Traag opstarten

[Knip]

Om te beginnen de beste wensen !

Computer start traag op en internet is trager dan voorheen, kan iemand helpen ?

[clarkie]

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Bekijk ook de instructievideo.

[Knip]

Logfile of random's system information tool 1.09 (written by random/random)

Run by rokn01 at 2014-01-03 15:13:43

Microsoft Windows XP Professional Service Pack 3

System drive C: has 35 GB (46%) free of 76 GB

Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:13:54, on 3-1-2014

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\acs.exe

C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

C:\WINDOWS\SYSTEM32\DWRCS.EXE

C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

C:\Program Files\F-Secure\Device Control\fsdevcon32.exe

C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE

C:\Program Files\F-Secure\Common\FSMA32.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\AT&T Global Network Client\netcfgsvr.exe

C:\Program Files\F-Secure\Common\FSHDLL32.EXE

C:\Program Files\AT&T Global Network Client\NetClientSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\INVENTORYCLIENT\client.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

C:\WINDOWS\system32\CCM\CcmExec.exe

C:\Program Files\F-Secure\Anti-Virus\fssm32.exe

C:\Program Files\F-Secure\Common\FNRB32.EXE

C:\Program Files\F-Secure\Common\FIH32.EXE

C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe

C:\Program Files\F-Secure\Anti-Virus\fsav32.exe

C:\PROGRA~1\AT&TGL~1\NETLOG~1.EXE

C:\WINDOWS\SYSTEM32\DWRCST.exe

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\F-Secure\Common\FSM32.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\rokn01\Desktop\RSIT.exe

C:\Program Files\trend micro\rokn01.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://keypoint.assaabloy.net/Entrance-Systems/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken=

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Client Access Service] "C:\Program Files\IBM\Client Access\cwbsvstr.exe"

O4 - HKLM\..\Run: [Client Access Help Update] "C:\Program Files\IBM\Client Access\cwbinhlp.exe"

O4 - HKLM\..\Run: [Client Access Check Version] "C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN

O4 - HKLM\..\Run: [Client Access Express Welcome] "C:\Program Files\IBM\Client Access\cwbwlwiz.exe"

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [installValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707] C:\Program Files\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s

O4 - HKLM\..\Run: [DameWare MRC Agent] C:\WINDOWS\system32\DWRCST.exe

O4 - HKCU\..\Run: [NetSP - restore settings on power failure] "C:\Program Files\AT&T Global Network Client\NetSP.exe" -show

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = C:\Documents and Settings\rokn01\Local Settings\temp\{3E401CE9-6822-4CC3-8897-8005C492AF66}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O15 - ESC Trusted Zone: http://view.atdmt.com

O15 - ESC Trusted Zone: http://xenapp.cardo.net

O15 - ESC Trusted Zone: Microsoft's Premier Technical Learning Event | TechEd North America 2013

O15 - ESC Trusted Zone: http://www.facebook.com

O15 - ESC Trusted Zone: http://connect.facebook.net

O15 - ESC Trusted Zone: http://static.ak.fbcdn.net

O15 - ESC Trusted Zone: http://cdnt.meteorsolutions.com

O15 - ESC Trusted Zone: http://static.meteorsolutions.com

O15 - ESC Trusted Zone: TechEd | 2014

O15 - ESC Trusted Zone: http://view.atdmt.com (HKLM)

O15 - ESC Trusted Zone: http://xenapp.cardo.net (HKLM)

O15 - ESC Trusted Zone: Microsoft's Premier Technical Learning Event | TechEd North America 2013 (HKLM)

O15 - ESC Trusted Zone: http://www.facebook.com (HKLM)

O15 - ESC Trusted Zone: http://connect.facebook.net (HKLM)

O15 - ESC Trusted Zone: http://static.ak.fbcdn.net (HKLM)

O15 - ESC Trusted Zone: http://cdnt.meteorsolutions.com (HKLM)

O15 - ESC Trusted Zone: http://static.meteorsolutions.com (HKLM)

