Archief - Vista zwart scherm na login.

Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.

Mad_piggy

Legacy Member
Kunnen jullie mij mss helpen??
Nadat ik inlog krijg ik voor enkele minuten een zwart scherm met enkel een muisaanwijzer.

Waaraan ligt dit??

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:49:55, on 20/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/webhp?hl=nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Statistieken bescherming internetverkeer - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://www.yougamers.com/systeminfo/FMSI.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 10409 bytes

Juisterr

Legacy Member
een vreeemd logje want er staan geen items bij running processes.


Klik met de rechtermuis op het programma Hijackthis en kies voor "Uitvoeren als Administrator"
Kies voor 'Do a system scan only'
Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

Sluit alle vensters behalve Hijackthis
Klik op 'Fix checked' om de items te verwijderen.


plaats na opstarten een nieuw en volledig logje aub.

Mad_piggy

Legacy Member
ik heb echt niets speciaals gedaan met de vorige log.
In ieder geval hier de volgende log.
Toch staan er weer niet alle processen in. Ik weet niet hoe dat komt.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:42:28, on 21/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\OEM02Mon.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Toevoegen aan de Banner Ad Blokker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O9 - Extra button: Statistieken bescherming internetverkeer - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Futuremark SystemInfo) - http://www.yougamers.com/systeminfo/FMSI.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - Unknown owner - C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

--
End of file - 10319 bytes

Juisterr

Legacy Member
al 2 meer dan de eerste keer, maar het is niet goed, misschien kan je beter teruggaan naar de fabrieksinstellingen wellicht dat het dan repareerd.

Mad_piggy

Legacy Member
Maar er draaien wel andere processen.
Mss handig om weten het gaat over een Vista 64bit

namelijk:
Code:
Description                   ExecutablePath                                                                                    
System Idle Process                                                                                                             
System                                                                                                                          
smss.exe                                                                                                                        
csrss.exe                     C:\Windows\system32\csrss.exe                                                                     
wininit.exe                   C:\Windows\system32\wininit.exe                                                                   
csrss.exe                     C:\Windows\system32\csrss.exe                                                                     
services.exe                  C:\Windows\system32\services.exe                                                                  
lsass.exe                     C:\Windows\system32\lsass.exe                                                                     
lsm.exe                       C:\Windows\system32\lsm.exe                                                                       
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
nvvsvc.exe                    C:\Windows\system32\nvvsvc.exe                                                                    
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
svchost.exe                   C:\Windows\System32\svchost.exe                                                                   
winlogon.exe                  C:\Windows\system32\winlogon.exe                                                                  
svchost.exe                   C:\Windows\System32\svchost.exe                                                                   
svchost.exe                   C:\Windows\System32\svchost.exe                                                                   
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
audiodg.exe                                                                                                                     
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
SLsvc.exe                     C:\Windows\system32\SLsvc.exe                                                                     
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
rundll32.exe                  C:\Windows\system32\rundll32.exe                                                                  
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
spoolsv.exe                   C:\Windows\System32\spoolsv.exe                                                                   
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
wlanext.exe                   C:\Windows\system32\WLANExt.exe                                                                   
AESTSr64.exe                  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe                  
AppleMobileDeviceService.exe  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe  
avp.exe                                                                                                                         
mDNSResponder.exe             C:\Program Files (x86)\Bonjour\mDNSResponder.exe                                                  
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
EvtEng.exe                    C:\Program Files\Intel\WiFi\bin\EvtEng.exe                                                        
upeksvr.exe                   C:\Program Files\Protector Suite QL\upeksvr.exe                                                   
mdm.exe                       C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe                             
PDAgent.exe                   C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe                                                  
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
RegSrvc.exe                   C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe                                    
stacsv64.exe                  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe                  
svchost.exe                   C:\Windows\system32\svchost.exe                                                                   
svchost.exe                   C:\Windows\System32\svchost.exe                                                                   
SearchIndexer.exe             C:\Windows\system32\SearchIndexer.exe                                                             
rundll32.exe                  C:\Windows\system32\RUNDLL32.EXE                                                                  
IAANTmon.exe                  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe                            
WmiPrvSE.exe                  C:\Windows\system32\wbem\wmiprvse.exe                                                             
dwm.exe                       C:\Windows\system32\Dwm.exe                                                                       
explorer.exe                  C:\Windows\Explorer.EXE                                                                           
taskeng.exe                   C:\Windows\system32\taskeng.exe                                                                   
MSASCui.exe                   C:\Program Files\Windows Defender\MSASCui.exe                                                     
Apoint.exe                    C:\Program Files\DellTPad\Apoint.exe                                                              
sttray64.exe                  C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe                                          
IAAnotif.exe                  C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe                            
rundll32.exe                  C:\Windows\System32\rundll32.exe                                                                  
rundll32.exe                  C:\Windows\System32\rundll32.exe                                                                  
LWEMon.exe                    C:\Program Files\Logitech\Gaming Software\LWEMon.exe                                              
sidebar.exe                   C:\Program Files\Windows Sidebar\sidebar.exe                                                      
BTTray.exe                    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe                                            
quickset.exe                  C:\Program Files\Dell\QuickSet\quickset.exe                                                       
avp.exe                                                                                                                         
OEM02Mon.exe                  C:\Windows\OEM02Mon.exe                                                                           
sidebar.exe                   C:\Program Files\Windows Sidebar\sidebar.exe                                                      
taskeng.exe                   C:\Windows\system32\taskeng.exe                                                                   
ApMsgFwd.exe                  C:\Program Files\DellTPad\ApMsgFwd.exe                                                            
hidfind.exe                   C:\Program Files\DellTPad\HidFind.exe                                                             
ApntEx.exe                    C:\Program Files\DellTPad\Apntex.exe                                                              
psqltray.exe                  C:\Program Files\Protector Suite QL\psqltray.exe                                                  
WUDFHost.exe                  C:\Windows\system32\WUDFHost.exe                                                                  
TrustedInstaller.exe          C:\Windows\servicing\TrustedInstaller.exe                                                         
iexplore.exe                  C:\Program Files (x86)\Internet Explorer\iexplore.exe                                             
iexplore.exe                  C:\Program Files (x86)\Internet Explorer\iexplore.exe                                             
SearchProtocolHost.exe        C:\Windows\system32\SearchProtocolHost.exe                                                        
iexplore.exe                  C:\Program Files (x86)\Internet Explorer\iexplore.exe                                             
SearchFilterHost.exe          C:\Windows\system32\SearchFilterHost.exe                                                          
iexplore.exe                  C:\Program Files (x86)\Internet Explorer\iexplore.exe                                             
cmd.exe                       C:\Windows\System32\cmd.exe                                                                       
WmiPrvSE.exe                  C:\Windows\system32\wbem\wmiprvse.exe                                                             
notepad.exe                   C:\Windows\System32\notepad.exe                                                                   
taskeng.exe                   C:\Windows\system32\taskeng.exe                                                                   
WMIC.exe                      C:\Windows\System32\Wbem\WMIC.exe

