Medion laptop sinds tijdje erg traag

[tinyy]

Sinds enige tijd is mijn laptop erg traag. Het begint zo langzaam erg irritant (vervelend) te worden.

Ik zou graag willen weten of ik daar nog iets aan kan doen zonder er veel geld tegen aan te smijten. Dus hier onder eerst een hijackthis logje.

Dus kan iemand mij helpen?

Alvast bedankt voor de hulp!

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 19:52:40, on 10-10-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\VistaDrive\VistaDrive.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe

C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Program Files\Launch Manager\WisLMSvc.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Administrator\Mijn documenten\Downloads\HitmanPro.exe

C:\Program Files\HitmanPro\hmpsched.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Documents and Settings\Administrator\Mijn documenten\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')

O4 - Startup: wirelessstart.vbs

O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} -

Microsoft Support

(file missing)

O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} -

Microsoft Support

(file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--

End of file - 7886 bytes

[iEscape]

@ tinyy,

op PCH!

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

[kape]

Het is vermoedelijk een Windows XP met al heel wat kilometers (of jaren) op de teller ?

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKUS\S-1-5-20\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')

O9 - Extra button: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support (file missing)

O9 - Extra 'Tools' menuitem: MS-KB - {8b2d996f-b7d1-4961-a929-414d9cf5ba7b} - Microsoft Support (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

[tinyy]

Hierbij het logje van RSIT

Logfile of random's system information tool 1.09 (written by random/random)

Run by Erik at 2013-10-13 19:23:43

Microsoft Windows XP Professional Service Pack 3

System drive C: has 6 GB (13%) free of 50 GB

Total RAM: 510 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:24:05, on 13-10-2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\HitmanPro\hmpsched.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\VistaDrive\VistaDrive.exe

C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe

C:\Program Files\Launch Manager\LaunchAp.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Launch Manager\WisLMSvc.exe

C:\Program Files\Launch Manager\OSD.exe

C:\Program Files\Launch Manager\Wbutton.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe

C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe

C:\WINDOWS\system32\wuauclt.exe

G:\RSIT.exe

C:\Program Files\trend micro\Erik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Default user')

O4 - Startup: wirelessstart.vbs

O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O17 - HKLM\System\CS1\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O17 - HKLM\System\CS2\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

--

End of file - 8469 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]

"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2004-10-08 88363]

"VistaDrive"=C:\WINDOWS\VistaDrive\VistaDrive.exe [2006-10-05 280779]

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [2008-03-25 144784]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]

"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]

"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2007-04-16 192512]

"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe []

"LMgrOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224]

"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2006-11-09 86016]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-05-21 15360]

"VisualTaskTips"=C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe [2007-09-05 36352]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten

wirelessstart.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2008-02-26 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-05-21 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"ForceClassicControlPanel"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

"C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\Administrator\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Documents and Settings\Administrator\Bureaublad\teamspeak3-server_win32\ts3server_win32.exe"="C:\Documents and Settings\Administrator\Bureaublad\teamspeak3-server_win32\ts3server_win32.exe:*:Enabled:TeamSpeak 3 Server"

"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"

"C:\Documents and Settings\Administrator\Bureaublad\Crack\mIRC.exe"="C:\Documents and Settings\Administrator\Bureaublad\Crack\mIRC.exe:*:Enabled:mIRC"

"C:\Documents and Settings\Administrator\Bureaublad\mIRC.exe"="C:\Documents and Settings\Administrator\Bureaublad\mIRC.exe:*:Enabled:mIRC"

"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"

"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"

"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"

"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare "

"C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"VIDC.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"VIDC.IYUV"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVU9"=tsbyuv.dll

"VIDC.YVYU"=msyuv.dll

"wavemapper"=msacm32.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"mixer1"=wdmaud.drv

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 month======

2013-10-13 19:23:46 ----D---- C:\Program Files\trend micro

2013-10-13 19:23:43 ----D---- C:\rsit

2013-10-13 18:39:31 ----D---- C:\WINDOWS\LastGood

2013-10-12 22:49:32 ----D---- C:\Program Files\SearchProtect

2013-10-12 22:46:01 ----D---- C:\Documents and Settings\Administrator\Application Data\uTorrent

2013-10-12 17:57:39 ----D---- C:\Program Files\VMware

2013-10-10 21:30:37 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys

2013-10-10 21:30:37 ----A---- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys

2013-10-10 21:30:20 ----A---- C:\WINDOWS\system32\PnkBstrB.exe

2013-10-10 21:30:17 ----D---- C:\WINDOWS\system32\LogFiles

2013-10-10 21:30:17 ----A---- C:\WINDOWS\system32\PnkBstrA.exe

2013-10-10 21:11:07 ----D---- C:\Program Files\Activision

2013-10-10 21:08:05 ----SHD---- C:\WINDOWS\ftpcache

2013-10-10 19:43:57 ----D---- C:\Program Files\CCleaner

2013-10-10 19:41:16 ----D---- C:\Program Files\HitmanPro

2013-10-10 19:40:53 ----D---- C:\Documents and Settings\All Users\Application Data\HitmanPro

2013-09-22 13:56:53 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet

======List of files/folders modified in the last 1 month======

2013-10-13 19:23:46 ----RD---- C:\Program Files

2013-10-13 18:45:28 ----HD---- C:\WINDOWS\inf

2013-10-13 18:45:22 ----D---- C:\WINDOWS

2013-10-13 18:44:47 ----D---- C:\WINDOWS\Prefetch

2013-10-13 18:39:29 ----D---- C:\WINDOWS\system32\CatRoot2

2013-10-13 18:36:17 ----D---- C:\WINDOWS\system32\drivers

2013-10-12 23:50:43 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-10-12 21:40:54 ----SHD---- C:\WINDOWS\Installer

2013-10-12 18:51:02 ----D---- C:\WINDOWS\Microsoft.NET

2013-10-12 18:51:00 ----RSD---- C:\WINDOWS\assembly

2013-10-12 18:32:57 ----D---- C:\WINDOWS\system32

2013-10-10 22:00:04 ----D---- C:\WINDOWS\system32\DirectX

2013-10-10 22:00:03 ----D---- C:\WINDOWS\Temp

2013-10-10 21:30:12 ----HD---- C:\Program Files\InstallShield Installation Information

2013-10-10 19:50:53 ----D---- C:\Documents and Settings\Administrator\Application Data\Winamp

2013-10-10 19:50:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Media Player Classic

2013-10-10 19:48:03 ----D---- C:\WINDOWS\Logs

2013-10-10 19:48:03 ----D---- C:\WINDOWS\Debug

2013-10-06 18:28:00 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-05-21 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-03-19 717296]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-05-21 77568]

R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-05-21 40448]

R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-10-08 1270540]

R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-05-21 60800]

R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-02-26 2863616]

R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM); C:\WINDOWS\system32\DRIVERS\vrtaucbl.sys [2013-06-23 50728]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-05-21 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]

R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-05-21 61824]

R3 NSCIRDA;Stuurprogramma voor NSC-infraroodapparaat; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]

R3 Rasirda;WAN-minipoort (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-21 104320]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-05-21 79232]

R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]

R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-05-21 20608]

R3 w29n51;Stuurprogramma voor Intel® PRO/Wireless 2200BG-netwerkverbinding onder Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2007-08-28 2210048]

S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []

S3 CCDECODE;Closed Caption-decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]

S3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

S3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]

S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]

S3 NdisIP;Microsoft TV/Video-verbinding; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]

S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]

S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]

S3 usbvideo;USB-videoapparaat (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]

S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-05-21 38528]

S3 WSTCODEC;World Standard Teletext-codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-05-21 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-02-26 520192]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2013-10-06 1752864]

R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-10-10 106280]

R2 Irmon;Infraroodmonitor; C:\WINDOWS\system32\svchost.exe [2008-05-21 14336]

R2 mitsijm2011;Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager; C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe [2010-01-22 462336]

R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2013-10-10 66872]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-05-21 14336]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]

R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 118784]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-20 116648]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]

S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-08-29 1045256]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-20 116648]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-11-02 917504]

S4 NetTcpPortSharing;Net.Tcp service voor het delen van poorten; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 Search Protect by Conduit Service;s
 CltMngSvc;s
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\SearchProtect;fs
 startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• HijackThis Log
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

[tinyy]

Zoek.exe logje.

Zoek.exe Version 4.0.0.5 Updated 13-October-2013

Tool run by Erik on zo 13-10-2013 at 21:04:39,35.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Administrator\Bureaublad\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

13-10-2013 21:09:27 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1454471165-117609710-1417001333-500\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKET_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

"c:\Program Files\SearchnProtect" not found

"C:\Documents and Settings\Administrator\DelDE8.tmp" deleted

"C:\Documents and Settings\Administrator\DelDE8.bat" deleted

"C:\Program Files\SearchProtect" deleted

"C:\Documents and Settings\Administrator\Application Data\OpenCandy" deleted

"C:\Documents and Settings\All Users\Application Data\boost_interprocess" deleted

"C:\Documents and Settings\Administrator\Local Settings\Application Data\SearchProtect" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp ====

2013-10-12 20:47:39 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\utt115.tmp.exe

2013-10-12 19:39:55 51E2C0FE6D9AF1C857D216080D831A7C 39968152 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EXa0.615\CoD4MW-1.6-1.7-PatchSetup.exe