O15 - ESC Trusted Zone: TechEd | 2014 (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1274095228406

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540001} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - http://84.54.135.77/activex/AMC.cab

O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cardo.net

O17 - HKLM\Software\..\Telephony: DomainName = cardo.net

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cardo.net

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = cardo.net

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\WINDOWS\system32\acs.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Opdracht op afstand iSeries Access for Windows (Cwbrxd) - IBM Corporation - C:\WINDOWS\CWBRXD.EXE

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: DameWare Mini Remote Control (DWMRCS) - DameWare Development LLC - C:\WINDOWS\SYSTEM32\DWRCS.EXE

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE

O23 - Service: F-Secure Device Control Daemon (fsdevcon) - F-Secure Corporation - C:\Program Files\F-Secure\Device Control\\fsdevcon32.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Juniper Unified Network Service (JuniperAccessService) - Juniper Networks, Inc. - C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe

O23 - Service: AT&T Network Configuration Service (netcfgsvr) - AT&T - C:\Program Files\AT&T Global Network Client\netcfgsvr.exe

O23 - Service: AT&T Global Network Client Service (NetClientSvc) - AT&T - C:\Program Files\AT&T Global Network Client\NetClientSvc.exe

O23 - Service: NetLogSvc - AT&T - C:\PROGRA~1\AT&TGL~1\NETLOG~1.EXE

O23 - Service: ProService for 8.3B (ProService8.3B) - Progress Software - C:\DLC\bin\ProSrvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Snow Inventory Client (SnowInventoryClient) - Snow Software AB - C:\Program Files\INVENTORYCLIENT\client.exe

O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

--

End of file - 13066 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{2BFC4E6F-924A-48AF-93FE-87A96F6D8FC7}.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{72015A0F-3E0B-49A9-825D-746A296A2E24}.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{8D4D68DF-33A1-4E5E-AEC5-902CCC0E324C}.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{F1EB52EA-AF37-4D99-A556-1A1E11AA03D9}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2007-03-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-12-03 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-12-03 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-12-03 79856]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]

"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]

"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]

"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-12-03 176128]

"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-03-09 134656]

"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-03-09 166912]

"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-03-09 135680]

"Client Access Service"=C:\Program Files\IBM\Client Access\cwbsvstr.exe [2002-05-07 20530]

"Client Access Help Update"=C:\Program Files\IBM\Client Access\cwbinhlp.exe [2002-05-07 24626]

"Client Access Check Version"=C:\Program Files\IBM\Client Access\cwbckver.exe [2002-05-07 45056]

"Client Access Express Welcome"=C:\Program Files\IBM\Client Access\cwbwlwiz.exe [2002-05-07 20530]

"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-09-18 2412032]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-10-25 421888]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2013-06-25 348608]

"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2013-06-25 1878976]

"InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707"=C:\Program Files\National Instruments\Shared\NIUninstaller\InstallValidator.exe [2013-06-19 265096]

"DameWare MRC Agent"=C:\WINDOWS\system32\DWRCST.exe [2009-02-04 78848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NetSP - restore settings on power failure"=C:\Program Files\AT&T Global Network Client\NetSP.exe [2009-10-08 53600]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

C:\Documents and Settings\rokn01\Start Menu\Programs\Startup

RollerCoaster Tycoon 3 Registration.lnk - C:\Documents and Settings\rokn01\Local Settings\temp\{3E401CE9-6822-4CC3-8897-8005C492AF66}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2009-03-09 205824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"Wallpaper"=C:\Windows\Web\Wallpaper\AAES_desktop.jpg

"WallpaperStyle"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLUA"=0

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=67108863

"NoDrives"=0

"NoBandCustomize"=0

"NoMovingBands"=0

"NoCloseDragDropBands"=0

"NoDriveTypeAutoRun"=145

"NoActiveDesktop"=1

"NoDesktopCleanupWizard"=1

"NoSMConfigurePrograms"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoDriveAutoRun"=67108863