Mad_piggy

Legacy Member
Ook heb ik eens een bootlog gemaakt met HijackThis (omdat nadat hij dan eindelijk is opgestart er geen problemen meer zijn)
Code:
StartupList report, 22/04/2009, 18:56:13
StartupList version: 1.52.2
Started from : C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows Vista SP1 (WinNT 6.00.1905)
Detected: Internet Explorer v8.00 (8.00.6001.18702)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\OEM02Mon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\Pigmaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
BTTray.lnk = ?
QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

(Default) = 
AVP = "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
OEM02Mon.exe = C:\Windows\OEM02Mon.exe

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
 = 

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

[AdobeUpdater]
 = 

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = %SystemRoot%\system32\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\Windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~2\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll

--------------------------------------------------

Shell & screensaver key from C:\Windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\Windows\system32\logon.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\Windows\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Register-editor'

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

btorbit.com - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll - {000123B4-9B42-4900-B3F7-F4B073EFC214}
(no name) - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll - {074C1DC5-9320-4A9A-947D-C042949C6216}
AcroIEHelperStub - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
IEVkbdBHO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}
(no name) - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
SmartSelect - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll - {F4971EE7-DAA0-4053-9964-665D8EE6A077}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Ad-Aware Update (Weekly).job
User_Feed_Synchronization-{56E2320C-D24C-432C-B329-74EB301558CB}.job

--------------------------------------------------

Enumerating Download Program Files:

[Shockwave ActiveX Control]
InProcServer32 = C:\Windows\SysWow64\Adobe\Director\SwDir.dll
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

[Windows Genuine Advantage Validation Tool]
InProcServer32 = C:\Windows\SysWow64\LegitCheckControl.DLL
CODEBASE = http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}]
CODEBASE = http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

[MessengerStatsClient Class]
InProcServer32 = C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll
CODEBASE = http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[Java Plug-in 1.6.0_13]
InProcServer32 = C:\Program Files (x86)\Java\jre6\bin\npjpi160_13.dll
CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

[Futuremark SystemInfo]
InProcServer32 = C:\PROGRA~2\COMMON~1\FUTURE~1\FUTURE~1\FMSIX.ocx
CODEBASE = http://www.yougamers.com/systeminfo/FMSI.cab

[Shockwave Flash Object]
InProcServer32 = C:\Windows\SysWow64\Macromed\Flash\Flash10b.ocx
CODEBASE = http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Windows\System32\mswsock.dll
NameSpace #6: C:\Windows\System32\winrnr.dll
NameSpace #7: C:\Windows\system32\wshbth.dll
Protocol #1: C:\Windows\system32\mswsock.dll
Protocol #2: C:\Windows\system32\mswsock.dll
Protocol #3: C:\Windows\system32\mswsock.dll
Protocol #4: C:\Windows\system32\mswsock.dll
Protocol #5: C:\Windows\system32\mswsock.dll
Protocol #6: C:\Windows\system32\mswsock.dll
Protocol #7: C:\Windows\system32\mswsock.dll
Protocol #8: C:\Windows\system32\mswsock.dll
Protocol #9: C:\Windows\system32\mswsock.dll
Protocol #10: C:\Windows\system32\mswsock.dll
Protocol #11: C:\Windows\system32\mswsock.dll

