Vraag & Antwoord

Beveiliging & privacy

Startpagina werkt niet meer - HijackThis-log

Anoniem
None
47 antwoorden
  • Het logje is niet volledig helaas, mag ik het volledige logje zien aub.
  • REGLOOKS logfile

    version 0.971
    Mon 11-06-2007 20:20:01,03
    running from: "C:\Documents and Settings\Angelique\Bureaublad"

    — SSODL regkeys —

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
    only standard or legit regkeys found


    — STS regkeys —

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
    only standard or legit regkeys found


    — USERINIT regkey —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    "Userinit"="C:\\WINDOWS\\system32\\userinit.exe"


    — SHELL regkey —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    "Shell"="Explorer.exe"


    — SYSTEM regkey —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    "system"=""


    — APPINIT_DLLS regkey —

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows
    "AppInit_DLLs"=""


    — NOTIFY regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
    "WRNotifier" "DllName"="WRLogonNTF.dll"


    — BOOTEXECUTE regkey —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
    BootExecute= autocheck autochk *\0\0


    — SHELLEXECUTEHOOKS regkey —

    HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"


    — AUTORUN regkeys —

    HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
    "AutoRun"=""


    — HKLM\Run regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
    "DMXLauncher"="C:\\Program Files\\Dell\\Media Experience\\DMXLauncher.exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME\\TomTomHOME.exe\" -s"
    "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "SigmatelSysTrayApp"="stsystra.exe"
    "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
    "ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
    "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
    "Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
    "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "Symantec PIF AlertEng"="\"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\""
    [Run\OptionalComponents]
    [Run\OptionalComponents\IMAIL]
    "Installed"="1"
    [Run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"
    [Run\OptionalComponents\MSFS]
    "Installed"="1"


    — HKLM\RunOnce regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    no HKLM RunOnce keys found


    — HKLM\RunOnceEx regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    @=""


    — HKLM\RunServices regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    no HKLM RunServices keys found


    — HKLM\RunServicesOnce regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
    regkey does not exist


    — HKCU\Run regkeys —

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
    "msnmsgr"="\"C:\\Program Files\\Hitman Pro\\surfright.exe\" \"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"


    — HKCU\RunOnce regkeys —

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    no HKCU RunOnce keys found


    — HKCU\RunOnceEx regkeys —

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    regkey does not exist


    — HKCU\RunServices regkeys —

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    no HKCU RunServices keys found


    — HKCU\RunServicesOnce regkeys —

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce
    regkey does not exist


    — HKU\.DEFAULT\Run regkeys —

    HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"


    — HKU\S-1-5-18\Run regkeys —

    HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"


    — HKU\S-1-5-19\Run regkeys —

    HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


    — HKU\S-1-5-20\Run regkeys —

    HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"


    — HKLM\Explorer\Run regkeys —

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    regkey does not exist


    — HKCU\Explorer\Run regkeys —

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    regkey does not exist


    — Image File Execution regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    no debuggers found


    — BROWSER HELPER OBJECTS regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
    "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}" regkey not found (ERROR)
    "{53707962-6F74-2D53-2644-206D7942484F}" FILE ="C:\\PROGRA~1\\SPYBOT~2\\SDHelper.dll"
    "{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" FILE ="C:\\Program Files\\Java\\jre1.6.0_01\\bin\\ssv.dll"
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}" FILE ="C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll"
    "{A8F38D8D-E480-4D52-B7A2-731BB6995FDD}" FILE ="C:\\Program Files\\Norton AntiVirus\\NavShExt.dll"
    "{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" FILE ="C:\\Program Files\\Windows Live Toolbar\\msntb.dll"


    — TOOLBAR regkeys —

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
    "{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" FILE ="C:\\Program Files\\Windows Live Toolbar\\msntb.dll"
    "{C4069E3A-68F1-403E-B40E-20066696354B}" FILE ="C:\\Program Files\\Norton AntiVirus\\NavShExt.dll"


    — URLSEARCHHOOKS regkeys —

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
    only standard regkeys found


