Vraag & Antwoord

Beveiliging & privacy

Wat is een RGN bestand?

25 antwoorden
  • Hallo allemaal, Een kennis heeft een computer vol virussen gehad, hij dacht dat hij geen virus scanner nodig had omdat hij Planet Internet had met anti virus filter, ahum. Het was zelfs zo erg dat hij bijna geen contact meer kon krijgen met internet en de computer een soort eigen leven ging leiden. OK AVG erop gezet en virussen er af gehaald. Als de computer nu aan het internet hangt komen er heel veel popups binnen en worden er .rgn files in de temp map onder Local Setting van de gebruiker te staan. Weet iemand van jullie wat een RGN-bestand is en waar dit vandaan komt? En hoe ik dit kan voorkomen? AVG en Adaware weten er geen raad mee (geven geen waarschuwing). Moos
  • Plaats even een hijackthis log. Je kunt ook eens een online virusscan doen bij trendmicro. Of een trial van nod32 downloaden en installeren.
  • Misschien een domme vraag maar hoe maak ik / gebruik ik die hijackthis log, ik kom het veel tegen maar nog nooit gebruikt. Kan het nu ook niet doen omdat ik die computer niet hier heb staan.
  • Leesvoer.. http://forum.computertotaal.nl/phpBB2/viewtopic.php?t=115358
  • Ik was al even aan het zoeken geweest op het forum maar kwam dit niet tegen en op google natuurlijk maar deze FAQ is wel erg duidelijk en volledig, bedankt Prin0096 en gerben natuurlijk. Ik ga er volgende week eens in duiken en dan post ik een logfile. Tot dan dan, Moos.
  • Nou hier komt het logfile dan, ik ben benieuwd. Logfile of HijackThis v1.99.1 Scan saved at 14:33:11, on 7-2-2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\IP Insight\ARMon32a.exe C:\Program Files\Network Monitor\netmon.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Stop-the-Pop-Up\stopthepop.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\System32\wuauclt.exe C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.standbyservice.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.planet.nl:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = reg.planet.nl;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] c:\PROGRA~1\logitech\MOUSEW~1\system\EM_EXEC.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sureshotpopupkiller] "C:\Program Files\Stop-the-Pop-Up\stopthepop.exe" -minimized O4 - HKLM\..\RunServices: [MS Unix Binary] njhdg.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PImenu] C:\Program Files\PImenu\Pimenu.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O14 - IERESET.INF: START_PAGE_URL=http://www.standbyservice.nl O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138915683596 O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\ir06l5ds1.dll O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Inverse IP InSight Client (InverseLaunchIPI) - Inverse Network Technology - C:\Program Files\IP Insight\LaunchIPI.exe O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing) O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
  • Ga naar Configuratiescherm -- Software en deïnstalleer het volgende programma: [b:e313afaf17]Network Monitor[/b:e313afaf17] Download de L2Mfix [url=http://www.downloads.subratam.org/l2mfix.exe]hier[/url]. Plaats het bestand op je buroblad. Klik op l2mfix.exe. Klik op "Accept". Zorg dat de l2mfix-map op je bureaublad geplaatst wordt. Klik op "Install". Op je bureaublad open je de map l2mfix. Klik op l2fix.bat. Klik op "1" om optie te 1 selecteren: Run Find Log. Dit gaat even duren. Na een tijdje wordt er een kladblokbestand geopend. Kopieer en plak de inhoud van dit bestand in je volgende post. Start HijackThis nog een keer kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regels: [b:e313afaf17]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\RunServices: [MS Unix Binary] njhdg.exe[/b:e313afaf17] Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af. Groeten smeenk ;)
  • Alvast bedankt, ik ga ermee aan de slag maar kan het l2mfix.exe progje niet downloaden, pagina wordt niet weergegeven. Kan ik die nog ergens anders vandaan halen? Laat maar 'k heb um al, wat is google toch mooi he. Tot zo EH.. dat was denk ik een ander progje, heeft geen Accept en Install. Andere links naar l2mfix.exe doen het niet, wat nu?
  • Probeer deze link eens: http://www.atribune.org/downloads/l2mfix.exe Hmmm, deze doet het ook niet, het probleem zal wel van tijdelijke aard zijn, even wachten dus :-?