2013-10-12 15:31:38 B350ABA0D477E774C42175A242BC8B05 152438272 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\14ec62.msi

2013-10-06 14:21:00 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\nss13E.exe

2013-10-06 14:21:00 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\nsl13F.exe

2013-10-06 14:21:00 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\nsk139.exe

2013-10-06 14:21:00 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\nse136.exe

====== C:\WINDOWS\system32 =====

2013-10-12 16:28:59 E01F7A2B39935B68863389434028560C 171569 ----a-w- C:\WINDOWS\System32\Angry Birds Star Wars [1].ico

2013-10-12 16:28:59 BBFB325019FB68A2784CA8A83FD38205 139690 ----a-w- C:\WINDOWS\System32\Angry Birds Star Wars [2].ico

2013-10-12 16:28:59 9D83D352EFBCCE51ED3E35E85E6401E1 158895 ----a-w- C:\WINDOWS\System32\Angry Birds Star Wars [3].ico

2013-10-12 16:28:59 69BA55DD8129441ACB29424156CD4810 159475 ----a-w- C:\WINDOWS\System32\Angry Birds Star Wars [5].ico

2013-10-12 16:28:59 5B0D5D787198E5935A833378352A067B 165299 ----a-w- C:\WINDOWS\System32\Angry Birds Star Wars [4].ico

2013-10-10 19:30:20 8444BEEC44BB609EBE43BFE1D85D861D 103736 ----a-w- C:\WINDOWS\System32\PnkBstrB.exe

2013-10-10 19:30:17 831883B107684301F48ACE752C963984 66872 ----a-w- C:\WINDOWS\System32\PnkBstrA.exe

====== C:\WINDOWS\system32\drivers =====

2013-10-10 19:30:37 8BB94087CEF0256F5EAD973D7524BF58 22328 ----a-w- C:\WINDOWS\System32\drivers\PnkBstrK.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-10-13 17:23:46 -------- d-----w- C:\Program Files\trend micro

2013-10-12 15:57:39 -------- d-----w- C:\Program Files\VMware

2013-10-10 19:11:07 -------- d-----w- C:\Program Files\Activision

2013-10-10 17:41:16 -------- d-----w- C:\Program Files\HitmanPro

======= C: =====

2013-09-22 12:24:17 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Cookies

====== C:\Documents and Settings\Administrator\Application Data ======

2013-10-12 20:46:01 -------- d-----w- C:\Documents and Settings\Administrator\Application Data\uTorrent

2013-10-12 16:13:55 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\VMware

2013-10-10 19:30:37 A719B9EE6116B496F4000C0B1311EA13 22328 ----a-w- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys

2013-10-10 18:59:49 -------- d-----w- C:\Documents and Settings\Administrator\Local Settings\Application Data\Autodesk,_Inc

2013-09-22 12:28:18 C9822383921373A12FD80EB9D2212527 255144 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

====== C:\Documents and Settings\Administrator ======

2013-10-10 19:30:37 A719B9EE6116B496F4000C0B1311EA13 22328 ----a-w- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys

2013-10-10 18:39:54 -------- d-sh--w- C:\Documents and Settings\Administrator\Onlangs geopend

====== C: exe-files ==

2013-10-12 20:47:56 27DA3304BCFC3A131141543767FDFE35 1141328 ----a-w- C:\Documents and Settings\Administrator\Application Data\uTorrent\updates\3.3.2_30180.exe

2013-10-12 20:47:51 295206BCBEF09873DC45B26E8C1CF84F 5616616 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\6ONEVO9W\SPSetup[1].exe

2013-10-12 20:47:46 80AF7980A7E0EE4345112F5AF92CF587 66992 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\WQT15RU7\spstub[1].exe

2013-10-12 20:47:39 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\utt115.tmp.exe

2013-10-12 20:47:34 27DA3304BCFC3A131141543767FDFE35 1141328 ----a-w- C:\Documents and Settings\Administrator\Application Data\uTorrent\uTorrent.exe

2013-10-12 20:43:57 27DA3304BCFC3A131141543767FDFE35 1141328 ----a-w- C:\Documents and Settings\Administrator\Mijn documenten\Downloads\utorrent.exe

2013-10-12 19:41:00 1BEB03CC3EA923D3BD88A4F1DC531662 311296 ----a-w- C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe

2013-10-12 19:39:55 51E2C0FE6D9AF1C857D216080D831A7C 39968152 ----a-w- C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EXa0.615\CoD4MW-1.6-1.7-PatchSetup.exe

2013-10-12 15:46:18 72B5DABB54B8E5670356196F7ACB1451 3796672 ----a-w- C:\Documents and Settings\Administrator\Mijn documenten\Downloads\vjredist.exe