"NoDrives"=0

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\AT&T Global Network Client\SwiApiMux.exe"="C:\Program Files\AT&T Global Network Client\SwiApiMux.exe:*:Enabled:SwiApiMux"

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\AT&T Global Network Client\NetClient.exe"="C:\Program Files\AT&T Global Network Client\NetClient.exe:*:Enabled:Network access client"

"C:\Documents and Settings\rokn01\Desktop\utorrent.exe"="C:\Documents and Settings\rokn01\Desktop\utorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"

"C:\Documents and Settings\rokn01\Desktop\Prive\utorrent.exe"="C:\Documents and Settings\rokn01\Desktop\Prive\utorrent.exe:*:Enabled:µTorrent"

"C:\Program Files\IBM\Client Access\cwbunnav.exe"="C:\Program Files\IBM\Client Access\cwbunnav.exe:*:Enabled:cwbunnav.exe"

"C:\Documents and Settings\rokn01\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\rokn01\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe"="C:\Program Files\LEGO Software\LEGO MINDSTORMS EV3 Home Edition\MindstormsEV3.exe:*:Enabled:LEGO EV3"

"C:\Documents and Settings\rokn01\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\rokn01\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\McAfee\Common Framework\FrameworkService.exe"="C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"

"C:\Program Files\AT&T Global Network Client\NetClient.exe"="C:\Program Files\AT&T Global Network Client\NetClient.exe:*:Enabled:Network access client"

"C:\Program Files\IBM\Client Access\cwbunnav.exe"="C:\Program Files\IBM\Client Access\cwbunnav.exe:*:Enabled:cwbunnav.exe"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Documents and Settings\rokn01\Application Data\Spotify\spotify.exe"="C:\Documents and Settings\rokn01\Application Data\Spotify\spotify.exe:*:Enabled:Spotify"

"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-01-03 15:13:43 ----D---- C:\rsit

2013-12-22 19:04:18 ----D---- C:\Program Files\SearchProtect

2013-12-22 19:03:16 ----D---- C:\Documents and Settings\rokn01\Application Data\uTorrent

2013-12-22 18:39:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$

2013-12-22 18:38:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$

2013-12-22 18:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$

2013-12-22 18:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$

2013-12-07 21:47:29 ----D---- C:\Program Files\IVI Foundation

2013-12-07 21:47:29 ----D---- C:\Documents and Settings\All Users\Application Data\IVI Foundation

2013-12-07 21:45:13 ----D---- C:\Program Files\LEGO Software

2013-12-07 21:44:14 ----D---- C:\Documents and Settings\All Users\Application Data\LEGO MINDSTORMS EV3

2013-12-07 21:44:03 ----D---- C:\Program Files\National Instruments

2013-12-07 21:43:40 ----D---- C:\Documents and Settings\All Users\Application Data\National Instruments

======List of files/folders modified in the last 1 month======

2014-01-03 15:13:54 ----D---- C:\Program Files\Trend Micro

2014-01-03 15:13:46 ----D---- C:\WINDOWS\Prefetch

2014-01-03 15:11:43 ----D---- C:\WINDOWS\temp

2014-01-03 14:58:17 ----A---- C:\WINDOWS\SMSCFG.ini

2014-01-03 14:56:58 ----A---- C:\WINDOWS\ModemLog_Standard Modem.txt

2014-01-03 14:56:52 ----D---- C:\WINDOWS\system32\CatRoot2

2014-01-03 14:56:52 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt

2014-01-01 14:06:14 ----A---- C:\WINDOWS\SchedLgU.Txt

2014-01-01 14:00:08 ----D---- C:\WINDOWS

2014-01-01 12:13:19 ----D---- C:\Program Files\Google

2014-01-01 12:13:19 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2014-01-01 12:13:17 ----SHD---- C:\WINDOWS\Installer

2014-01-01 12:13:16 ----D---- C:\Config.Msi

2014-01-01 12:12:56 ----SD---- C:\Documents and Settings\rokn01\Application Data\Microsoft