  • Dit zijn de twee links die ik overal tegen kom maar niet werken, tenminste de pagina kan niet gevonden worden. [url]http://www.atribune.org/downloads/l2mfix.exe[/url] [url]http://www.downloads.subratam.org/l2mfix.exe[/url]
  • Ik heb er nog één gevonden, het zou een oudere versie kunnen zijn: http://www.wintotal.de/server/l2mfix.zip Unzippen op je bureaublad en plaats het logje
  • Nou ik hoop dat ik het goed gedaan heb, hier is het logfile, wat een giga lang ding trouwens: L2MFIX find log 1.03 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] "Asynchronous"=dword:00000000 "DllName"="" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{7F36BEE0-F500-BB52-78FB-6581D6618268}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Eigenschappenvenster van multimediabestand" "{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-scannerbeheer" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Het tabblad Beveiliging" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Eigenschappenblad voor OLE-docbestand" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell-uitbreidingen voor delen" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Beeldschermadapter" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Monitor" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Beeldscherm-panning" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Het tabblad Beveiliging" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Compatibiliteitspagina" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Knipselgegevensverwerker van shell" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Schijfkopieer-uitbreiding" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell-uitbreidingen voor Microsoft Windows Network-objecten" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-monitorbeheer" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-printerbeheer" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell-uitbreidingen voor bestandscompressie" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Shell-uitbreiding voor Web Printer" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Snelmenu Codering" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Werkmap" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-pictogramuitbreiding" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profiel" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Het tabblad Beveiliging voor printers" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell-uitbreidingen voor delen" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO-extensie" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto-handtekeningextensie" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netwerkverbindingen" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Netwerkverbindingen" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners en camera's" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners en camera's" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners en camera's" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners en camera's" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners en camera's" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell-uitbreidingen voor Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Data Link" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Geplande taken" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taakbalk en menu Start" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Zoeken" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Help en ondersteuning" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Help en ondersteuning" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Uitvoeren..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Lettertypen" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Systeembeheer" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet-werkbalk" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Downloadstatus" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Uitgebreide shell-map" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Uitgebreide shell-map 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft-browserbalk" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Zoekbalk" "{32683183-48a0-441b-a342-7c2a440a9478}"="Mediabalk" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Zoeken binnen deelvenster" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Zoeken op het web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Hulpprogramma met opties voor registerboomstructuur" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adres" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoAanvullen" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU-lijst voor AutoAanvullen" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Aangepaste MRU-lijst voor AutoAanvullen" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Toegankelijk" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Pop-upbalk Volgen" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Parser voor adresbalk" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lijst voor AutoAanvullen: Microsoft Geschiedenis" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Lijst voor AutoAanvullen: Microsoft Shell-map" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft-container met meervoudige lijst voor AutoAanvullen" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Sitemenu van shell-band" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Gebruikersondersteuning" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Globale mapinstellingen" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url-geschiedenisservice" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Geschiedenis" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Tijdelijke Internet-bestanden" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Tijdelijke Internet-bestanden" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url-zoeken Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite-welkomstscherm" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Het Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer-band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Cachemap van ActiveX" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Map met abonnementen" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Toepassingsbeheer" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Programma voor inventarisatie van ge‹nstalleerde toepassingen" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI- en bestandsextractieprogramma voor miniaturen" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Informatie over de handler voor miniatuurweergaven (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-extractie voor miniatuurweergaven" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Wizard Webpublicaties" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Afdrukken via het web bestellen" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell-object voor publicatiewizard" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Wizard Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Gebruikersaccounts" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Kanaal-bestand" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Kanaal-snelkoppeling" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Handler-object voor kanalen" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Map Off line bestanden" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Personen..