    — CONTEXTMENUHANDLERS regkeys —

    HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
    "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
    "Open With" CLSID ={09799AFB-AD67-11d1-ABCD-00C04FC30936} FILE =%SystemRoot%\system32\SHELL32.dll
    "Open With EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
    "Symantec.Norton.Antivirus.IEContextMenu" CLSID ={FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} FILE ="C:\\Program Files\\Norton AntiVirus\\NavShExt.dll"
    "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"
    "WinZip" CLSID ={E0D79304-84BE-11CE-9641-444553540000} FILE ="C:\\PROGRA~1\\WINZIP1\\WZSHLSTB.DLL"
    "{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}" Start Menu Pin FILE =%SystemRoot%\system32\SHELL32.dll

    HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers
    "EncryptionMenu" CLSID ={A470F8CF-A1E8-4f65-8335-227475AA5C46} FILE =%SystemRoot%\system32\SHELL32.dll
    "Offline Files" CLSID ={750fdf0e-2a26-11d1-a3ea-080036587f03} FILE =%SystemRoot%\System32\cscui.dll
    "Sharing" CLSID ={f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} FILE ="ntshrui.dll"
    "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"
    "WinZip" CLSID ={E0D79304-84BE-11CE-9641-444553540000} FILE ="C:\\PROGRA~1\\WINZIP1\\WZSHLSTB.DLL"

    HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers
    "SpySweeper" CLSID ={7C9D5882-CB4A-4090-96C8-430BFE8B795B} FILE ="C:\\PROGRA~1\\Webroot\\SPYSWE~1\\SSCtxMnu.dll"
    "Symantec.Norton.Antivirus.IEContextMenu" CLSID ={FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} FILE ="C:\\Program Files\\Norton AntiVirus\\NavShExt.dll"
    "WinRAR" CLSID ={B41DB860-8EE4-11D2-9906-E49FADC173CA} FILE ="C:\\Program Files\\WinRAR\\rarext.dll"
    "WinZip" CLSID ={E0D79304-84BE-11CE-9641-444553540000} FILE ="C:\\PROGRA~1\\WINZIP1\\WZSHLSTB.DLL"


    — ALTERNATESHELL regkey —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    "AlternateShell"="cmd.exe"


    — SAFEBOOT MINIMAL SERVICES —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
    sdauxservice
    sdcoreservice


    — SAFEBOOT NETWORK SERVICES —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
    nm
    nm.sys
    sdauxservice
    sdcoreservice
    svcWRSSSDK


    — SERVICES —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\6to4
    "DisplayName"="IPv6-hulpservice"
    %SystemRoot%\system32\svchost.exe -k netsvcs

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Ati HotKey Poller
    %SystemRoot%\system32\Ati2evxx.exe

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ati2mtag
    system32\DRIVERS\ati2mtag.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Atierecord
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service
    "DisplayName"="Bonjour-service"
    "C:\Program Files\Bonjour\mDNSResponder.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthEnum
    "DisplayName"="Stuurprogramma voor Bluetooth-aanvraagblok"
    system32\DRIVERS\BthEnum.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHMODEM
    "DisplayName"="Bluetooth-stuurprogramma voor seriële communicatie"
    system32\DRIVERS\bthmodem.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthPan
    "DisplayName"="Bluetooth-apparaat (PAN - Personal Area Network)"
    system32\DRIVERS\bthpan.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT
    "DisplayName"="Poortstuurprogramma voor Bluetooth"
    System32\Drivers\BTHport.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BthServ
    "DisplayName"="Bluetooth Support Service"
    %SystemRoot%\system32\svchost.exe -k bthsvcs

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHUSB
    "DisplayName"="USB-stuurprogramma voor Bluetooth-radio's"
    System32\Drivers\BTHUSB.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CCDECODE
    "DisplayName"="Closed Caption-decoder"
    system32\DRIVERS\CCDECODE.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccEvtMgr
    "DisplayName"="Symantec Event Manager"
    "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ccSetMgr
    "DisplayName"="Symantec Settings Manager"
    "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcCam
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drvmcdb
    system32\drivers\drvmcdb.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drvncdb
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\drvnddm
    system32\drivers\drvnddm.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\E100B
    "DisplayName"="Intel(R) PRO Network Connection Driver"
    system32\DRIVERS\e100b325.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\eeCtrl
    "DisplayName"="Symantec Eraser Control driver"
    \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EraserUtilRebootDrv
    "DisplayName"="EraserUtilRebootDrv"
    \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gusvc
    "DisplayName"="Google Updater Service"
    "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HDAudBus
    "DisplayName"="Microsoft UAA Bus Driver for High Definition Audio"
    system32\DRIVERS\HDAudBus.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HidUsb
    "DisplayName"="Microsoft HID Class-stuurprogramma"
    system32\DRIVERS\hidusb.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IKFileFlt
    "DisplayName"="File Filter Driver"
    system32\drivers\ikfileflt.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IKFileSec
    "DisplayName"="File Security Driver"
    system32\drivers\ikfilesec.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IkSysFlt
    "DisplayName"="System Filter Driver"
    system32\drivers\iksysflt.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IKSysSec
    "DisplayName"="System Security Driver"
    system32\drivers\iksyssec.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\intelppm
    "DisplayName"="Intel GV3-processorstuurprogramma"
    system32\DRIVERS\intelppm.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iPod Service
    "DisplayName"="iPod Service"
    "C:\Program Files\iPod\bin\iPodService.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid
    "DisplayName"="Stuurprogramma voor toetsenbord-HID"
    system32\DRIVERS\kbdhid.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LexBceS
    "DisplayName"="LexBce Server"
    C:\WINDOWS\system32\LEXBCES.EXE