--------------------------------------------------

Mad_piggy

Legacy Member
vervolg:
Code:
Enumerating Windows NT/2000/XP services

Microsoft ACPI-stuurprogramma: system32\drivers\acpi.sys (system)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (disabled)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (disabled)
adpu160m: \SystemRoot\system32\drivers\adpu160m.sys (disabled)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (disabled)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Andrea ST Filters Service: C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe (autostart)
Ancilliary Function Driver for Winsock: \SystemRoot\system32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
aic78xx: \SystemRoot\system32\drivers\djsvs.sys (disabled)
@%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
aliide: \SystemRoot\system32\drivers\aliide.sys (disabled)
amdide: \SystemRoot\system32\drivers\amdide.sys (disabled)
AMD K8 Processor Driver: \SystemRoot\system32\drivers\amdk8.sys (disabled)
Alps Touch Pad Filter Driver for Windows Vista x64: system32\DRIVERS\Apfiltr.sys (manual start)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Mobiel Apple apparaat: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" (autostart)
arc: \SystemRoot\system32\drivers\arc.sys (disabled)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (disabled)
@%systemroot%\system32\rascfg.dll,-32000: system32\DRIVERS\asyncmac.sys (manual start)
IDE-kanaal: system32\drivers\atapi.sys (system)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Kaspersky Internet Security: "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r (autostart)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (disabled)
Bonjour-service: "C:\Program Files (x86)\Bonjour\mDNSResponder.exe" (autostart)
Bowser: system32\DRIVERS\bowser.sys (manual start)
Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\brfiltlo.sys (manual start)
Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\brfiltup.sys (manual start)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\system32\drivers\brserid.sys (disabled)
Brother WDM Serial driver: \SystemRoot\system32\drivers\brserwdm.sys (disabled)
Brother MFC USB Fax Only Modem: \SystemRoot\system32\drivers\brusbmdm.sys (disabled)
Brother MFC USB Serial WDM Driver: \SystemRoot\system32\drivers\brusbser.sys (manual start)
Bluetooth Enumerator Service: system32\DRIVERS\BthEnum.sys (manual start)
Stuurprogramma voor seriële communicatie via Bluetooth: system32\DRIVERS\bthmodem.sys (manual start)
Bluetooth-apparaat (Personal Area Network): system32\DRIVERS\bthpan.sys (manual start)
Stuurprogramma voor Bluetooth-poort: System32\Drivers\BTHport.sys (manual start)
@%SystemRoot%\System32\bthserv.dll,-101: %SystemRoot%\system32\svchost.exe -k bthsvcs (autostart)
USB-stuurprogramma voor Bluetooth-radio: System32\Drivers\BTHUSB.sys (manual start)
Bluetooth-audioapparaat: system32\drivers\btwaudio.sys (manual start)
Bluetooth AVDT: system32\drivers\btwavdt.sys (manual start)
btwrchid: system32\DRIVERS\btwrchid.sys (manual start)
CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
Cd-rom-stuurprogramma: system32\DRIVERS\cdrom.sys (system)
@%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (disabled)
Common Log (CLFS): System32\CLFS.sys (system)
Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Microsoft .NET Framework NGEN v2.0.50727_X64: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (manual start)
Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu: system32\DRIVERS\CmBatt.sys (manual start)
cmdide: \SystemRoot\system32\drivers\cmdide.sys (disabled)
Microsoft Composite Battery-stuurprogramma: system32\DRIVERS\compbatt.sys (system)
@comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
SW Distributed TS Coordinator Service: "C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe" (disabled)
Crcdisk Filter Driver: system32\drivers\crcdisk.sys (system)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%systemroot%\system32\drivers\dfsc.sys,-101: System32\Drivers\dfsc.sys (system)
@dfsrres.dll,-101: %SystemRoot%\system32\DFSR.exe (manual start)
WIDCOMM USB Bluetooth Driver in DFU State: System32\Drivers\frmupgr.sys (manual start)
@%SystemRoot%\system32\dhcpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
Stuurprogramma voor schijfstations: system32\drivers\disk.sys (system)
DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
Microsoft Kernel DRM-audiodecoder: system32\drivers\drmkaud.sys (manual start)
LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
Intel(R) PRO/1000 NDIS 6 Adapter Driver: system32\DRIVERS\E1G6032E.sys (manual start)
@%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
ReadyBoost Caching Driver: System32\drivers\ecache.sys (system)
@%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (disabled)
@%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (disabled)
@%SystemRoot%\ehome\ehstart.dll,-101: %windir%\system32\svchost.exe -k LocalServiceNoNetwork (disabled)
elxstor: \SystemRoot\system32\drivers\elxstor.sys (disabled)
@%SystemRoot%\system32\emdmgmt.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
ENTECH64: \??\C:\Windows\system32\DRIVERS\ENTECH64.sys (manual start)
Microsoft Hardware Error Device Driver: \SystemRoot\system32\drivers\errdev.sys (disabled)
Windows Event Log: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Intel® PROSet/Wireless Event Log: C:\Program Files\Intel\WiFi\bin\EvtEng.exe (autostart)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (disabled)
@%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
File Information FS MiniFilter: system32\drivers\fileinfo.sys (system)
FileTrace: system32\drivers\filetrace.sys (manual start)
FLEXnet Licensing Service: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" (manual start)
FLEXnet Licensing Service 64: "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe" (manual start)
Floppy Disk Driver: system32\DRIVERS\flpydisk.sys (disabled)
FltMgr: system32\drivers\fltmgr.sys (system)
@%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (manual start)
Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start)
GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start)
@gpapi.dll,-112: %windir%\system32\svchost.exe -k GPSvcGroup (autostart)
Hardlock: \??\C:\Windows\system32\drivers\hardlock.sys (autostart)
Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service: system32\drivers\HdAudio.sys (manual start)
Microsoft UAA Bus-stuurprogramma voor High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
hexmagic: \??\C:\Windows\system32\drivers\hexmagic.sys (manual start)
Microsoft Bluetooth HID-minipoort: system32\DRIVERS\hidbth.sys (manual start)
Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (disabled)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Microsoft HID Class-stuurprogramma: system32\DRIVERS\hidusb.sys (manual start)
Hitman Pro 3 Support Driver: \??\C:\Windows\system32\drivers\hitmanpro3.sys (manual start)
@%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
HpCISSs: \SystemRoot\system32\drivers\hpcisss.sys (disabled)
HTTP: system32\drivers\HTTP.sys (manual start)
i2omp: \SystemRoot\system32\drivers\i2omp.sys (disabled)
Stuurprogramma voor i8042-toetsenbord en PS/2-muispoort: system32\DRIVERS\i8042prt.sys (system)
Intel(R) Matrix Storage Event Monitor: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (autostart)
Intel(R) Turbo Memory Controller: system32\DRIVERS\iaNvStor.sys (system)
Intel AHCI Controller: system32\drivers\iastor.sys (system)
Intel RAID Controller Vista: \SystemRoot\system32\drivers\iastorv.sys (disabled)
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
iirsp: \SystemRoot\system32\drivers\iirsp.sys (disabled)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
intelide: system32\drivers\intelide.sys (system)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (manual start)
@%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\rascfg.dll,-32013: system32\DRIVERS\ipfltdrv.sys (manual start)
@%SystemRoot%\system32\iphlpsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IPMIDRV: \SystemRoot\system32\drivers\ipmidrv.sys (disabled)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
iPod-service: "C:\Program Files (x86)\iPod\bin\iPodService.exe" (manual start)
IR Bus Enumerator: system32\drivers\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: \SystemRoot\system32\drivers\isapnp.sys (disabled)
iScsiPort-stuurprogramma: system32\DRIVERS\msiscsi.sys (manual start)
ITEATAPI_Service_Install: \SystemRoot\system32\drivers\iteatapi.sys (disabled)
ITERAID_Service_Install: \SystemRoot\system32\drivers\iteraid.sys (disabled)
Intel(R) Application Pinning Service: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\PinningUI\ITMService.exe (disabled)
Stuurprogramma voor verschillende toetsenbordtypen: system32\DRIVERS\kbdclass.sys (system)
Stuurprogramma voor toetsenbord-HID: system32\DRIVERS\kbdhid.sys (system)
@keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
kl1: system32\DRIVERS\kl1.sys (system)
Kaspersky Lab Boot Guard Driver: system32\DRIVERS\klbg.sys (system)
Kaspersky Lab KLFltDev: system32\DRIVERS\klfltdev.sys (manual start)
Kaspersky Lab Driver: system32\DRIVERS\klif.sys (system)
Kaspersky Anti-Virus NDIS 6 Filter: system32\DRIVERS\klim6.sys (system)
KSecDD: System32\Drivers\ksecdd.sys (system)
Kernel Streaming Thunks: \SystemRoot\system32\drivers\ksthunk.sys (manual start)
@comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (disabled)
LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (disabled)
LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (disabled)