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{A4DF5659-0801-4A60-9607-1C48695EFDA9}"="Verzendmap van Share-to-Web" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Webmappen" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{3EEAA76A-CA1D-4776-96EB-5B982AEC6F7B}"="" "{4B84861E-1766-4AAD-AFE5-E91CB1C82629}"="" "{73158846-0A2F-450C-814E-63D9342B4BC0}"="" "{BA194CEC-2034-4705-B670-199560FB8260}"="" "{A63B34F5-3AF3-420C-9629-7FA2796882C9}"="" "{AEA4CD0E-895C-433E-95D3-12B219CC0058}"="" "{C816D257-E5CB-42AC-9526-FC2465184BD4}"="" "{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}"="" "{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}"="" "{5B915677-FEA0-4186-A257-3BB28878A1D0}"="" "{50B8E1BA-7912-4704-8E5F-3717B744D6D4}"="" "{9792CFA4-FB99-4DD1-B96C-732B0686CB82}"="" "{C2F94B3A-783E-499A-94FC-E4BB75A2053D}"="" "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension" "{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension" "{8640902E-3510-450B-9C2E-2065AFE91058}"="" "{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}"="" "{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}"="" "{C8E50592-87B1-475B-810F-88F6C8B2ECDC}"="" "{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}"="" "{B7A8F939-8254-464E-B5B8-6C944246BC88}"="" "{EBFAB331-884C-4EFF-BBEF-ABA893730269}"="" "{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}"="" "{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}"="" "{631E851D-7946-4B7D-B8B1-72E12D412CE2}"="" "{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}"="" "{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}"="" "{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}"="" "{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}"="" "{965378B4-382D-4B62-B860-92DAC989BBC1}"="" "{5CC29D5C-7218-472E-AC9C-258C976492E2}"="" "{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}"="" "{58B2A21C-4415-484E-B9F7-DA184AD01CEE}"="" "{E7618F5C-E651-4CC9-BAED-70AD9B643796}"="" "{1C8F9770-8CA6-4CE1-A02A-0707706050C2}"="" "{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\InprocServer32] @="C:\\WINDOWS\\system32\\unrdtea.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\InprocServer32] @="C:\\WINDOWS\\system32\\dunmpntw.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\InprocServer32] @="C:\\WINDOWS\\system32\\acfsipc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\InprocServer32] @="C:\\WINDOWS\\system32\\mFg_hook.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\InprocServer32] @="C:\\WINDOWS\\system32\\lkghours.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\InprocServer32] @="C:\\WINDOWS\\system32\\lxpcx80n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\InprocServer32] @="C:\\WINDOWS\\system32\\mrtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\InprocServer32] @="C:\\WINDOWS\\system32\\dxmclien.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\InprocServer32] @="C:\\WINDOWS\\system32\\CIDBUI.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\InprocServer32] @="C:\\WINDOWS\\system32\\pwdgen.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\InprocServer32] @="C:\\WINDOWS\\system32\\dfdskmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\InprocServer32] @="C:\\WINDOWS\\system32\\whwfaxui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\InprocServer32] @="C:\\WINDOWS\\system32\\dkghelp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\InprocServer32] @="C:\\WINDOWS\\system32\\mhtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbccu32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\InprocServer32] @="C:\\WINDOWS\\system32\\cdypt32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\InprocServer32] @="C:\\WINDOWS\\system32\\issmsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\InprocServer32] @="C:\\WINDOWS\\system32\\siscrap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\InprocServer32] @="C:\\WINDOWS\\system32\\tcemeui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\InprocServer32] @="C:\\WINDOWS\\system32\\ljpcx80n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\InprocServer32] @="C:\\WINDOWS\\system32\\cirpol.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\InprocServer32] @="C:\\WINDOWS\\system32\\cgseqchk.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\InprocServer32] @="C:\\WINDOWS\\system32\\myratelc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\InprocServer32] @="C:\\WINDOWS\\system32\\jdpl400.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\InprocServer32] @="C:\\WINDOWS\\system32\\laexpand.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\InprocServer32] @="C:\\WINDOWS\\system32\\wvvdmod.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\InprocServer32] @="C:\\WINDOWS\\system32\\akycfilt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\InprocServer32] @="C:\\WINDOWS\\system32\\dointf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\InprocServer32] @="C:\\WINDOWS\\system32\\ndtman.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\InprocServer32] @="C:\\WINDOWS\\system32\\pwintui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\InprocServer32] @="C:\\WINDOWS\\system32\\mdimsg.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\InprocServer32] @="C:\\WINDOWS\\system32\\nrwdev.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\InprocServer32] @="C:\\WINDOWS\\system32\\ipclass.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ acfsipc.dll Mon 30 Jan 2006 19:12:36 ..S.R 235.860 230,33 K akycfilt.dll Sun 5 Feb 2006 14:37:42 ..S.R 235.537 230,02 K aol.dll Thu 2 Feb 2006 22:36:38 ..S.R 234.905 229,40 K cdypt32.dll Thu 2 Feb 2006 20:06:50 ..S.R 237.126 231,57 K cgseqchk.dll Fri 3 Feb 2006 19:48:04 ..S.R 234.948 229,44 K cidbui.dll Thu 2 Feb 2006 10:55:58 ..S.R 234.887 229,38 K cirpol.dll Fri 3 Feb 2006 16:36:18 ..S.R 233.472 228,00 K denet.dll Thu 2 Feb 2006 19:54:48 ..S.R 233.422 227,95 K dfdskmgr.dll Thu 2 Feb 2006 14:01:54 ..S.R 236.307 230,77 K dkghelp.dll Thu 2 Feb 2006 17:13:06 ..S.R 236.307 230,77 K dointf.dll Sun 5 Feb 2006 20:43:56 ..S.R 235.537 230,02 K dunmpntw.dll Mon 30 Jan 2006 17:01:34 ..S.R 234.624 229,13 K dxmclien.dll Thu 2 Feb 2006 8:03:26 ..S.R 234.223 228,73 K ipclass.dll Tue 7 Feb 2006 14:27:40 ..S.R 236.748 231,20 K issmsnap.dll Thu 2 Feb 2006 19:49:34 ..S.R 237.027 231,47 K j06mla~1.dll Tue 7 Feb 2006 14:23:24 ..S.R 236.011 230,48 K jdpl400.dll Sat 4 Feb 2006 15:07:52 ..S.R 236.363 230,82 K