2014-01-01 12:12:53 ----RD---- C:\Program Files

2014-01-01 11:30:00 ----AC---- C:\WINDOWS\NeroDigital.ini

2013-12-27 21:36:14 ----D---- C:\WINDOWS\system32

2013-12-26 09:45:19 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-12-25 09:49:18 ----HD---- C:\WINDOWS\inf

2013-12-22 18:39:41 ----D---- C:\Program Files\Internet Explorer

2013-12-18 15:12:37 ----D---- C:\CALC

2013-12-12 10:14:05 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-12-07 21:47:29 ----D---- C:\WINDOWS\system32\drivers

2013-12-07 21:44:32 ----D---- C:\WINDOWS\WinSxS

2013-12-07 21:03:34 ----D---- C:\Documents and Settings\rokn01\Application Data\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]

R0 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]

R0 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]

R0 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]

R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

R0 fsbts;fsbts; C:\WINDOWS\system32\Drivers\fsbts.sys [2013-09-17 44240]

R0 FSFW;F-Secure Firewall Driver; C:\WINDOWS\System32\drivers\fsdfw.sys [2013-06-25 83360]

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\System32\Drivers\iaStor.sys [2009-02-11 329752]

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]

R0 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]

R0 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]

R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\WINDOWS\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]

R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys []

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]

R2 agnwifi;AT&T Wi-Fi Support Driver; C:\WINDOWS\system32\DRIVERS\agnwifi.sys [2009-10-08 19328]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R3 agnfilt;AGN Filter Interface; C:\WINDOWS\system32\DRIVERS\agnfilt.sys [2009-10-08 192256]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2009-11-24 154672]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]

R3 atmeltpm;atmeltpm; C:\WINDOWS\system32\DRIVERS\atmeltpm.sys [2005-05-17 15872]

R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-12-10 187392]

R3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]

R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]

R3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]

R3 dsNcAdpt;Juniper Network Connect Adapter; C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys [2012-08-24 26624]

R3 DwMirror;DwMirror; C:\WINDOWS\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys []

R3 fsni;fsni; \??\C:\Program Files\F-Secure\NIF\bin\fsnixp32.sys []

R3 fsnitdi;fsnitdi; \??\C:\Program Files\F-Secure\NIF\bin\fsnitdi32.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAudN.sys [2007-04-27 666112]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-25 988032]

R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-25 210688]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-03-09 6278016]

R3 IBMPMDRV;IBMPMDRV; C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys [2007-06-01 21424]

R3 LenovoRd;LenovoRd; C:\WINDOWS\System32\Drivers\LenovoRd.sys [2007-06-08 81280]

R3 NETw4x32;Intel® Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-11-26 2236544]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]

R3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys []

R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]

R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-01-18 26496]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]

R3 smsmdd;smsmdd; C:\WINDOWS\system32\DRIVERS\smsmdm.sys [2008-10-20 12448]

R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2008-08-22 26760]

R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2007-03-14 40848]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]

R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-25 731136]

R3 WSIMD;wsimd Service; C:\WINDOWS\system32\DRIVERS\wsimd.sys [2007-07-03 57344]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []

S3 avpnnic;AGN Virtual Network Adapter; C:\WINDOWS\system32\DRIVERS\avpnnic.sys [2009-10-08 11392]

S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]

S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]

S3 catchme;catchme; \??\C:\DOCUME~1\rokn01\LOCALS~1\Temp\catchme.sys []

S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-07-23 112640]

S3 gtermddo;gtermddo; \??\C:\DOCUME~1\rokn01\LOCALS~1\Temp\gtermddo.sys []

S3 GTF32BUS;GT F32 BUS; C:\WINDOWS\system32\DRIVERS\gtf32bus.sys [2008-02-13 35200]

S3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2008-02-13 8064]

S3 GTSCSER;GT SC SER; C:\WINDOWS\system32\DRIVERS\gtscser.sys [2008-02-13 21248]

S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-10 49920]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-10 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-10 21568]