UAC File Virtualization: \SystemRoot\system32\drivers\luafv.sys (disabled)
@%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Machine Debug Manager: "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" (autostart)
megasas: \SystemRoot\system32\drivers\megasas.sys (disabled)
MegaSR: \SystemRoot\system32\drivers\megasr.sys (disabled)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Modem: system32\drivers\modem.sys (manual start)
Microsoft Monitor Class Function Driver-service: system32\DRIVERS\monitor.sys (manual start)
Stuurprogramma voor muistypen: system32\DRIVERS\mouclass.sys (system)
Stuurprogramma voor muis-HID: system32\DRIVERS\mouhid.sys (manual start)
Mount Point Manager: System32\drivers\mountmgr.sys (system)
Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (disabled)
@%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
Mraid35x: \SystemRoot\system32\drivers\mraid35x.sys (disabled)
WebDav Client Redirector Driver: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
SMB MiniRedirector Wrapper and Engine: system32\DRIVERS\mrxsmb.sys (manual start)
SMB 1.x MiniRedirector: system32\DRIVERS\mrxsmb10.sys (manual start)
SMB 2.0 MiniRedirector: system32\DRIVERS\mrxsmb20.sys (manual start)
msahci: \SystemRoot\system32\drivers\msahci.sys (disabled)
Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (disabled)
@comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
ISA/EISA Class-stuurprogramma: system32\drivers\msisadrv.sys (system)
@%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec /V (manual start)
Microsoft Streaming Service-proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock-proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Kwaliteitsbeheer Proxy: system32\drivers\MSPQM.sys (manual start)
BIOS-stuurprogramma voor Microsoft Systeembeheer: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma: system32\drivers\MSTEE.sys (manual start)
Mup: System32\Drivers\mup.sys (system)
@%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
NativeWiFi-filter: system32\DRIVERS\nwifi.sys (manual start)
NDIS System Driver: system32\drivers\ndis.sys (system)
@%systemroot%\system32\rascfg.dll,-32001: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32002: system32\DRIVERS\ndiswan.sys (manual start)
Nero BackItUp Scheduler 4.0: C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (disabled)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NETBT: System32\DRIVERS\netbt.sys (system)
@%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
@%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\netprof.dll,-246: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" (disabled)
Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit: system32\DRIVERS\NETw5v64.sys (manual start)
nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (disabled)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
NSI proxy service: system32\drivers\nsiproxy.sys (system)
nvlddmkm: system32\DRIVERS\nvlddmkm.sys (manual start)
NVIDIA nForce RAID Driver   : \SystemRoot\system32\drivers\nvraid.sys (disabled)
nvstor: \SystemRoot\system32\drivers\nvstor.sys (disabled)
NVIDIA Display Driver Service: %SystemRoot%\system32\nvvsvc.exe (autostart)
NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Microsoft Office Diagnostics Service: "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start)
Creative Camera OEM002 Driver: system32\DRIVERS\OEM02Dev.sys (manual start)
Creative Camera OEM002 Video VFX Driver: system32\DRIVERS\OEM02Vfx.sys (manual start)
RICOH OHCI Compliant IEEE 1394-hostcontroller: system32\DRIVERS\ohci1394.sys (manual start)
Office Source Engine: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
Parallel port driver: \SystemRoot\system32\drivers\parport.sys (manual start)
Partition Manager: System32\drivers\partmgr.sys (system)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
PCI Bus-stuurprogramma: system32\drivers\pci.sys (system)
pciide: \SystemRoot\system32\drivers\pciide.sys (disabled)
pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (disabled)
PDAgent: "C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe" (autostart)
PDEngine: "C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe" (manual start)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%systemroot%\sysWow64\perfhost.exe,-2: %SystemRoot%\SysWow64\perfhost.exe (manual start)
@%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\p2psvc.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (autostart)
@%systemroot%\system32\rascfg.dll,-32006: system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: \SystemRoot\system32\drivers\processr.sys (disabled)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
@%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
PxHlpa64: System32\Drivers\PxHlpa64.sys (system)
QLogic Fibre Channel Miniport Driver: \SystemRoot\system32\drivers\ql2300.sys (disabled)
QLogic iSCSI Miniport Driver: \SystemRoot\system32\drivers\ql40xx.sys (disabled)
@%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (system)
@%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32005: system32\DRIVERS\rasl2tp.sys (manual start)
@%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32007: system32\DRIVERS\raspppoe.sys (manual start)
@%systemroot%\system32\sstpsvc.dll,-202: system32\DRIVERS\rassstp.sys (manual start)
Redirected Buffering Sub Sysytem: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: \SystemRoot\system32\drivers\rdpdr.sys (disabled)
RDP Encoder Mirror Driver: system32\drivers\rdpencdd.sys (system)
Intel® PROSet/Wireless Registry Service: C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (autostart)
Remote Solver for Flow Simulation 2009: C:\Program Files\SolidWorks Corp\SolidWorks\COSMOS\binCFW\StandAloneSlv.exe (disabled)
@%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
@regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
Bluetooth-apparaat (RFCOMM Protocol TDI): system32\DRIVERS\rfcomm.sys (manual start)
rimmptsk: system32\DRIVERS\rimmpx64.sys (autostart)
rimsptsk: system32\DRIVERS\rimspx64.sys (autostart)
Ricoh xD-Picture Card Driver: system32\DRIVERS\rixdpx64.sys (autostart)
@%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (disabled)
@%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
sdbus: system32\DRIVERS\sdbus.sys (manual start)
@%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
Secdrv: \??\C:\Windows\system32\drivers\SECDRV.SYS (manual start)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start)
Serial Port Driver: \SystemRoot\system32\drivers\serial.sys (manual start)
Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (disabled)
@%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
SFF Storage Class-stuurprogramma: system32\DRIVERS\sffdisk.sys (manual start)
SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start)
Stuurprogramma volgens SFF-opslagprotocol voor SDBus: system32\DRIVERS\sffp_sd.sys (manual start)
High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (disabled)
@%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiSRaid2: \SystemRoot\system32\drivers\sisraid2.sys (disabled)
SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (disabled)
@%SystemRoot%\system32\SLsvc.exe,-101: %SystemRoot%\system32\SLsvc.exe (autostart)
@%SystemRoot%\system32\SLUINotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (system)
@%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
SolidWorks Licensing Service: "C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe" (disabled)
@%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
sptd: System32\Drivers\sptd.sys (system)
srv: System32\DRIVERS\srv.sys (manual start)
srv2: System32\DRIVERS\srv2.sys (manual start)
srvnet: System32\DRIVERS\srvnet.sys (manual start)
@%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\sstpsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
SigmaTel Audio Service: C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe (autostart)
SigmaTel High Definition Audio CODEC: system32\drivers\stwrt64.sys (manual start)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software Bus-stuurprogramma: system32\DRIVERS\swenum.sys (manual start)
@%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
Symc8xx: \SystemRoot\system32\drivers\symc8xx.sys (disabled)
Sym_hi: \SystemRoot\system32\drivers\sym_hi.sys (disabled)
Sym_u3: \SystemRoot\system32\drivers\sym_u3.sys (disabled)
@%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Tablet PC Input-service: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (disabled)
Telephony: %SystemRoot%\System32\svchost.exe -k NetworkService (disabled)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
TC USB Kernel Driver: System32\Drivers\tcusb.sys (manual start)
TDPIPE: system32\drivers\tdpipe.sys (manual start)
TDTCP: system32\drivers\tdtcp.sys (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
Stuurprogramma voor terminal-apparaat: system32\DRIVERS\termdd.sys (system)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\System32\shsvcs.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
Terminal Services Security Filter Driver: System32\DRIVERS\tssecsrv.sys (manual start)
Stuurprogramma voor Microsoft Tun Minipoort-adapter: system32\DRIVERS\tunmp.sys (manual start)
Microsoft IPv6 Tunnel Miniport Adapterstuurprogramma: system32\DRIVERS\tunnel.sys (manual start)
Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start)
udfs: system32\DRIVERS\udfs.sys (disabled)
VMware Agent Service: "C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe" -d "C:\Program Files (x86)\VMware\VMware Workstation\\" -s ufad-p2v.xml (disabled)