laexpand.dll Sat 4 Feb 2006 15:14:46 ..S.R 234.327 228,83 K ljpcx80n.dll Fri 3 Feb 2006 9:42:02 ..S.R 237.065 231,51 K lkghours.dll Tue 31 Jan 2006 20:08:28 ..S.R 235.860 230,33 K lv2q09~1.dll Fri 3 Feb 2006 21:37:04 ..S.R 234.948 229,44 K lxpcx80n.dll Wed 1 Feb 2006 18:02:32 ..S.R 235.860 230,33 K mdimsg.dll Mon 6 Feb 2006 19:54:30 ..S.R 235.318 229,80 K mfg_hook.dll Mon 30 Jan 2006 21:08:52 ..S.R 235.463 229,94 K mhtime.dll Thu 2 Feb 2006 17:45:54 ..S.R 236.052 230,52 K mkc71.dll Wed 1 Feb 2006 13:39:52 ..S.R 234.246 228,75 K mrtime.dll Wed 1 Feb 2006 22:56:12 ..S.R 234.228 228,74 K myratelc.dll Sat 4 Feb 2006 8:19:26 ..S.R 234.327 228,83 K ndtman.dll Sun 5 Feb 2006 17:59:22 ..S.R 236.363 230,82 K nrwdev.dll Tue 7 Feb 2006 14:23:20 ..S.R 234.757 229,25 K ofbccu32.dll Thu 2 Feb 2006 18:21:40 ..S.R 236.307 230,77 K pwdgen.dll Thu 2 Feb 2006 12:59:20 ..S.R 235.443 229,92 K pwintui.dll Mon 6 Feb 2006 16:30:36 ..S.R 234.208 228,72 K qwdit.dll Thu 2 Feb 2006 19:46:06 ..S.R 236.052 230,52 K siscrap.dll Thu 2 Feb 2006 19:59:02 ..S.R 236.897 231,34 K smgina.dll Thu 2 Feb 2006 19:52:48 ..S.R 236.052 230,52 K tcemeui.dll Thu 2 Feb 2006 20:11:36 ..S.R 237.065 231,51 K unrdtea.dll Sun 29 Jan 2006 16:18:50 ..S.R 234.380 228,89 K whwfaxui.dll Thu 2 Feb 2006 15:48:12 ..S.R 236.052 230,52 K wvvdmod.dll Sun 5 Feb 2006 12:33:00 ..S.R 236.363 230,82 K 40 items found: 40 files (40 H/S), 0 directories. Total of file sizes: 9.420.937 bytes 8,98 M Locate .tmp files: C:\WINDOWS\SYSTEM32\ guard.tmp Tue 7 Feb 2006 14:27:44 A.... 237.187 231,63 K 1 item found: 1 file, 0 directories. Total of file sizes: 237.187 bytes 231,63 K ********************************************************************************** Directory Listing of system files: Het volume in station C heeft geen naam. Het volumenummer is 9C18-3603 Map van C:\WINDOWS\System32 07-02-2006 14:27 236.748 ipclass.dll 07-02-2006 14:23 236.011 j06mlaj11do.dll 07-02-2006 14:23 234.757 nrwdev.dll 06-02-2006 19:54 235.318 mdimsg.dll 06-02-2006 16:30 234.208 pwintui.dll 05-02-2006 20:43 235.537 dointf.dll 05-02-2006 17:59 236.363 ndtman.dll 05-02-2006 14:37 235.537 akycfilt.dll 05-02-2006 12:32 236.363 wvvdmod.dll 04-02-2006 15:14 234.327 laexpand.dll 04-02-2006 15:07 236.363 jdpl400.dll 04-02-2006 08:19 234.327 myratelc.dll 03-02-2006 21:37 234.948 lv2q09f5e.dll 03-02-2006 19:48 234.948 cgseqchk.dll 03-02-2006 16:36 233.472 cirpol.dll 03-02-2006 09:42 237.065 ljpcx80n.dll 02-02-2006 22:36 234.905 aol.dll 02-02-2006 22:31 <DIR> dllcache 02-02-2006 20:11 237.065 tcemeui.dll 02-02-2006 20:06 237.126 cdypt32.dll 02-02-2006 19:59 236.897 siscrap.dll 02-02-2006 19:54 233.422 denet.dll 02-02-2006 19:52 236.052 smgina.dll 02-02-2006 19:49 237.027 issmsnap.dll 02-02-2006 19:46 236.052 qwdit.dll 02-02-2006 18:21 236.307 ofbccu32.dll 02-02-2006 17:45 236.052 mhtime.dll 02-02-2006 17:13 236.307 dkghelp.dll 02-02-2006 15:48 236.052 whwfaxui.dll 02-02-2006 14:01 236.307 dfdskmgr.dll 02-02-2006 12:59 235.443 pwdgen.dll 02-02-2006 10:55 234.887 CIDBUI.dll 02-02-2006 08:03 234.223 dxmclien.dll 01-02-2006 22:56 234.228 mrtime.dll 01-02-2006 18:02 235.860 lxpcx80n.dll 01-02-2006 13:39 234.246 mkc71.dll 31-01-2006 20:08 235.860 lkghours.dll 30-01-2006 21:08 235.463 mFg_hook.dll 30-01-2006 19:12 235.860 acfsipc.dll 30-01-2006 17:01 234.624 dunmpntw.dll 29-01-2006 16:18 234.380 unrdtea.dll 29-01-2006 08:54 <DIR> Microsoft 40 bestand(en) 9.420.937 bytes 2 map(pen) 35.216.199.680 bytes beschikbaar Ben benieuwd!
  • We gaan het handmatig proberen weg te krijgen. Dat is een beetje ingewikkeld, maar het gaat vast lukken. 1. Start Hijack This en vink alleen onderstaande regel aan: O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\ir06l5ds1.dll Doe er verder niets mee, maar laat het schermpje open staan. 2. Download [url=http://www.downloads.subratam.org/KillBox.zip]Killbox[/url] van option^Explicit naar je bureaublad. Rechtsklik het en pak het uit. 3. Open de map killbox (dus niet killbox.zip) op je bureaublad en dubbelklik killbox.exe om het te starten. Rechtsonderin zie je een geel driehoekje met daarnaast een keuzemenuutje waar nu staat "system proces". Selecteer in het scrolldown-menuutje [b:36a05dbb72]rundll32.exe[/b:36a05dbb72] en klik op "kill task". 5. Het proces dat je nu gekilled hebt, zal zichzelf weer proberen op te starten. Wacht een paar seconden en kijk opnieuw of rundll32.exe er weer tussen staat en kill het opnieuw. Blijf dit herhalen tot het niet meer terugkomt. Dit is erg belangrijk om de handmatige fix te laten lukken, dus verzeker je ervan dat het niet meer actief is voordat je door gaat. Wink 6. Kopieer onderstaande vetgedrukte tekst door het met je muis volledig te selecteren en dan op ctrl-c (gelijktijd je control en je C-toets ingedrukt houten) te klikken: [b:36a05dbb72]C:\WINDOWS\System32\ipclass.dll C:\WINDOWS\System32\j06mlaj11do.dll C:\WINDOWS\System32\nrwdev.dll C:\WINDOWS\System32\mdimsg.dll C:\WINDOWS\System32\pwintui.dll C:\WINDOWS\System32\dointf.dll C:\WINDOWS\System32\ndtman.dll C:\WINDOWS\System32\akycfilt.dll C:\WINDOWS\System32\wvvdmod.dll C:\WINDOWS\System32\laexpand.dll C:\WINDOWS\System32\jdpl400.dll C:\WINDOWS\System32\myratelc.dll C:\WINDOWS\System32\lv2q09f5e.dll C:\WINDOWS\System32\cgseqchk.dll C:\WINDOWS\System32\cirpol.dll C:\WINDOWS\System32\ljpcx80n.dll C:\WINDOWS\System32\aol.dll C:\Windows\System32\guard.tmp[/b:36a05dbb72] 7. Klik linksboven in killbox op "file" en kies "paste from clipboard" Als het goed is, zie je nu in "full path of file to delete" tekst staan. Als dat niet zo is, moet je dat nu even melden en niet doorgaan met de fix. Dat betekent namelijk dat het eerste bestand uit de lijst niet aanwezig is en dan wordt de rest ook niet gevonden. Meld het dan even en dan proberen we het opnieuw. Staat er wel tekst in het schermpje, ga dan door met onderstaande. 8. Klik op het pijltje naast "full path of file to delete" en controlleer of C:\Windows\System32\guard.tmp daar bij staat. Als dat zo is, kan je doorgaan met punt 10. Zo niet, ga dan door met punt 9. 9. Als C:\Windows\System32\guard.tmp er niet bij staat klik je weer op het pijltje naast System Process om het scroll-menuutje te zien. Controleer of rundll32.exe daar weer tussen staat, selecteer het dan en klik op "end task". Staat rundll32.exe niet in het scrolldown-menuutje, ga dan ook door met punt 10. 10. Klik in killbox op het rode rondje met het witte kruis en klik op "ja". Blijf op het rondje klikken tot je een melding krijgt dat er niets te verwijderen valt. Als je de vraag krijgt of je wil herstarten om bestanden te verwijderen, laat dan de melding open staan en ga dan eerst terug naar Hijack This en klik op "fix checked" en "ja" en sluit het af. Doe dat ook als je niet de vraag van killbox krijgt om te herstarten. Wink 11. Ga terug naar de killbox en geef toestemming om te herstarten. Werd het niet gevraagd, herstart dan zelf. 12.Plaats na de herstart een nieuw logje van Hijack This en een nieuw logje van optie 1 van L2mfix.
