Dag Pieter en alle andere meedenkers.
Inmiddels is het gelukt om de sleutel:
HKEY_LOCAL_MACHINE\system\controlset001\enum\root\legacy_psexesvc
Daaronder (uitgeklapte map) in de map 0000 rechts in beeld de sleutels:
DEVICEDESK: psexesvc en SERVICE: psexesvc
te verwijderen en wel op de manier die omschreven werd in de reactie van Pieter (Dat met puntje 7)
Hierdoor zijn ook meteen de andere twee genoemde sleutels verdwenen......
Voor zover ik NU kan nagaan werkt alles even weer normaal. Probleem is dat het meestal zo was dat de pc problemen gaf de eerste keer dat die werd opgestart op een nieuwe dag en daarna soms niet meer.
Daarom nog even afwachten tot morgen.
Wel hieronder de gevraagde logbestanden.
Dat moeilijke bestand waar Pieter om vroeg is er ook (even) niet meer.
Logfile of HijackThis v1.94.0
Scan saved at 16:21:24, on 10-5-2003
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.google.nl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL=http://proxy.8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer=proxy.8080:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINNT\System32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:\program files\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "e:\program files\Fsecure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
O4 - HKLM\..\Run: [ASUSTweakEnable] C:\Program Files\ASUS\Tweaking Utilities\atstart.exe
O4 - HKLM\..\Run: [anvshell] anvshell.exe
O4 - HKLM\..\Run: [EM_EXEC] e:\PROGRA~1\MOUSEW~1\Logitech\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [zBrowser Launcher] E:\Program Files\Mouseware\iTouch.exe
O4 - HKLM\..\Run: [Ad-watch] E:\Program Files\Ad-aware 6\Ad-watch.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [ASUS SmartDoctor] C:\Program Files\ASUS\SmartDoctor\VGAProbe.exe FirstTime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) -
http://a840.g.akamai.net/7/840/537/2003050201/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://www.nioz.nl/activex/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37635.2060416667
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://fdl.msn.com/public/chat/msnchat45.cab
en
StartupList report, 10-5-2003, 16:21:44
StartupList version: 1.52
Started from : E:\Program Files\HiJackThis\HijackThis.EXE
Detected: Windows 2000 SP3 (WinNT 5.00.2195)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\BlackICE\blackd.exe
C:\WINNT\System32\svchost.exe
e:\program files\Fsecure\Anti-Virus\fsgk32st.exe
e:\program files\Fsecure\Anti-Virus\FSGK32.EXE
e:\program files\Fsecure\Anti-Virus\fssm32.exe
C:\Program Files\BlackICE\rapapp.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
e:\program files\Fsecure\Common\FSMA32.EXE
e:\program files\Fsecure\Common\FSMB32.EXE
e:\program files\Fsecure\Common\FCH32.EXE
e:\program files\Fsecure\Common\FAMEH32.EXE
e:\program files\Fsecure\Common\FNRB32.EXE
C:\WINNT\Explorer.EXE
e:\program files\Fsecure\Common\FIH32.EXE
e:\program files\Fsecure\Anti-Virus\fsav32.exe
C:\WINNT\System32\CTHELPER.EXE
E:\program files\Fsecure\Common\FSM32.EXE
C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
C:\WINNT\anvshell.exe
E:\PROGRA~1\MOUSEW~1\Logitech\SYSTEM\EM_EXEC.EXE
E:\Program Files\Mouseware\iTouch.exe
E:\Program Files\Ad-aware 6\Ad-watch.exe
C:\WINNT\System32\internat.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BlackICE\blackice.exe
E:\Program Files\HiJackThis\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Common Startup:
[C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten]
BlackICE PC Protection.lnk = C:\Program Files\BlackICE\blackice.exe
Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Synchronization Manager = mobsync.exe /logon
WINDVDPatch = CTHELPER.EXE
Jet Detection = "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
F-Secure Manager = "e:\program files\Fsecure\Common\FSM32.EXE" /splash
LoadQM = loadqm.exe
HPDJ Taskbar Utility = C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb01.exe
ASUSTweakEnable = C:\Program Files\ASUS\Tweaking Utilities\atstart.exe
anvshell = anvshell.exe
EM_EXEC = e:\PROGRA~1\MOUSEW~1\Logitech\SYSTEM\EM_EXEC.EXE
NeroCheck = C:\WINNT\system32\NeroCheck.exe
zBrowser Launcher = E:\Program Files\Mouseware\iTouch.exe
Ad-watch = E:\Program Files\Ad-aware 6\Ad-watch.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
internat.exe = internat.exe
ASUS SmartDoctor = C:\Program Files\ASUS\SmartDoctor\VGAProbe.exe FirstTime
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
--------------------------------------------------
Shell & screensaver key from C:\WINNT\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - e:\program files\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
--------------------------------------------------
Enumerating Download Program Files:
[HouseCall Besturing]
InProcServer32 = C:\WINNT\DOWNLO~1\xscan53.ocx
CODEBASE =
http://a840.g.akamai.net/7/840/537/2003050201/housecall.antivirus.com/housecall/xscan53.cab
[CamImage Class]
InProcServer32 = C:\WINNT\Downloaded Program Files\AxisCamControl.ocx
CODEBASE =
http://www.nioz.nl/activex/AxisCamControl.ocx
[Update Class]
InProcServer32 = C:\WINNT\System32\iuctl.dll
CODEBASE =
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37635.2060416667
[Shockwave Flash Object]
InProcServer32 = C:\WINNT\System32\macromed\flash\Flash.ocx
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[MSN Chat Control 4.5]
InProcServer32 = C:\WINNT\Downloaded Program Files\MSNChat45.ocx
CODEBASE =
http://fdl.msn.com/public/chat/msnchat45.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll
WebCheck: C:\WINNT\System32\webcheck.dll
SysTray: stobject.dll
--------------------------------------------------
End of report, 5.833 bytes
Report generated in 0,070 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Wat ik nog wel mis (en dan kom ik toch weer gedeeltelijk terug bij mijn beginvraag) is dat onder de knop zoeken en dan onder de knop aanpassen in het linker veld niet meer de mogelijkheid van aanpassen is die er voorheen wel was.
Ik krijg daar nu de MSN zoekpagina voorgeschoteld en niet de mogelijkheid die standaard aanwezig is; Een soort van helpscherm met keuzemogelijkheden.