Mad_piggy

Legacy Member
En tot slot het laatste deel:
Code:
@%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start)
uliahci: \SystemRoot\system32\drivers\uliahci.sys (disabled)
UlSata: \SystemRoot\system32\drivers\ulsata.sys (disabled)
ulsata2: \SystemRoot\system32\drivers\ulsata2.sys (disabled)
UMBus Enumerator-stuurprogramma: system32\DRIVERS\umbus.sys (manual start)
@%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Apple Mobile USB Driver: System32\Drivers\usbaapl64.sys (manual start)
Microsoft algemeen hoofd-USB-stuurprogramma: system32\DRIVERS\usbccgp.sys (manual start)
eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (disabled)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
Stuurprogramma voor Microsoft USB Standaard-hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: \SystemRoot\system32\drivers\usbohci.sys (disabled)
Microsoft USB PRINTER Class: \SystemRoot\system32\drivers\usbprint.sys (disabled)
Stuurprogramma voor USB-massaopslag: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
USB-videoapparaat (WDM): System32\Drivers\usbvideo.sys (manual start)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
vga: system32\DRIVERS\vgapnp.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
viaide: \SystemRoot\system32\drivers\viaide.sys (disabled)
VMware vmci: \??\C:\Windows\system32\drivers\vmci.sys (autostart)
VMware Virtual Ethernet Adapter Driver: system32\DRIVERS\vmnetadapter.sys (manual start)
Stuurprogramma voor Volumebeheer: system32\drivers\volmgr.sys (system)
Dynamic Volume Manager: System32\drivers\volmgrx.sys (system)
Opslagvolumes: system32\drivers\volsnap.sys (system)
vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (disabled)
@%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
Vstor2 WS60 Virtual Storage Driver: \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (autostart)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (disabled)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
Remote Access IPv6 ARP Driver: system32\DRIVERS\wanarp.sys (system)
@%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
Microsoft Watchdog Timer Driver: \SystemRoot\system32\drivers\wd.sys (disabled)
Kernel Mode Driver Frameworks service: system32\drivers\Wdf01000.sys (system)
@%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k wdisvc (manual start)
@%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (autostart)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart)
@%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Logitech Virtual Bus Enumerator Driver: system32\drivers\WmBEnum.sys (manual start)
Logitech Gaming HID Filter Driver: system32\drivers\WmFilter.sys (manual start)
Logitech Gaming USB Filter Driver: system32\drivers\WmHidLo.sys (manual start)
Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (manual start)
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
@%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101: "%ProgramFiles%\Windows Media Player\wmpnetwk.exe" (disabled)
Logitech Virtual Hid Device Driver: system32\drivers\WmVirHid.sys (manual start)
Logitech Translation Layer Driver: system32\drivers\WmXlCore.sys (manual start)
@%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning: \SystemRoot\system32\drivers\ws2ifsl.sys (system)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
@%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Marvell Yukon Service: RUNDLL32.EXE ykx64mpcoinst,serviceStartProc (autostart)
NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller: system32\DRIVERS\yk60x64.sys (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = PDBoot.exe

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: C:\Windows\SysWOW64\webcheck.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 51.932 bytes
Report generated in 0,249 seconds

Juisterr

Legacy Member
Download reglooks.exe
Plaats het op je bureaublad.
Dubbelklik op reglooks.exe. Doe verder niets en wacht tot er een logfile opent. Post de inhoud van deze logfile.

Mad_piggy

Legacy Member
Hier is het logje:

Code:
REGLOOKS logfile

version 0.977
do 23/04/2009  23:36:48,58
running from: "C:\Users\Pigmaster\Desktop"

--- SSODL regkeys ---

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
only standard or legit regkeys found 


--- STS regkeys ---

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
only standard or legit regkeys found 


--- USERINIT regkey ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
"Userinit"="userinit.exe"


--- SHELL regkey ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
"Shell"="explorer.exe"


--- SYSTEM regkey ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon


--- APPINIT_DLLS regkey --- 

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
"AppInit_DLLs"="C:\\PROGRA~2\\KASPER~1\\KASPER~1\\mzvkbd.dll,C:\\PROGRA~2\\KASPER~1\\KASPER~1\\adialhk.dll,C:\\PROGRA~2\\KASPER~1\\KASPER~1\\mzvkbd3.dll"


--- NOTIFY regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
only standard or legit regkeys found 


--- BOOTEXECUTE regkey ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
BootExecute= PDBoot.exe\0autocheck autochk *\0\0