S3 HTCAND32;HTC Device Driver; C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys []

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-07-23 102528]

S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-07-23 100480]

S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2008-11-04 7680]

S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]

S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]

S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]

S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]

S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys []

S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys []

S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 acs;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2007-03-21 364629]

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R2 CcmExec;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2009-09-18 764768]

R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2013-12-16 2251552]

R2 dsNcService;Juniper Network Connect Service; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [2013-07-29 684136]

R2 DWMRCS;DameWare Mini Remote Control; C:\WINDOWS\SYSTEM32\DWRCS.EXE [2009-02-04 234496]

R2 fsdevcon;F-Secure Device Control Daemon; C:\Program Files\F-Secure\Device Control\\fsdevcon32.exe [2013-06-25 411584]

R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2013-06-25 224192]

R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2013-06-25 188864]

R2 IBMPMSVC;ThinkPad PM Service; C:\WINDOWS\system32\ibmpmsvc.exe [2007-06-01 36400]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-12-03 153584]

R2 JuniperAccessService;Juniper Unified Network Service; C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [2012-08-22 158832]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2007-03-22 322120]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 netcfgsvr;AT&T Network Configuration Service; C:\Program Files\AT&T Global Network Client\netcfgsvr.exe [2009-10-08 452448]

R2 NetClientSvc;AT&T Global Network Client Service; C:\Program Files\AT&T Global Network Client\NetClientSvc.exe [2009-10-08 342368]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 SnowInventoryClient;Snow Inventory Client; C:\Program Files\INVENTORYCLIENT\client.exe [2013-10-28 3359744]

R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 9216]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2013-06-25 551872]

R3 F-Secure Network Request Broker;F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [2013-06-25 217024]

R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2013-06-06 60352]

R3 NetLogSvc;NetLogSvc; C:\PROGRA~1\AT&TGL~1\NETLOG~1.EXE [2009-10-08 75616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-13 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 Cwbrxd;Opdracht op afstand iSeries Access for Windows; C:\WINDOWS\CWBRXD.EXE [2002-02-04 53296]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-13 136176]

S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2007-03-22 89136]

S3 ProService8.3B;ProService for 8.3B; C:\DLC\bin\ProSrvc.exe [1999-01-30 30208]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]

S3 smstsmgr;SMS Task Sequence Agent; C:\WINDOWS\system32\CCM\TSManager.exe [2009-09-18 246624]

S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[kape]

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  CltMngSvc;s
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 C:\Program Files\SearchProtect;fs
  emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Do a Quick Scan
  
  
• IE Defaults
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[Knip]

Zoek.exe v5.0.0.0 Updated 02-Januari-2014

Tool run by rokn01 on za 04-01-2014 at 11:24:53,00.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\rokn01\Desktop\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used]

===== Runcheck 11:29:58,67 =====

--- Create Environment Variables 11:29:59,78

--- Checking Input 11:30:22,64

--- AU AppData Check 11:30:28,92

--- Remove From Windows Installer 11:30:32,28

--- Empty Folders Check 11:34:05,34

--- IE Startpage Check 11:34:51,57

--- Program Files DB Check 11:36:12,10

--- C:\Documents and Settings\Administrator\Application Data DB Check 11:37:01,46

--- C:\Documents and Settings\Default User\Application Data DB Check 11:37:01,46

[kape]

Dit is slechts een overzicht van de bewerkingen wanneer zoek.exe nog bezig is. Het wordt nog even wachten op het eindresultaat en het logje dat je dan kan posten.

