ADM8511/AN986 USB To Fast Ethernet Converter"
          system32\DRIVERS\ADM8511.SYS

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AEAudio
          "DisplayName"="AE Audio Service"
          system32\drivers\AEAudio.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswFsBlk
          "DisplayName"="aswFsBlk"
          system32\DRIVERS\aswFsBlk.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswSP
          "DisplayName"="avast! Self Protection"
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirebirdGuardianDefaultInstance
          "DisplayName"="Firebird Guardian - DefaultInstance"
          C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FirebirdServerDefaultInstance
          "DisplayName"="Firebird Server - DefaultInstance"
          C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hamachi
          "DisplayName"="Hamachi Network Interface"
          system32\DRIVERS\hamachi.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LHidFilt
          "DisplayName"="Logitech SetPoint KMDF HID Filter Driver"
          system32\DRIVERS\LHidFilt.Sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LHidKe
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMIInfo
          "DisplayName"="LogMeIn Kernel Information Provider"
          \??\C:\Program Files\LogMeIn\x86\RaInfo.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lmimirr
          system32\DRIVERS\lmimirr.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMIRfsDriver
          "DisplayName"="LogMeIn Remote File System Driver"
          \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LMouFilt
          "DisplayName"="Logitech SetPoint KMDF Mouse Filter Driver"
          system32\DRIVERS\LMouFilt.Sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ovt530
          "DisplayName"="Webcam Deluxe"
          System32\Drivers\ov530vid.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115bus
          "DisplayName"="Sony Ericsson Device 115 driver (WDM)"
          system32\DRIVERS\s115bus.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mdfl
          "DisplayName"="Sony Ericsson Device 115 USB WMC Modem Filter"
          system32\DRIVERS\s115mdfl.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mdm
          "DisplayName"="Sony Ericsson Device 115 USB WMC Modem Driver"
          system32\DRIVERS\s115mdm.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115mgmt
          "DisplayName"="Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)"
          system32\DRIVERS\s115mgmt.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\s115obex
          "DisplayName"="Sony Ericsson Device 115 USB WMC OBEX Interface"
          system32\DRIVERS\s115obex.sys

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\swwd
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{0B1499C0-A958-4D81-BAF3-E07B925A073B}
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{3A17229F-3152-4D24-A96C-0C685D0B352B}
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{521BBBC4-71BB-4624-8113-FFFC48DDCEA2}
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{7C3E6BDB-F0C7-498B-ADA4-C04113EC636B}
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BB9BA741-CB12-4BC1-B6D0-8AA1D98C59E0}
          no imagepath value found

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{D126C68C-CE88-47EE-85B0-BD50579CEBEB}
          no imagepath value found


          --- SECURITYPROVIDERS regkey ---

          HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
          "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


          --- SVCHOST regkey ---

          HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost
          HTTPFilter: HTTPFilter\0\0
          LocalService: Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
          NetworkService: DnsCache\0\0
          netsvcs: 6to4\0AppMgmt\0AudioSrv\0Browser\0CryptSvc\0DMServer\0DHCP\0ERSvc\0EventSystem\0FastUserSwitchingCom patibility\0HidServ\0Ias\0Iprip\0Irmon\0LanmanServer\0LanmanWorkstation\0Messenger\0Netman\0Nla\0Ntm ssvc\0NWCWorkstation\0Nwsapagent\0Rasauto\0Rasman\0Remoteaccess\0Schedule\0Seclogon\0SENS\0Sharedacc ess\0SRService\0Tapisrv\0Themes\0TrkWks\0W32Time\0WZCSVC\0Wmi\0WmdmPmSp\0winmgmt\0wscsvc\0xmlprov\0B ITS\0wuauserv\0ShellHWDetection\0helpsvc\0WmdmPmSN\0napagent\0hkmsvc\0\0
          DcomLaunch: DcomLaunch\0TermService\0\0
          rpcss: RpcSs\0\0
          imgsvc: StiSvc\0\0
          termsvcs: TermService\0\0
          WudfServiceGroup: WUDFSvc\0\0
          eapsvcs: eaphost\0\0
          dot3svc: dot3svc\0\0