2013-10-10 20:02:45 831883B107684301F48ACE752C963984 66872 ----a-w- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\pb\PnkBstrA.exe

2013-10-10 20:02:37 8444BEEC44BB609EBE43BFE1D85D861D 103736 ----a-w- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\pb\PnkBstrB.exe

2013-10-10 20:01:01 790D0CAF489C6CDF0E6860A8C096DA8B 311296 ----a-w- C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe

2013-10-10 19:30:12 F0E2EA22687A23C06F2DADF7E1B47A00 316680 ----a-w- C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe

2013-10-10 17:41:40 F5BBA95472F18B6223AC2F3AED397223 106280 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe

2013-10-10 17:41:39 76ADBD909FA0898834BE3A8C0EA76609 9186416 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-10-10 17:40:22 76ADBD909FA0898834BE3A8C0EA76609 9186416 ----a-w- C:\Documents and Settings\Administrator\Mijn documenten\Downloads\HitmanPro.exe

=== C: other files ==

2013-10-12 19:32:48 6697E9AB7E55CD8AAF7C7606EA4E2B01 39052170 ----a-w- C:\RECYCLER\S-1-5-21-1454471165-117609710-1417001333-500\Dc18.zip

2013-10-10 20:02:45 8BB94087CEF0256F5EAD973D7524BF58 22328 ----a-w- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\pb\PnkBstrK.sys

2013-10-10 19:30:37 A719B9EE6116B496F4000C0B1311EA13 22328 ----a-w- C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys

2013-10-10 19:30:37 8BB94087CEF0256F5EAD973D7524BF58 22328 ----a-w- C:\WINDOWS\system32\drivers\PnkBstrK.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe"

[HKEY_USERS\S-1-5-21-1454471165-117609710-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"PackNoVs"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe --unsetvs"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"PackNoVs"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe --unsetvs"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"PackNoVs"="C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe --unsetvs"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE"

"AGRSMMSG"="AGRSMMSG.exe"

"VistaDrive"="C:\WINDOWS\VistaDrive\VistaDrive.exe"

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

"LaunchAp"="C:\Program Files\Launch Manager\LaunchAp.exe"

"HotkeyApp"="C:\Program Files\Launch Manager\HotkeyApp.exe"

"CtrlVol"="C:\Program Files\Launch Manager\CtrlVol.exe"

"LMgrOSD"="C:\Program Files\Launch Manager\OSD.exe"

"Wbutton"="C:\Program Files\Launch Manager\Wbutton.exe"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"VisualTaskTips"="C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\\PROGRA~1\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll"

==== Startup Folders ======================

2013-03-19 22:04:54 280 ----a-w- C:\Documents and Settings\Administrator\Menu Start\Programma's\Opstarten\wirelessstart.vbs

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-03-2013 00:18]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [20-03-2013 00:18]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [25-06-2013 04:01]

==== Chrome Look ======================

Google Docs - Administrator - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Administrator - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Administrator - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Administrator - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Chrome In-App Payments service - Administrator - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Administrator - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP6DDED397-A5E5-4C3C-AB21-466E329D0B4B"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Conduit Search Url="http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6DDED397-A5E5-4C3C-AB21-466E329D0B4B&q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{C09ED1D4-B134-4F60-8B26-5E6FF788D1F7} Google Zoeken Url="http://www.google.nl/search?hl=nl&q={searchTerms}&meta="

==== Reset Google Chrome ======================

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"

O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSD.exe"

O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\Run: [VisualTaskTips] C:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'Netwerkservice')

O4 - HKUS\S-1-5-20\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [PackNoVs] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\pack-it.exe" --unsetvs (User 'Default user')

O4 - Startup: wirelessstart.vbs

O4 - Global Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O17 - HKLM\System\CS1\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O17 - HKLM\System\CS2\Services\Tcpip\..\{09F47702-96C0-4440-841D-5ACABD8271A2}: NameServer = 192.168.1.50

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Autodesk Moldflow Inventor Tool Suite Integration 2011 Job Manager (mitsijm2011) - Unknown owner - C:\Program Files\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on zo 13-10-2013 at 21:23:38,92 ======================

[kape]

Dubbelklik op Zoek.exe om de tool te starten.

• 
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"=-;r

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[tinyy]

Zoek.exe Version 4.0.0.5 Updated 13-October-2013

Tool run by Erik on ma 14-10-2013 at 11:09:50,32.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Administrator\Bureaublad\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-13-192338.log 22867 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== EOF on ma 14-10-2013 at 11:11:29,81 ======================

[kape]

En hoe staat het nu met de snelheid van de laptop ?

[tinyy]

Het is wel een stukje beter inderdaad, bedankt.