[Knip]

Zoek.exe v5.0.0.0 Updated 02-Januari-2014

Tool run by rokn01 on za 04-01-2014 at 11:24:53,00.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\rokn01\Desktop\zoek\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-07-30-144224.log 5911 bytes

==== Empty Folders Check ======================

C:\Program Files\Axis Communications deleted successfully

C:\Program Files\Hewlett-Packard deleted successfully

C:\Program Files\PokerStars.EU deleted successfully

C:\Program Files\Simpo PDF to Word deleted successfully

C:\Program Files\Common Files\Apple deleted successfully

C:\Documents and Settings\jebr02\Application Data\ICAClient deleted successfully

C:\Documents and Settings\LocalService\Application Data\Apple Computer deleted successfully

C:\Documents and Settings\rokn01\Application Data\DAEMON Tools Pro deleted successfully

C:\Documents and Settings\rokn01\Application Data\Outlook deleted successfully

C:\Documents and Settings\LocalService\Local Settings\Application Data\Google deleted successfully

C:\Documents and Settings\rokn01\Local Settings\Application Data\CutePDF Writer deleted successfully

C:\Documents and Settings\rokn01\Local Settings\Application Data\Downloaded Installations deleted successfully

C:\Documents and Settings\rokn01\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2781560043-2945397114-2333775007-4818\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

==== Deleting Files \ Folders ======================

C:\Program Files\SearchProtect deleted

C:\extensions deleted

C:\Documents and Settings\rokn01\Local Settings\Application Data\SearchProtect deleted

C:\Documents and Settings\rokn01\Local Settings\Application Data\cache deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\rokn01\LOCALS~1\Temp ====

2013-12-22 18:04:09 9FB9D49C2DB7EDD1084AB765D619F5C6 66368 ----a-w- C:\Documents and Settings\rokn01\Local Settings\Temp\utt11.tmp.exe

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-12-07 20:47:29 -------- d-----w- C:\Program Files\IVI Foundation

2013-12-07 20:45:13 -------- d-----w- C:\Program Files\LEGO Software

2013-12-07 20:44:03 -------- d-----w- C:\Program Files\National Instruments

======= C: =====

====== C:\Documents and Settings\rokn01\Application Data ======

2013-12-22 18:03:16 -------- d-----w- C:\Documents and Settings\rokn01\Application Data\uTorrent

2013-12-07 20:56:43 4DCAE2DDC67ADD848F56453773E16B81 208744 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2781560043-2945397114-2333775007-4818-0.dat

2013-12-07 20:49:10 -------- d-----w- C:\Documents and Settings\rokn01\Local Settings\Application Data\LEGO

====== C:\Documents and Settings\rokn01 ======

2014-01-03 14:13:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\rokn01\Desktop\RSIT.exe

2014-01-01 10:01:27 -------- d--h--r- C:\Documents and Settings\rokn01\Recent

2013-12-22 18:01:55 BE27EB2DF4A3740E9385BC810BECC18D 1340496 ----a-w- C:\Documents and Settings\rokn01\Desktop\utorrent.exe

====== C: exe-files ==

2014-01-03 14:13:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\rokn01.exe

2014-01-03 14:13:24 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\rokn01\Desktop\RSIT.exe

=== C: other files ==

2014-01-03 15:17:53 04E34D76A6EDA4D8A4F2393064F10D6C 17791 ----a-w- C:\Documents and Settings\rokn01\Local Settings\Temporary Internet Files\Content.IE5\24F3VB74\beelden[1].zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2781560043-2945397114-2333775007-4818\Software\Microsoft\Windows\CurrentVersion\Run]

"NetSP - restore settings on power failure"="C:\Program Files\AT&T Global Network Client\NetSP.exe -show"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"

"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC"

"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName"

"BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"

"Apoint"="C:\Program Files\Apoint2K\Apoint.exe"

"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe"

"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe"

"Persistence"="C:\WINDOWS\system32\igfxpers.exe"

"Client Access Service"="C:\Program Files\IBM\Client Access\cwbsvstr.exe"

"Client Access Help Update"="C:\Program Files\IBM\Client Access\cwbinhlp.exe"

"Client Access Check Version"="C:\Program Files\IBM\Client Access\cwbckver.exe LOGIN"

"Client Access Express Welcome"="C:\Program Files\IBM\Client Access\cwbwlwiz.exe"

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.EXE /splash"

"F-Secure TNB"="C:\Program Files\F-Secure\FSGUI\TNBUtil.exe /CHECKALL /WAITFORSW"