  • Even tussendoor, ik ga gewoon verder hoor, maar WAT gaan we nu handmatig weghalen?
  • Ik zie: O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\ir06l5ds1.dll niet meer in de lijst staan. Ik neem tenminste aan dat ik op Do a system scan only moest klikken. Wat nu? Verder gaan met 2?
  • Die versie van l2mfix die we gedownload hebben is een oudere, deze kan deze infectie niet meer aan. Vandaar dat we het op een alternatieve manier moeten proberen. Staat er helemaal geen O20 meer? Of staat er nu een andere bestandsnaam bij? Post in dat geval maar even een nieuw logje van l2mfix optie #1 en een nieuw HijackThis log.
  • logje l2mfix: L2MFIX find log 1.03 These are the registry keys present ********************************************************************************** Winlogon/notify: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] "Asynchronous"=dword:00000000 "DllName"="" "Impersonate"=dword:00000000 "Logon"="WinLogon" "Logoff"="WinLogoff" "Shutdown"="WinShutdown" ********************************************************************************** useragent: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform] "{7F36BEE0-F500-BB52-78FB-6581D6618268}"="" ********************************************************************************** Shell Extension key: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved] "{00022613-0000-0000-C000-000000000046}"="Eigenschappenvenster van multimediabestand" "{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-scannerbeheer" "{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Het tabblad Beveiliging" "{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Eigenschappenblad voor OLE-docbestand" "{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell-uitbreidingen voor delen" "{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension" "{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Beeldschermadapter" "{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Monitor" "{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Configuratiescherm-uitbreiding Beeldscherm-panning" "{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Het tabblad Beveiliging" "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Compatibiliteitspagina" "{56117100-C0CD-101B-81E2-00AA004AE837}"="Knipselgegevensverwerker van shell" "{59099400-57FF-11CE-BD94-0020AF85B590}"="Schijfkopieer-uitbreiding" "{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell-uitbreidingen voor Microsoft Windows Network-objecten" "{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-monitorbeheer" "{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-printerbeheer" "{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell-uitbreidingen voor bestandscompressie" "{77597368-7b15-11d0-a0c2-080036af3f03}"="Shell-uitbreiding voor Web Printer" "{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI" "{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Snelmenu Codering" "{85BBD920-42A0-1069-A2E4-08002B30309D}"="Werkmap" "{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-pictogramuitbreiding" "{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts" "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profiel" "{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Het tabblad Beveiliging voor printers" "{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell-uitbreidingen voor delen" "{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension" "{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO-extensie" "{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto-handtekeningextensie" "{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netwerkverbindingen" "{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Netwerkverbindingen" "{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Scanners en camera's" "{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Scanners en camera's" "{905667aa-acd6-11d2-8080-00805f6596d2}"="Scanners en camera's" "{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Scanners en camera's" "{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Scanners en camera's" "{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension" "{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension" "{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell-uitbreidingen voor Windows Script Host" "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft Data Link" "{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler" "{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension" "{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Geplande taken" "{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Taakbalk en menu Start" "{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Zoeken" "{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Help en ondersteuning" "{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Help en ondersteuning" "{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Uitvoeren..." "{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet" "{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="E-mail" "{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Lettertypen" "{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Systeembeheer" "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler" "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler" "{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler" "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler" "{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler" "{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor" "{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet-werkbalk" "{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Downloadstatus" "{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Uitgebreide shell-map" "{6413BA2C-B461-11d1-A18A-080036B11A03}"="Uitgebreide shell-map 2" "{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy" "{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft-browserbalk" "{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Zoekbalk" "{32683183-48a0-441b-a342-7c2a440a9478}"="Mediabalk" "{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Zoeken binnen deelvenster" "{07798131-AF23-11d1-9111-00A0C98BA67D}"="Zoeken op het web" "{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Hulpprogramma met opties voor registerboomstructuur" "{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adres" "{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox" "{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoAanvullen" "{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor" "{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU-lijst voor AutoAanvullen" "{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Aangepaste