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdate
    "DisplayName"="LiveUpdate"
    "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LiveUpdate Notice Service
    "DisplayName"="LiveUpdate Notice Service"
    "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mouhid
    "DisplayName"="Stuurprogramma voor muis-HID"
    system32\DRIVERS\mouhid.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSTEE
    "DisplayName"="Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma"
    system32\drivers\MSTEE.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NABTSFEC
    "DisplayName"="NABTS/FEC VBI Codec"
    system32\DRIVERS\NABTSFEC.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NAL
    "DisplayName"="Nal Service "
    \??\C:\WINDOWS\system32\Drivers\iqvw32.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\navapsvc
    "DisplayName"="Norton AntiVirus Auto-Protect-service"
    "C:\Program Files\Norton AntiVirus\navapsvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NAVENG
    "DisplayName"="NAVENG"
    \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070611.022\NAVENG.Sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NAVEX15
    "DisplayName"="NAVEX15"
    \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070611.022\NavEx15.Sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NPFMntor
    "DisplayName"="Norton AntiVirus Firewall Monitor Service"
    "C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NSCService
    "DisplayName"="Norton Protection Center Service"
    "C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\omci
    "DisplayName"="OMCI WDM Device Driver"
    system32\DRIVERS\omci.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\P1110VID
    "DisplayName"="Creative WebCam NX"
    system32\DRIVERS\P1110VID.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Planner voor Automatische LiveUpdate
    "DisplayName"="Planner voor Automatische LiveUpdate"
    "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PortProxy
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PxHelp20
    "DisplayName"="PxHelp20"
    System32\Drivers\PxHelp20.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RFCOMM
    "DisplayName"="Bluetooth-apparaat (RFCOMM Protocol TDI)"
    system32\DRIVERS\rfcomm.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVRT
    "DisplayName"="SAVRT"
    \??\C:\Program Files\Norton AntiVirus\SAVRT.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVRTPEL
    "DisplayName"="SAVRTPEL"
    \??\C:\Program Files\Norton AntiVirus\SAVRTPEL.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SAVScan
    "DisplayName"="Symantec AVScan"
    "C:\Program Files\Norton AntiVirus\SAVScan.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sdAuxService
    "DisplayName"="Spyware Doctor Auxiliary Service"
    C:\Program Files\Spyware Doctor\svcntaux.exe

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sdCoreService
    "DisplayName"="Spyware Doctor Service"
    C:\Program Files\Spyware Doctor\swdsvc.exe