--- SHELLEXECUTEHOOKS regkey ---

HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks


--- HKLM\Run regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
@=""
"AVP"="\"C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2009\\avp.exe\""
"OEM02Mon.exe"="\"C:\\Windows\\OEM02Mon.exe\""
[Run\OptionalComponents]
@=""
[Run\OptionalComponents\IMAIL]
@=""
"Installed"="1"
[Run\OptionalComponents\MAPI]
@=""
"NoChange"="1"
"Installed"="1"
[Run\OptionalComponents\MSFS]
@=""
"Installed"="1"


--- HKLM\RunOnce regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
no HKLM RunOnce keys found


--- HKLM\RunOnceEx regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
no HKLM RunOnceEx keys found


--- HKLM\RunServices regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
no HKLM RunServices keys found


--- HKLM\RunServicesOnce regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
regkey does not exist 


--- HKCU\Run regkeys ---

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Sidebar"="\"C:\\Program Files\\Windows Sidebar\\sidebar.exe\" /autoRun"
[Run\AdobeUpdater]
@=""


--- HKCU\RunOnce regkeys ---

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
no HKCU RunOnce keys found


--- HKCU\RunOnceEx regkeys ---

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
no HKCU RunOnceEx keys found


--- HKCU\RunServices regkeys ---

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
no HKCU RunServices keys found


--- HKCU\RunServicesOnce regkeys ---

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
regkey does not exist 


--- HKU\.DEFAULT\Run regkeys - Default user ---

HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
no HKU\.DEFAULT\Run keys found


--- HKU\S-1-5-18\Run regkeys - user SYSTEM ---

HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
no HKU\S-1-5-18\Run keys found


--- HKU\S-1-5-19\Run regkeys - User Lokale service ---

HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Sidebar"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,6e,64,6f,\
  77,73,20,53,69,64,65,62,61,72,5c,53,69,64,65,62,61,72,2e,65,78,65,20,2f,64,\
  65,74,65,63,74,4d,65,6d,00
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"


--- HKU\S-1-5-20\Run regkeys - User Netwerkservice ---

HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"Sidebar"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,6e,64,6f,\
  77,73,20,53,69,64,65,62,61,72,5c,53,69,64,65,62,61,72,2e,65,78,65,20,2f,64,\
  65,74,65,63,74,4d,65,6d,00
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"


--- HKLM\Explorer\Run regkeys ---

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
regkey does not exist 


--- HKCU\Explorer\Run regkeys ---

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
regkey does not exist 


--- Image File Execution regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
no debuggers found


--- BROWSER HELPER OBJECTS regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
"{000123B4-9B42-4900-B3F7-F4B073EFC214}"     FILE ="C:\\Program Files (x86)\\Orbitdownloader\\orbitcth.dll"
"{074C1DC5-9320-4A9A-947D-C042949C6216}"     FILE ="C:\\Program Files (x86)\\Adobe\\/Adobe Contribute CS4/contributeieplugin.dll"
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"     FILE ="C:\\Program Files (x86)\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelperShim.dll"
"{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}"     FILE ="C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2009\\ievkbd.dll"
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"     FILE ="C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll"
"{AE7CD045-E861-484f-8273-0445EE161910}"     regkey not found (ERROR) 
"{DBC80044-A445-435b-BC74-9C25C1C588A9}"     FILE ="C:\\Program Files (x86)\\Java\\jre6\\bin\\jp2ssv.dll"
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"     regkey not found (ERROR) 


--- TOOLBAR regkeys ---

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"     regkey not found 
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"     FILE ="C:\\Program Files (x86)\\Adobe\\/Adobe Contribute CS4/contributeieplugin.dll"


--- URLSEARCHHOOKS regkeys ---

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
only standard regkeys found  


--- SRCEENSAVER regkey ---

HKEY_CURRENT_USER\Control Panel\Desktop
"SCRNSAVE.EXE"="C:\\Windows\\system32\\logon.scr"


--- CONTEXTMENUHANDLERS regkeys ---

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
"Adobe.Acrobat.ContextMenu"  CLSID ={D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}   FILE ="C:\\Program Files (x86)\\Adobe\\Acrobat 9.0\\Acrobat Elements\\ContextMenu.dll"
"BriefcaseMenu"  CLSID ={85BBD920-42A0-1069-A2E4-08002B30309D}   FILE ="syncui.dll"
"Cover Designer"  CLSID ={73FCA462-9BD5-4065-A73F-A8E5F6904EF7}   FILE ="C:\\Program Files (x86)\\Nero\\Nero 9\\Nero CoverDesigner\\CoverEdExtension.dll"
"DeleteFilesPermanently"  CLSID ={D153588F-C995-415E-9819-280FDB9B8C79}     FILE NOT FOUND
"Kaspersky Anti-Virus"  CLSID ={dd230880-495a-11d1-b064-008048ec2fc5}   FILE ="C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2009\\ShellEx.dll"
"Open With"  CLSID ={09799AFB-AD67-11d1-ABCD-00C04FC30936}   FILE =%SystemRoot%\system32\shell32.dll 
"Open With EncryptionMenu"  CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46}   FILE =%SystemRoot%\system32\shell32.dll 
"Sharing"  CLSID ={f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}   FILE ="ntshrui.dll"
"WinRAR"  CLSID ={B41DB860-64E4-11D2-9906-E49FADC173CA}     FILE NOT FOUND
"WinRAR32"  CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA}   FILE ="C:\\Program Files (x86)\\WinRAR\\rarext.dll"
"{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}"  Start Menu Pin   FILE =%SystemRoot%\system32\shell32.dll 
 
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers
"EncryptionMenu"  CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46}   FILE =%SystemRoot%\system32\shell32.dll 
"Sharing"  CLSID ={f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}   FILE ="ntshrui.dll"
"WinRAR"  CLSID ={B41DB860-64E4-11D2-9906-E49FADC173CA}     FILE NOT FOUND
"WinRAR32"  CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA}   FILE ="C:\\Program Files (x86)\\WinRAR\\rarext.dll"
 
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers
"Adobe.Acrobat.ContextMenu"  CLSID ={D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802}   FILE ="C:\\Program Files (x86)\\Adobe\\Acrobat 9.0\\Acrobat Elements\\ContextMenu.dll"
"BriefcaseMenu"  CLSID ={85BBD920-42A0-1069-A2E4-08002B30309D}   FILE ="syncui.dll"
"DeleteFilesPermanently"  CLSID ={D153588F-C995-415E-9819-280FDB9B8C79}     FILE NOT FOUND
"Kaspersky Anti-Virus"  CLSID ={dd230880-495a-11d1-b064-008048ec2fc5}   FILE ="C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2009\\ShellEx.dll"
"WinRAR"  CLSID ={B41DB860-64E4-11D2-9906-E49FADC173CA}     FILE NOT FOUND
"WinRAR32"  CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA}   FILE ="C:\\Program Files (x86)\\WinRAR\\rarext.dll"