MRU-lijst voor AutoAanvullen" "{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Toegankelijk" "{acf35015-526e-4230-9596-becbe19f0ac9}"="Pop-upbalk Volgen" "{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Parser voor adresbalk" "{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Lijst voor AutoAanvullen: Microsoft Geschiedenis" "{03C036F1-A186-11D0-824A-00AA005B4383}"="Lijst voor AutoAanvullen: Microsoft Shell-map" "{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft-container met meervoudige lijst voor AutoAanvullen" "{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Sitemenu van shell-band" "{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp" "{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar" "{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite" "{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Gebruikersondersteuning" "{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Globale mapinstellingen" "{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band" "{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service" "{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer" "{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture" "{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut" "{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url-geschiedenisservice" "{FF393560-C2A7-11CF-BFF4-444553540000}"="Geschiedenis" "{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Tijdelijke Internet-bestanden" "{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Tijdelijke Internet-bestanden" "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url-zoeken Hook" "{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite-welkomstscherm" "{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook" "{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC" "{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC" "{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Het Internet" "{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space" "{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer-band" "{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service" "{88C6C381-2E85-11D0-94DE-444553540000}"="Cachemap van ActiveX" "{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck" "{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr" "{F5175861-2688-11d0-9C5E-00AA00A45957}"="Map met abonnementen" "{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler" "{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent" "{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent" "{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent" "{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent" "{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent" "{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler" "{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Toepassingsbeheer" "{0B124F8F-91F0-11D1-B8B5-006008059382}"="Programma voor inventarisatie van ge‹nstalleerde toepassingen" "{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher" "{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs" "{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory" "{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI- en bestandsextractieprogramma voor miniaturen" "{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Informatie over de handler voor miniatuurweergaven (DOCFILES)" "{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-extractie voor miniatuurweergaven" "{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler" "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Wizard Webpublicaties" "{add36aa8-751a-4579-a266-d66f5202ccbb}"="Afdrukken via het web bestellen" "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell-object voor publicatiewizard" "{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Wizard Passport" "{7A9D77BD-5403-11d2-8785-2E0420524153}"="Gebruikersaccounts" "{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler" "{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target" "{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Kanaal-bestand" "{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Kanaal-snelkoppeling" "{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Handler-object voor kanalen" "{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu" "{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties" "{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview" "{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext" "{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control" "{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control" "{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control" "{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control" "{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control" "{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI" "{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object" "{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find" "{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find" "{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI" "{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs" "{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook" "{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target" "{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties" "{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu" "{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options" "{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Map Off line bestanden" "{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler" "{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell" "{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%" "{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler" "{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer" "{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Personen..." "{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler" "{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler" "{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler" "{A4DF5659-0801-4A60-9607-1C48695EFDA9}"="Verzendmap van