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\serenum
    "DisplayName"="Serenum Filter-stuurprogramma"
    system32\DRIVERS\serenum.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SLIP
    "DisplayName"="BDA Slip De-Framer"
    system32\DRIVERS\SLIP.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SNDSrvc
    "DisplayName"="Symantec Network Drivers Service"
    "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPBBCDrv
    "DisplayName"="SPBBCDrv"
    \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SPBBCSvc
    "DisplayName"="SPBBCSvc"
    "C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sscdbhk5
    system32\drivers\sscdbhk5.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssrtln
    system32\drivers\ssrtln.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STHDA
    "DisplayName"="High Definition Audio Driver (WDM) - SigmaTel CODEC"
    system32\drivers\sthda.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\streamip
    "DisplayName"="BDA IPSink"
    system32\DRIVERS\StreamIP.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\svcWRSSSDK
    "DisplayName"="Webroot Spy Sweeper Engine"
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Symantec Core LC
    "DisplayName"="Symantec Core LC"
    "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMDNS
    \SystemRoot\System32\Drivers\SYMDNS.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SymEvent
    \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMFW
    \SystemRoot\System32\Drivers\SYMFW.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMIDS
    \SystemRoot\System32\Drivers\SYMIDS.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMIDSCO
    \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20070607.001\symidsco.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\symlcbrd
    "DisplayName"="symlcbrd"
    \??\C:\WINDOWS\system32\drivers\symlcbrd.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMNDIS
    \SystemRoot\System32\Drivers\SYMNDIS.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMREDRV
    \SystemRoot\System32\Drivers\SYMREDRV.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SYMTDI
    "DisplayName"="SYMTDI"
    \SystemRoot\System32\Drivers\SYMTDI.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnboio
    system32\dla\tfsnboio.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsncofs
    system32\dla\tfsncofs.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsndrct
    system32\dla\tfsndrct.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsndres
    system32\dla\tfsndres.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnifs
    system32\dla\tfsnifs.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnopio
    system32\dla\tfsnopio.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnpool
    system32\dla\tfsnpool.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnudf
    system32\dla\tfsnudf.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tfsnudfa
    system32\dla\tfsnudfa.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tunmp
    "DisplayName"="Stuurprogramma voor Microsoft Tun Minipoort-adapter"
    system32\DRIVERS\tunmp.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbprint
    "DisplayName"="Microsoft USB PRINTER Class"
    system32\DRIVERS\usbprint.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbscan
    "DisplayName"="Stuurprogramma voor USB-scanner"
    system32\DRIVERS\usbscan.sys

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usnjsvc
    "DisplayName"="Messenger USN Journal Reader service voor Gedeelde mappen"
    "C:\Program Files\MSN Messenger\usnsvc.exe"

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VxD
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WSTCODEC
    "DisplayName"="World Standard Teletext-codec"
    system32\DRIVERS\WSTCODEC.SYS

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{8F1A2C9B-CB9A-49C6-B3C6-DE4A8DC94C66}
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{E921F053-C13B-4B35-AF86-A53C86BA7EFB}
    no imagepath value found

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{F78B12DF-51F7-4BA2-AA97-D8E153D52FEB}
    no imagepath value found


    — SECURITYPROVIDERS regkey —

    HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    — SVCHOST regkey —

    HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost
    HTTPFilter: HTTPFilter\0\0
    LocalService: Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService: DnsCache\0\0
    netsvcs: 6to4\0AppMgmt\0AudioSrv\0Browser\0CryptSvc\0DMServer\0DHCP\0ERSvc\0EventSystem\0FastUserSwitchingCompatibility\0HidServ\0Ias\0Iprip\0Irmon\0LanmanServer\0LanmanWorkstation\0Messenger\0Netman\0Nla\0Ntmssvc\0NWCWorkstation\0Nwsapagent\0Rasauto\0Rasman\0Remoteaccess\0Schedule\0Seclogon\0SENS\0Sharedaccess\0SRService\0Tapisrv\0Themes\0TrkWks\0W32Time\0WZCSVC\0Wmi\0WmdmPmSp\0winmgmt\0wscsvc\0xmlprov\0BITS\0wuauserv\0ShellHWDetection\0helpsvc\0WmdmPmSN\0\0
    DcomLaunch: DcomLaunch\0TermService\0\0
    rpcss: RpcSs\0\0
    imgsvc: StiSvc\0\0
    termsvcs: TermService\0\0
    bthsvcs: BthServ\0\0
    WudfServiceGroup: WUDFSvc\0\0


    — WOW-CMDLINE regkeys —

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
    "cmdline" = %SystemRoot%\system32\ntvdm.exe
    "wowcmdline" = %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386


    — STARTUP FOLDERS —

    C:\Documents and Settings\Angelique\Menu Start\Programma's\Opstarten\desktop.ini
    C:\Documents and Settings\Angelique\Menu Start\Programma's\Opstarten\wkcalrem.LNK
    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\desktop.ini
    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\dlbcserv.lnk


    — TASK SCHEDULER JOBS —

    C:\WINDOWS\tasks\MP Scheduled Scan.job
    C:\WINDOWS\tasks\Norton AntiVirus - Volledige systeemscan uitvoeren - Angelique.job