--- ALTERNATESHELL regkey ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
"AlternateShell"="cmd.exe"


--- SAFEBOOT MINIMAL SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
Wdf01000.sys
 

--- SAFEBOOT NETWORK SERVICES ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
Wdf01000.sys
 

--- SERVICES --- 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\adfs 
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdobeDriveCS4_NP 
   "DisplayName"="Adobe Drive CS4 NP"
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AESTFilters 
   "DisplayName"="Andrea ST Filters Service"
   C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\AESTSr64.exe 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ApfiltrService 
   "DisplayName"="Alps Touch Pad Filter Driver for Windows Vista x64"
   system32\DRIVERS\Apfiltr.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwaudio 
   "DisplayName"="Bluetooth-audioapparaat"
   system32\drivers\btwaudio.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwavdt 
   "DisplayName"="Bluetooth AVDT"
   system32\drivers\btwavdt.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\btwrchid 
   system32\DRIVERS\btwrchid.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\clr_optimization_v2.0.50727_64 
   "DisplayName"="Microsoft .NET Framework NGEN v2.0.50727_X64"
   %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DefragFS 
   "DisplayName"="DefragFS"
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DFUBTUSB 
   "DisplayName"="WIDCOMM USB Bluetooth Driver in DFU State"
   System32\Drivers\frmupgr.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ENTECH64 
   "DisplayName"="ENTECH64"
   \??\C:\Windows\system32\DRIVERS\ENTECH64.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\exfat 
   "DisplayName"="exFAT File System Driver"
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Hardlock 
   "DisplayName"="Hardlock"
   \??\C:\Windows\system32\drivers\hardlock.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hexmagic 
   "DisplayName"="hexmagic"
   \??\C:\Windows\system32\drivers\hexmagic.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidBth 
   "DisplayName"="Microsoft Bluetooth HID-minipoort"
   system32\DRIVERS\hidbth.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hitmanpro3 
   "DisplayName"="Hitman Pro 3 Support Driver"
   \??\C:\Windows\system32\drivers\hitmanpro3.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaNvStor 
   "DisplayName"="Intel(R) Turbo Memory Controller"
   system32\DRIVERS\iaNvStor.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor 
   "DisplayName"="Intel AHCI Controller"
   system32\drivers\iastor.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KLBG 
   "DisplayName"="Kaspersky Lab Boot Guard Driver"
   system32\DRIVERS\klbg.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KLFLTDEV 
   "DisplayName"="Kaspersky Lab KLFltDev"
   system32\DRIVERS\klfltdev.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\KLIM6 
   "DisplayName"="Kaspersky Anti-Virus NDIS 6 Filter"
   system32\DRIVERS\klim6.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ksthunk 
   "DisplayName"="Kernel Streaming Thunks"
   \SystemRoot\system32\drivers\ksthunk.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NETw5v64 
   "DisplayName"="Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit"
   system32\DRIVERS\NETw5v64.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OEM02Dev 
   "DisplayName"="Creative Camera OEM002 Driver"
   system32\DRIVERS\OEM02Dev.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OEM02Vfx 
   "DisplayName"="Creative Camera OEM002 Video VFX Driver"
   system32\DRIVERS\OEM02Vfx.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDAgent 
   "DisplayName"="PDAgent"
   "C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PDEngine 
   "DisplayName"="PDEngine"
   "C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PerfHost 
   "DisplayName"="@%systemroot%\\sysWow64\\perfhost.exe,-2"
   %SystemRoot%\SysWow64\perfhost.exe 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PxHlpa64 
   "DisplayName"="PxHlpa64"
   System32\Drivers\PxHlpa64.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasSstp 
   "DisplayName"="@%systemroot%\\system32\\sstpsvc.dll,-202"
   system32\DRIVERS\rassstp.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sffdisk 
   "DisplayName"="SFF Storage Class-stuurprogramma"
   system32\DRIVERS\sffdisk.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SstpSvc 
   "DisplayName"="@%SystemRoot%\\system32\\sstpsvc.dll,-200"
   %SystemRoot%\system32\svchost.exe -k LocalService

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STacSV 
   "DisplayName"="SigmaTel Audio Service"
   C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bb0e6831\STacSV64.exe 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STHDA 
   "DisplayName"="SigmaTel High Definition Audio CODEC"
   system32\drivers\stwrt64.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TcUsb 
   "DisplayName"="TC USB Kernel Driver"
   System32\Drivers\tcusb.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmci 
   "DisplayName"="VMware vmci"
   \??\C:\Windows\system32\drivers\vmci.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vstor2-ws60 
   "DisplayName"="Vstor2 WS60 Virtual Storage Driver"
   \??\C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmBEnum 
   "DisplayName"="Logitech Virtual Bus Enumerator Driver"
   system32\drivers\WmBEnum.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmFilter 
   "DisplayName"="Logitech Gaming HID Filter Driver"
   system32\drivers\WmFilter.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmHidLo 
   "DisplayName"="Logitech Gaming USB Filter Driver"
   system32\drivers\WmHidLo.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmVirHid 
   "DisplayName"="Logitech Virtual Hid Device Driver"
   system32\drivers\WmVirHid.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WmXlCore 
   "DisplayName"="Logitech Translation Layer Driver"
   system32\drivers\WmXlCore.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\yksvc 
   "DisplayName"="Marvell Yukon Service"
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\yukonx64 
   "DisplayName"="NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller"
   system32\DRIVERS\yk60x64.sys 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{15F224B8-E74B-4C9F-835D-14DE99E9F0C1} 
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{3727E516-CD05-4AAB-BA5F-155D3F8CE8FC} 
   no imagepath value found 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{5F00BB2C-5B6C-4E0F-BE99-29E22847D3D4} 
   no imagepath value found 


--- SECURITYPROVIDERS regkey ---

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
"SecurityProviders"="credssp.dll"