Share-to-Web" "{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Webmappen" "{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler" "{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler" "{3EEAA76A-CA1D-4776-96EB-5B982AEC6F7B}"="" "{4B84861E-1766-4AAD-AFE5-E91CB1C82629}"="" "{73158846-0A2F-450C-814E-63D9342B4BC0}"="" "{BA194CEC-2034-4705-B670-199560FB8260}"="" "{A63B34F5-3AF3-420C-9629-7FA2796882C9}"="" "{AEA4CD0E-895C-433E-95D3-12B219CC0058}"="" "{C816D257-E5CB-42AC-9526-FC2465184BD4}"="" "{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}"="" "{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}"="" "{5B915677-FEA0-4186-A257-3BB28878A1D0}"="" "{50B8E1BA-7912-4704-8E5F-3717B744D6D4}"="" "{9792CFA4-FB99-4DD1-B96C-732B0686CB82}"="" "{C2F94B3A-783E-499A-94FC-E4BB75A2053D}"="" "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension" "{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension" "{8640902E-3510-450B-9C2E-2065AFE91058}"="" "{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}"="" "{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}"="" "{C8E50592-87B1-475B-810F-88F6C8B2ECDC}"="" "{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}"="" "{B7A8F939-8254-464E-B5B8-6C944246BC88}"="" "{EBFAB331-884C-4EFF-BBEF-ABA893730269}"="" "{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}"="" "{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}"="" "{631E851D-7946-4B7D-B8B1-72E12D412CE2}"="" "{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}"="" "{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}"="" "{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}"="" "{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}"="" "{965378B4-382D-4B62-B860-92DAC989BBC1}"="" "{5CC29D5C-7218-472E-AC9C-258C976492E2}"="" "{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}"="" "{58B2A21C-4415-484E-B9F7-DA184AD01CEE}"="" "{E7618F5C-E651-4CC9-BAED-70AD9B643796}"="" "{1C8F9770-8CA6-4CE1-A02A-0707706050C2}"="" "{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}"="" ********************************************************************************** HKEY ROOT CLASSIDS: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{4B84861E-1766-4AAD-AFE5-E91CB1C82629}\InprocServer32] @="C:\\WINDOWS\\system32\\unrdtea.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{73158846-0A2F-450C-814E-63D9342B4BC0}\InprocServer32] @="C:\\WINDOWS\\system32\\dunmpntw.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BA194CEC-2034-4705-B670-199560FB8260}\InprocServer32] @="C:\\WINDOWS\\system32\\acfsipc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A63B34F5-3AF3-420C-9629-7FA2796882C9}\InprocServer32] @="C:\\WINDOWS\\system32\\mFg_hook.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{AEA4CD0E-895C-433E-95D3-12B219CC0058}\InprocServer32] @="C:\\WINDOWS\\system32\\lkghours.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C816D257-E5CB-42AC-9526-FC2465184BD4}\InprocServer32] @="C:\\WINDOWS\\system32\\lxpcx80n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5A54E111-9860-41FB-8AD0-3DF3AA4E5BDA}\InprocServer32] @="C:\\WINDOWS\\system32\\mrtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{56EDA4AC-D5ED-40C1-8201-31A0524E06A5}\InprocServer32] @="C:\\WINDOWS\\system32\\dxmclien.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5B915677-FEA0-4186-A257-3BB28878A1D0}\InprocServer32] @="C:\\WINDOWS\\system32\\CIDBUI.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{50B8E1BA-7912-4704-8E5F-3717B744D6D4}\InprocServer32] @="C:\\WINDOWS\\system32\\pwdgen.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{9792CFA4-FB99-4DD1-B96C-732B0686CB82}\InprocServer32] @="C:\\WINDOWS\\system32\\dfdskmgr.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C2F94B3A-783E-499A-94FC-E4BB75A2053D}\InprocServer32] @="C:\\WINDOWS\\system32\\whwfaxui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{8640902E-3510-450B-9C2E-2065AFE91058}\InprocServer32] @="C:\\WINDOWS\\system32\\dkghelp.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{54DAC3D3-39BB-4E1B-A504-68C01EAD9255}\InprocServer32] @="C:\\WINDOWS\\system32\\mhtime.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{DB12C47D-7986-40FD-BF41-87DA8AEBA37D}\InprocServer32] @="C:\\WINDOWS\\system32\\ofbccu32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{C8E50592-87B1-475B-810F-88F6C8B2ECDC}\InprocServer32] @="C:\\WINDOWS\\system32\\cdypt32.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A5125A8E-DF05-40BB-9B7A-4C76798CD3E7}\InprocServer32] @="C:\\WINDOWS\\system32\\issmsnap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{B7A8F939-8254-464E-B5B8-6C944246BC88}\InprocServer32] @="C:\\WINDOWS\\system32\\siscrap.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{EBFAB331-884C-4EFF-BBEF-ABA893730269}\InprocServer32] @="C:\\WINDOWS\\system32\\tcemeui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{FAD02ACD-B9E1-4EE8-98F3-6778F2A36617}\InprocServer32] @="C:\\WINDOWS\\system32\\ljpcx80n.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{BBCEFA00-3761-43A9-9CCA-05EFC4C898F3}\InprocServer32] @="C:\\WINDOWS\\system32\\cirpol.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{631E851D-7946-4B7D-B8B1-72E12D412CE2}\InprocServer32] @="C:\\WINDOWS\\system32\\cgseqchk.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{65D9A2A6-2971-4BF5-8D89-8D473DC0F81C}\InprocServer32] @="C:\\WINDOWS\\system32\\myratelc.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E560E6E9-7460-4F82-AE67-0FCDAB9DA99A}\InprocServer32] @="C:\\WINDOWS\\system32\\jdpl400.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{A3640B8A-D3D1-4015-A9BC-ABF98E400B17}\InprocServer32] @="C:\\WINDOWS\\system32\\laexpand.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{D906110D-37A0-44A5-9A8C-BCE7FC4EA396}\InprocServer32] @="C:\\WINDOWS\\system32\\wvvdmod.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{965378B4-382D-4B62-B860-92DAC989BBC1}\InprocServer32] @="C:\\WINDOWS\\system32\\akycfilt.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{5CC29D5C-7218-472E-AC9C-258C976492E2}\InprocServer32] @="C:\\WINDOWS\\system32\\dointf.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{485E50E6-D1BD-4226-8E73-43F2A45EBDF2}\InprocServer32] @="C:\\WINDOWS\\system32\\ndtman.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{58B2A21C-4415-484E-B9F7-DA184AD01CEE}\InprocServer32] @="C:\\WINDOWS\\system32\\pwintui.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{E7618F5C-E651-4CC9-BAED-70AD9B643796}\InprocServer32] @="C:\\WINDOWS\\system32\\mdimsg.