"InstallValidator.exe.FA87EC44_C38F_4148_93A1_FF4A64A2B707"="C:\Program Files\National Instruments\Shared\NIUninstaller\InstallValidator.exe -s"

"DameWare MRC Agent"="C:\WINDOWS\system32\DWRCST.exe"

"Synchronization Manager"="%SystemRoot%\system32\mobsync.exe /logon"

"MobileConnect"="%programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"NetSP - restore settings on power failure"="C:\Program Files\AT&T Global Network Client\NetSP.exe -show"

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"

==== Startup Folders ======================

2012-03-01 22:53:04 1483 ----a-w- C:\Documents and Settings\rokn01\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-04-2011 20:29]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-04-2011 20:29]

C:\WINDOWS\tasks\User_Feed_Synchronization-{2BFC4E6F-924A-48AF-93FE-87A96F6D8FC7}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{72015A0F-3E0B-49A9-825D-746A296A2E24}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{8D4D68DF-33A1-4E5E-AEC5-902CCC0E324C}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]

C:\WINDOWS\tasks\User_Feed_Synchronization-{F1EB52EA-AF37-4D99-A556-1A1E11AA03D9}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"jqs@sun.com"=hex(2):43,00,3a,00,5c,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,\ []

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\DOCUME~1\rokn01\LOCALS~1\Temp\ccex.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\DOCUME~1\rokn01\LOCALS~1\Temp\crx4F.tmp[]

Google Drive - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

AdBlock - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

Google Wallet - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Zoeken="

"Default_Page_URL"="https://keypoint.assaabloy.net/Entrance-Systems/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!"

"Start Page"="Google"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Conduit Search Url="{searchTerms} - Bing="

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\exzamo01\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\jebr02\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalAdmin\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\rokn01\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\rokn01\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=176 folders=44 31157659 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully

C:\Documents and Settings\exzamo01\Local Settings\Temp emptied successfully

C:\Documents and Settings\itsp01\Local Settings\Temp emptied successfully

C:\Documents and Settings\jebr02\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalAdmin\Local Settings\Temp emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully

C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully

C:\Documents and Settings\rokn01\Local Settings\Temp will be emptied at reboot

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\rokn01\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\rokn01\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on za 04-01-2014 at 12:14:24,70 ======================

[kape]

En hoe staat het nu met de snelheid ?

[Knip]

Internet gaat beter, opstarten duurd no 10 minuten

[kape]

Download ComboFix van één van de onderstaande locaties naar het bureaublad.

Bleeping Computer

Info Spyware

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met ComboFix.exe

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op "ComboFix" om de tool te starten, Windows Vista, 7 & 8 gebruikers zullen een melding krijgen van UAC (Gebruikersaccountbeheer), klik hier op Ja / yes.
  
• Op een Windows XP computer zal ComboFix de "Recovery Console" installeren als deze nog niet aanwezig is. (Een actieve internet verbinding is dan een vereiste).
  
• Klik in het venster bij het 'Installeren van de Recovery Console' op "Ok".
  
• Klik in het info scherm op "Ja" als de Recovery Console met succes is geïnstalleerd.
  
• Klik in het scherm van de disclaimer op "I Agree", de benodigde onderdelen worden nu uitgepakt en middels ERUNT wordt er een register back-up gemaakt.
  
• Wanneer dit gereed is zal ComboFix vanzelf starten, in het blauwe scherm ziet u de voortgang van de systeemscan die wordt uitgevoerd.
  
• Belangrijk! gebruik de computer tijdens de scan niet voor andere zaken.
  
• Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden zoals bijvoorbeeld bij de aanwezigheid van een rootkit, dit is normaal.
  
• Wanneer ComboFix gereed is, zal het een logbestand aanmaken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.
  

* Noot !!! Indien u één van de onderstaande meldingen krijgt na het gebruik van ComboFix herstart dan de computer.

• Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
  
• Illegal operation attempted on a registry key that has been marked for deletion.