--- SVCHOST regkey ---

HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost
LocalSystemNetworkRestricted: hidserv\0Netman\0AudioEndpointBuilder\0dot3svc\0WPDBusEnum\0wlansvc\0\0
termsvcs: TermService\0\0
LocalService: NSI\0SSDPSRV\0upnphost\0SCardSvr\0RemoteRegistry\0WinHttpAutoProxySvc\0TBS\0SLUINotify\0netprofm\0QWAVE\0WebClient\0\0
netsvcs: AeLookupSvc\0Themes\0CertPropSvc\0SCPolicySvc\0lanmanserver\0gpsvc\0AudioSrv\0FastUserSwitchingCompatibility\0Ias\0Irmon\0Nla\0Ntmssvc\0NWCWorkstation\0Nwsapagent\0Rasauto\0Rasman\0Remoteaccess\0SENS\0Sharedaccess\0SRService\0Tapisrv\0Wmi\0WmdmPmSp\0TermService\0wuauserv\0BITS\0ShellHWDetection\0LogonHours\0PCAudit\0helpsvc\0uploadmgr\0iphlpsvc\0msiscsi\0SessionEnv\0schedule\0winmgmt\0\0
rpcss: RpcSs\0\0
LocalServiceNetworkRestricted: AudioSrv\0LmHosts\0wscsvc\0p2pimsvc\0PNRPSvc\0p2psvc\0WPCSvc\0PnrpAutoReg\0\0
wcssvc: WcsPlugInService\0\0
DcomLaunch: PlugPlay\0DcomLaunch\0\0
NetworkService: DHCP\0TermService\0DNSCache\0NapAgent\0nlasvc\0WinRM\0WECSVC\0Tapisrv\0\0
imgsvc: StiSvc\0\0
 

--- WOW-CMDLINE regkeys ---

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW


--- DNS SERVER regkeys ---

no "NameServer" values found


--- STARTUP FOLDERS ---

C:\Users\Pigmaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk


--- TASK SCHEDULER JOBS ---

C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{56E2320C-D24C-432C-B329-74EB301558CB}.job


--- File associations ---

.BAT files: ("%1" %*)
.COM files: ("%1" %*)
.EXE files: ("%1" %*)
.HLP files: (%SystemRoot%\winhlp32.exe %1)
.INF files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
.INI files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
.JS files: (C:\Windows\SysWOW64\WScript.exe "%1" %*)
.PIF files: ("%1" %*)
.REG files: (regedit.exe "%1")
.SCR files: ("%1" /S)
.TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
.VBS files: ("%SystemRoot%\System32\WScript.exe" "%1" %*)


FINISHED

Juisterr

Legacy Member
Ik denk nog steeds dat je beter terug kan naar fabrieksinstellingen.

Download OTMoveIt3 (by OldTimer) naar je Bureaublad.
* Dubbelklik op OTMoveIt3.exe om de tool te starten.
* Kopiëer (selecteren en druk Ctrl-C) alle onderstaande, vetgedrukte tekst :
Code:
:Processes

:Services
:Reg
:Files

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
* Plak de gekopiëerde tekst (druk Ctrl-V) in het "Paste List of Files/Folders to be moved" venster
* Klik op de rode MoveIt! knop
* Kopiëer en plak de inhoud van het rechter resultaat-venster in je volgende antwoord,
(of het logje dat je terugvindt als C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log).
* Sluit OTMoveIt3
Indien een bestand of map niet onmiddellijk kan verplaatst worden,
kun je gevraagd worden om de PC te herstarten teneinde het verplaatsen te beeïndigen.
Klik dan op Ja/Yes.

Mad_piggy

Legacy Member
Terug kan naar fabrieksinstellingen kan ik jammergenoeg niet doen.
De laptop werd geleverd met vista 32bit (en de recovery disk dus ook)
En ik heb er zelf later vista 64bit op gezet.

Hier is de log:
Code:
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
Explorer started successfully
 
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04242009_211325

Mad_piggy

Legacy Member
Het gaat nog niet zo vlug als het ooit heeft gegaan, maar het is al een pak verbeterd.
Ik krijg nu niet altijd meer dat zwarte scherm. Laat ons zeggen 1/3 boot hij zoals het zou moeten.

Wat ik ook heb laten draaien zijn:
- perfect disk 10 (disk fragmentation 8% Nu: 0%)
- spybot (no problems found)
- ad-aware (no problems found)
- hitman pro 3 (no problems found)
- Kaspersky (no problems found)
- Advanced SystemCare (no virus, no ad-aware, no spyware, reg errors fixed)

In ieder geval al bedankt voor de tijd die je er al hebt ingestoken

Juisterr

Legacy Member
- perfect disk 10 (disk fragmentation 8% Nu: 0%)
- spybot (no problems found)
- ad-aware (no problems found)
- hitman pro 3 (no problems found)
- Kaspersky (no problems found)
- Advanced SystemCare (no virus, no ad-aware, no spyware, reg errors fixed)

- hitman pro 3 (no problems found)
- Kaspersky (no problems found)

die twee kan je verwijderen hoor, teveel van het goede.

Mad_piggy

Legacy Member
Heb momenteel nog enkel perfect disk en kaspersky erop staan.
De andere waren enkel om eens te zien of er echt niets op zat.

Mad_piggy

Legacy Member
Jep nog steeds hetzelfde. Ik zou niet weten aan wat het nog kan liggen.
Was aan het denken dat mss gewoon mijn register om zeep is (teveel dingen onnodig verwijderd) Maar ja

Eens dat gij is opgestart werkt alles prima, dus als ik ooit nog eens de goesting krijg om hem te formateren, zal ik dat doen. Maar ik zie daar nu wat tegen op.

Weet er iemand hoeveel keer je met 1 serial (OEM-serial op stikker onderaan de laptop)kan activeren (zonder naar windows te moeten bellen???

Juisterr

Legacy Member
Een legitieme versie is een legitieme versie, kan onbeperkt voor zover ik weet als je het maar op die pc doet.
Het archief is een bevroren moment uit een vorige versie van dit forum, met andere regels en andere bazen. Deze posts weerspiegelen op geen enkele manier onze huidige ideeën, waarden of wereldbeelden en zijn op sommige plaatsen gecensureerd wegens ontoelaatbaar. Veel zijn in een andere tijdsgeest gemaakt, al dan niet ironisch - zoals in het ironische subforum Off-Topic - en zouden op dit moment niet meer gepost (mogen) worden. Toch bieden we dit archief nog graag aan als informatiedatabank en naslagwerk. Lees er hier meer over of start een gesprek met anderen.
Terug
Bovenaan