    — File associations —

    .BAT files: ("%1" %*)
    .COM files: ("%1" %*)
    .EXE files: ("%1" %*)
    .HLP files: (%SystemRoot%\System32\winhlp32.exe %1)
    .INF files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
    .INI files: (%SystemRoot%\System32\NOTEPAD.EXE %1)
    .JS files: (%SystemRoot%\System32\WScript.exe "%1" %*)
    .PIF files: ("%1" %*)
    .REG files: (regedit.exe "%1";)
    .SCR files: ("%1" /S)
    .TXT files: (%SystemRoot%\system32\NOTEPAD.EXE %1)
    .VBS files: (%SystemRoot%\System32\WScript.exe "%1" %*)


    FINISHED
  • Ik probeer net weer startpagina.nl en wat denk je de pagina werd geladen.
    In de adresbalk staat dan

    http://startpagina.nl/

    Vervolgens dacht ik leuk maar even afsluiten en weer proberen, vervolgens lukt het niet meer omdat er dan komt te staan

    http://www.startpagina.nl/

    en weer hetzelfde probleem. Ook al haal ik de www weg hij gaat zoeken en geeft weer dezelfde foutmelding.

    Ik hoop dat je hier iets aan hebt voor het achterhalen hoe dit kan.

    Gr. Angelique
  • (Met dank aan M@rc.)

    Fix de regel met hijackthis, die O17.

    Dus:
    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:

    [b:f27eb8602b]O17 - HKLM\System\CCS\Services\Tcpip\..\{7CFAEF6A-4BC3-42C7-B5BF-6A43BF3EBAC5}: NameServer = 85.255.114.73 85.255.112.227 [/b:f27eb8602b]

    Klik op 'Fix checked' om de items te verwijderen.


    Ga naar het Configuratiescherm en klik op [b:f27eb8602b]"Netwerkverbindingen". [/b:f27eb8602b]
    Rechtsklik op je standaard internetverbinding en kies [b:f27eb8602b]"Eigenschappen". [/b:f27eb8602b]
    Klik op het tabblad [b:f27eb8602b]"Algemeen"[/b:f27eb8602b] en dubbelklik op [b:f27eb8602b]"Internet-Protocol (TCP/IP)". [/b:f27eb8602b]

    Selecteer [b:f27eb8602b]"Automatisch een DNS-serveradres laten toewijzen". [/b:f27eb8602b]

    Indien je de IP-adressen kent van de DNS-server van je provider, dan selecteer je [b:f27eb8602b]"De volgende DNS-serveradressen gebruiken". [/b:f27eb8602b]

    Bij Voorkeurs-DNS-server tik je dan het IP-adres in van de DNS-server van je provider.
    Klik op OK.

    Ga naar Start – Uitvoeren en tik in: [b:f27eb8602b]cmd [/b:f27eb8602b]
    Druk op enter.
    Een dosventer (opdrachtprompt) zal open.
    Tik in: [b:f27eb8602b]ipconfig /flushdns [/b:f27eb8602b]
    Druk op [b:f27eb8602b]enter. [/b:f27eb8602b]
    Sluit het venster.
    Herstart de computer.

    Als het goed is moet het nu goed zijn.

    Succes.
  • Helaas…….

    Het probleem hierbij is dat ik niet kan kiezen voor automatisch een dns-serveradres laten toewijzen.
    Dit komt omdat ik een IP-adres moet invullen i.v.m. ik denk het modem dat we gebruiken.

    Ik heb het wel allemaal geprobeerd zoals hierboven beschreven, maar dan kan ik dus geen verbinding meer maken met het internet.

    Gr. Angelique
  • Nu zitten wij bij XS4ALL ( voorheen bij hccnet ) en ik ben op hun site gaan kijken.

    En zou je willen kijken of wat daar boven aan deze site staat

    http://www.xs4all.nl/helpdesk/algemeen/servers.html

    de ip adressen zijn van de dns server, want dan kan ik ( zoals jullie aangeven ) die handmatig invoeren.

    Gr. Angelique
  • wil je dit doen aub:

    Indien je de IP-adressen kent van de DNS-server van je provider, dan selecteer je "De volgende DNS-serveradressen gebruiken".
    Bij Voorkeurs-DNS-server tik je dan het IP-adres in van de DNS-server van je provider.
    Klik op OK.
    Ga naar Start – Uitvoeren en tik in: cmd
    Druk op enter.
    Een dosventer (opdrachtprompt) zal open.
    Tik in: ipconfig /flushdns
    Druk op enter.
    Sluit het venster.
    Herstart de computer.

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.