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{1C8F9770-8CA6-4CE1-A02A-0707706050C2}\InprocServer32] @="C:\\WINDOWS\\system32\\nrwdev.dll" "ThreadingModel"="Apartment" Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\Implemented Categories] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}] @="" [HKEY_CLASSES_ROOT\CLSID\{93FA0A2D-BEAC-4D73-A091-67790D3FB7F1}\InprocServer32] @="C:\\WINDOWS\\system32\\ipclass.dll" "ThreadingModel"="Apartment" ********************************************************************************** Files Found are not all bad files: C:\WINDOWS\SYSTEM32\ acfsipc.dll Mon 30 Jan 2006 19:12:36 ..S.R 235.860 230,33 K akycfilt.dll Sun 5 Feb 2006 14:37:42 ..S.R 235.537 230,02 K aol.dll Thu 2 Feb 2006 22:36:38 ..S.R 234.905 229,40 K cdypt32.dll Thu 2 Feb 2006 20:06:50 ..S.R 237.126 231,57 K cgseqchk.dll Fri 3 Feb 2006 19:48:04 ..S.R 234.948 229,44 K cidbui.dll Thu 2 Feb 2006 10:55:58 ..S.R 234.887 229,38 K cirpol.dll Fri 3 Feb 2006 16:36:18 ..S.R 233.472 228,00 K denet.dll Thu 2 Feb 2006 19:54:48 ..S.R 233.422 227,95 K dfdskmgr.dll Thu 2 Feb 2006 14:01:54 ..S.R 236.307 230,77 K dkghelp.dll Thu 2 Feb 2006 17:13:06 ..S.R 236.307 230,77 K dointf.dll Sun 5 Feb 2006 20:43:56 ..S.R 235.537 230,02 K dunmpntw.dll Mon 30 Jan 2006 17:01:34 ..S.R 234.624 229,13 K dxmclien.dll Thu 2 Feb 2006 8:03:26 ..S.R 234.223 228,73 K ipclass.dll Tue 7 Feb 2006 14:27:40 ..S.R 236.748 231,20 K issmsnap.dll Thu 2 Feb 2006 19:49:34 ..S.R 237.027 231,47 K j06mla~1.dll Tue 7 Feb 2006 14:23:24 ..S.R 236.011 230,48 K jdpl400.dll Sat 4 Feb 2006 15:07:52 ..S.R 236.363 230,82 K laexpand.dll Sat 4 Feb 2006 15:14:46 ..S.R 234.327 228,83 K ljpcx80n.dll Fri 3 Feb 2006 9:42:02 ..S.R 237.065 231,51 K lkghours.dll Tue 31 Jan 2006 20:08:28 ..S.R 235.860 230,33 K lv2q09~1.dll Fri 3 Feb 2006 21:37:04 ..S.R 234.948 229,44 K lxpcx80n.dll Wed 1 Feb 2006 18:02:32 ..S.R 235.860 230,33 K mdimsg.dll Mon 6 Feb 2006 19:54:30 ..S.R 235.318 229,80 K mfg_hook.dll Mon 30 Jan 2006 21:08:52 ..S.R 235.463 229,94 K mhtime.dll Thu 2 Feb 2006 17:45:54 ..S.R 236.052 230,52 K mkc71.dll Wed 1 Feb 2006 13:39:52 ..S.R 234.246 228,75 K mrtime.dll Wed 1 Feb 2006 22:56:12 ..S.R 234.228 228,74 K myratelc.dll Sat 4 Feb 2006 8:19:26 ..S.R 234.327 228,83 K ndtman.dll Sun 5 Feb 2006 17:59:22 ..S.R 236.363 230,82 K nrwdev.dll Tue 7 Feb 2006 14:23:20 ..S.R 234.757 229,25 K ofbccu32.dll Thu 2 Feb 2006 18:21:40 ..S.R 236.307 230,77 K pwdgen.dll Thu 2 Feb 2006 12:59:20 ..S.R 235.443 229,92 K pwintui.dll Mon 6 Feb 2006 16:30:36 ..S.R 234.208 228,72 K qwdit.dll Thu 2 Feb 2006 19:46:06 ..S.R 236.052 230,52 K siscrap.dll Thu 2 Feb 2006 19:59:02 ..S.R 236.897 231,34 K smgina.dll Thu 2 Feb 2006 19:52:48 ..S.R 236.052 230,52 K tcemeui.dll Thu 2 Feb 2006 20:11:36 ..S.R 237.065 231,51 K unrdtea.dll Sun 29 Jan 2006 16:18:50 ..S.R 234.380 228,89 K whwfaxui.dll Thu 2 Feb 2006 15:48:12 ..S.R 236.052 230,52 K wvvdmod.dll Sun 5 Feb 2006 12:33:00 ..S.R 236.363 230,82 K 40 items found: 40 files (40 H/S), 0 directories. Total of file sizes: 9.420.937 bytes 8,98 M Locate .tmp files: C:\WINDOWS\SYSTEM32\ guard.tmp Tue 7 Feb 2006 14:27:44 A.... 237.187 231,63 K 1 item found: 1 file, 0 directories. Total of file sizes: 237.187 bytes 231,63 K ********************************************************************************** Directory Listing of system files: Het volume in station C heeft geen naam. Het volumenummer is 9C18-3603 Map van C:\WINDOWS\System32 07-02-2006 14:27 236.748 ipclass.dll 07-02-2006 14:23 236.011 j06mlaj11do.dll 07-02-2006 14:23 234.757 nrwdev.dll 06-02-2006 19:54 235.318 mdimsg.dll 06-02-2006 16:30 234.208 pwintui.dll 05-02-2006 20:43 235.537 dointf.dll 05-02-2006 17:59 236.363 ndtman.dll 05-02-2006 14:37 235.537 akycfilt.dll 05-02-2006 12:32 236.363 wvvdmod.dll 04-02-2006 15:14 234.327 laexpand.dll 04-02-2006 15:07 236.363 jdpl400.dll 04-02-2006 08:19 234.327 myratelc.dll 03-02-2006 21:37 234.948 lv2q09f5e.dll 03-02-2006 19:48 234.948 cgseqchk.dll 03-02-2006 16:36 233.472 cirpol.dll 03-02-2006 09:42 237.065 ljpcx80n.dll 02-02-2006 22:36 234.905 aol.dll 02-02-2006 22:31 <DIR> dllcache 02-02-2006 20:11 237.065 tcemeui.dll 02-02-2006 20:06 237.126 cdypt32.dll 02-02-2006 19:59 236.897 siscrap.dll 02-02-2006 19:54 233.422 denet.dll 02-02-2006 19:52 236.052 smgina.dll 02-02-2006 19:49 237.027 issmsnap.dll 02-02-2006 19:46 236.052 qwdit.dll 02-02-2006 18:21 236.307 ofbccu32.dll 02-02-2006 17:45 236.052 mhtime.dll 02-02-2006 17:13 236.307 dkghelp.dll 02-02-2006 15:48 236.052 whwfaxui.dll 02-02-2006 14:01 236.307 dfdskmgr.dll 02-02-2006 12:59 235.443 pwdgen.dll 02-02-2006 10:55 234.887 CIDBUI.dll 02-02-2006 08:03 234.223 dxmclien.dll 01-02-2006 22:56 234.228 mrtime.dll 01-02-2006 18:02 235.860 lxpcx80n.dll 01-02-2006 13:39 234.246 mkc71.dll 31-01-2006 20:08 235.860 lkghours.dll 30-01-2006 21:08 235.463 mFg_hook.dll 30-01-2006 19:12 235.860 acfsipc.dll 30-01-2006 17:01 234.624 dunmpntw.dll 29-01-2006 16:18 234.380 unrdtea.dll 29-01-2006 08:54 <DIR> Microsoft 40 bestand(en) 9.420.937 bytes 2 map(pen) 35.215.331.328 bytes beschikbaar Logfile of HijackThis v1.99.1 Scan saved at 13:23:07, on 8-2-2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\IP Insight\ARMon32a.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Program Files\Stop-the-Pop-Up\stopthepop.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.standbyservice.nl R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.planet.nl:8080 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = reg.planet.nl;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [EM_EXEC] c:\PROGRA~1\logitech\MOUSEW~1\system\EM_EXEC.EXE O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sureshotpopupkiller] "C:\Program Files\Stop-the-Pop-Up\stopthepop.exe" -minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [PImenu] C:\Program Files\PImenu\Pimenu.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O14 - IERESET.INF: START_PAGE_URL=http://www.standbyservice.nl O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138915683596 O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Inverse IP InSight Client (InverseLaunchIPI) - Inverse Network Technology - C:\Program Files\IP Insight\LaunchIPI.exe O23 - Service: Local Security Authority Subsystem Service (lsass) - Unknown owner - C:\WINDOWS\lsass.exe (file missing) O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe De bestanden van punt 6 in de Windows/System32 map staan in ieder geval allemaal op de computer. In ieder geval alvast bedankt voor alle moeite!
  • Voer de overige instructies maar even uit en post een nieuw logje van l2mfix optie #1 en een nieuw HijackThis log na de reboot :wink:
  • Kan [url]http://www.downloads.subratam.org/KillBox.zip[/url] niet openen, zelfde probleem als met l2mfix.exe. FF wachten of gaan we het anders doen, kan aardig uit de voeten op de pc dus zeg het maar.
  • Open de map l2mfix Dubbelklik op l2mfix.bat Klik op "2" om optie 2 te selecteren: Run Fix. Druk op Enter. Druk op een toets om de computer opnieuw te starten wanneer dit gevraagd wordt. Na de reboot verschijnen de ikonen op je desktop. Deze zullen weer verdwijnen. (dat is normaal). L2mfix gaat je computer scannen. Wanneer het klaar is wordt er een nieuw kladblokbestand geopend. Post de inhoud. Als dit niet werkt kan je zometeen Killbox hier wel downloaden: http://www.greyknight17.com/spy/KillBox.exe

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.