          --- WOW-CMDLINE regkeys ---

          HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
          "cmdline" = %SystemRoot%\system32\ntvdm.exe
          "wowcmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386


          --- DNS SERVER regkeys ---

          no "NameServer" values found


          --- STARTUP FOLDERS ---

          C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\desktop.ini
          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini
          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\Google Updater.lnk


          --- TASK SCHEDULER JOBS ---

          C:\WINDOWS\tasks\Easy Onderhoud.job


          --- File associations ---

          .BAT files: ("%1" %*)
          .COM files: ("%1" %*)
          .EXE files: ("%1" %*)
          .HLP files: (%SystemRoot%\System32\winhlp32.exe %1)
          .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
          .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
          .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*)
          .PIF files: ("%1" %*)
          .REG files: ("regedit.exe" "%1")
          .SCR files: ("%1" /S)
          .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
          .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*)


          FINISHED

          Comment


          • #6
            Ziet er goed uit nu.

            Doe dit nog:
            Verwijder alle bestanden in de map c:\windows\prefetch
            Opruiming van cookies en tijdelijke internetbestanden:
            Sluit alle open vensters van Internet Explorer.
            Ga naar Start en klik op "Configuratiescherm" en dubbelklik op "Internet-opties".
            Het venster "Eigenschappen voor Internet" zal openen.
            Ga naar het tabblad "Algemeen".
            Bij "Browsergeschiedenis" klik je op de knop "Verwijderen".
            Een nieuw venster zal open: Browsergeschiedenis verwijderen.
            Klik onderaan op de knop "Alles verwijderen". In het venster dat nu opent plaats je een vinkje bij "Ook bestanden en instellingen die door invoegtoepassingen zijn opgeslagen, verwijderen".
            Klik op Ja.
            Dit verwijdert de tijdelijke internetbestanden, de cookies, de surfgeschiedenis, de opgeslagen informatie die je in formulieren hebt opgegeven en de opgeslagen wachtwoorden die automatisch worden ingevuld als je je aanmeldt bij een website die je eerder hebt bezocht.
            Indien je deze laatste 2 (formuliergegevens en wachtwoorden) liever niet verwijderd, dan klik je niet op alles verwijderen maar enkel op deze:
            - bij Tijdelijke internetbestanden op Bestanden verwijderen.
            - bij Cookies op Cookies verwijderen.
            - bij Geschiedenis op Geschiedenis verwijderen.

            Blokkeer ook nog de indirecte of third party cookies:
            Op het tabblad Privacy klik je op de knop geavanceerd.
            Plaats een vinkje bij "Automatische cookie-verwerking opheffen".
            Bij Directe cookies zorg je dat "Accepteren" aangeduid is.
            Bij Indirecte cookies kies je voor "Blokkeren".
            Klik op OK.
            Wanneer dit gebeurd is, sluit je het venster "Eigenschappen voor Internet".

            Opruiming van andere tijdelijke mappen en de prullenbak leegmaken:
            Sluit alle open vensters.
            Ga naar Start, kies Uitvoeren en tik in: cleanmgr
            Druk daarna op OK en Schijfopruiming zal gestart worden.
            Indien je meerdere partities hebt kies je de partitie waarop Windows geïnstalleerd is.
            Laat nu je systeem scannen op bestanden die verwijderd kunnen worden.
            Wanneer het overzicht verschijnt zorg je dat enkel de volgende items aangevinkt zijn:
            - Tijdelijke internetbestanden
            - Prullenbak
            - Tijdelijke bestanden
            Klik daarna op OK.


            Meldt of er nog problemen zijn.

            Comment


            • #7
              Moet ik ook nog even alles van firefox wissen met CTRL SHIFT DELETE?
              Voor de rest is alles goed!

              Comment


              • #8
                Kan je doen.

                Comment


                • #9
                  Bedankt Marckie.
                  Ik heb geen problemen meer dus hij gaat op opgelost.

                  Comment


                  • #10
                    Mooi zo.

                    Comment

                    Sorry, you are not authorized to view this page
                    Working...
                    X