Zoek.exe v5.0.0.0 Updated 18-10-2014 Tool run by acer on zo 19-10-2014 at 19:24:52,62. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\acer\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-10-2014 19:28:41 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\WiseEnhance deleted successfully C:\PROGRA~3\OEM deleted successfully C:\Users\acer\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3250906126-519606885-1821637850-1001\Software\Microsoft\Internet Explorer\SearchScopes\{655C6F88-424F-4F3B-948E-F831D7C94EB1} deleted successfully HKEY_USERS\S-1-5-21-3250906126-519606885-1821637850-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe C:\Users\acer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe C:\Program Files (x86)\Search Extensions\Client.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\acer\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Pokki"=- "iLivid"=- ==== Deleting Files \ Folders ====================== C:\Users\acer\AppData\Local\iLivid not found C:\Users\acer\AppData\Roaming\1H1Q deleted C:\PROGRA~3\boost_interprocess deleted C:\Users\Default\AppData\Local\Pokki deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted C:\Users\acer\Downloads\iLividSetup-r776-n-bc.exe deleted C:\windows\SysNative\tasks\RocketTab deleted C:\windows\SysNative\tasks\RocketTab Update Task deleted C:\windows\SysNative\tasks\AppSafe deleted C:\Windows\tasks\AppSafe.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted "C:\Windows\Installer\85776.msi" deleted "C:\Program Files (x86)\Search Extensions\Client.exe" deleted "C:\PROGRA~2\Search Extensions\Client.exe" deleted "C:\Users\acer\AppData\Local\Pokki\analytics.db" not deleted "C:\Users\acer\AppData\Local\Pokki\engine_update.db" not deleted "C:\Users\acer\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" deleted "C:\Program Files (x86)\Search Extensions" deleted "C:\PROGRA~2\Search Extensions" deleted "C:\Users\acer\AppData\Local\Pokki" not deleted "C:\Users\acer\AppData\Local\Pokki\Engine" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3986 MB CPU Info: Intel(R) Pentium(R) CPU 2117U @ 1.80GHz CPU Speed: 1841,2 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Bluetooth-apparaat (Personal Area Network) | Microsoft Hosted Network Virtual Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR956x Wireless Network Adapter | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: MATSHITADVD-RAM UJ8D2Q Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 448,7GB Hard Disks - Free: C: 383,5GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer EA50_CX Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Norton Internet Security disabled Default Browser: Google Chrome 37.0.2062.124 Internet Explorer Version: 11.0.9600.17351 Google Chrome version: 37.0.2062.124 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\acer\AppData\Local\Temp ==== 2014-10-19 16:57:42 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite61653.dll 2014-10-19 16:57:05 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite62783.dll 2014-10-19 09:04:21 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite76036.dll 2014-10-18 17:32:15 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite62275.dll 2014-10-18 15:35:47 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite88176.dll 2014-10-18 14:29:16 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite49276.dll 2014-10-18 11:45:55 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite65025.dll 2014-10-18 11:45:49 2B3450786DF9A6FDE09D34F16B349681 3886816 ----a-w- C:\Users\acer\AppData\Local\Temp\uninstall.exe 2014-10-17 18:46:07 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite53811.dll 2014-10-16 15:57:26 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite58368.dll 2014-10-16 15:32:37 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite19455.dll 2014-10-16 15:28:42 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite19052.dll 2014-10-15 19:55:20 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite95521.dll 2014-10-15 19:53:57 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite15725.dll 2014-10-15 15:57:24 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite48553.dll 2014-10-15 15:28:44 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite99634.dll 2014-10-13 15:57:23 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite65860.dll 2014-10-13 15:21:52 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite81565.dll 2014-10-13 13:32:26 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite63402.dll 2014-10-13 13:30:38 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite11344.dll 2014-10-12 15:57:26 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite77857.dll 2014-10-12 09:57:26 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite15220.dll 2014-10-12 07:23:47 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite32395.dll 2014-10-12 07:21:58 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite35493.dll 2014-10-11 21:57:26 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite39406.dll 2014-10-11 15:57:27 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite74623.dll 2014-10-11 10:51:58 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite84798.dll 2014-10-11 10:50:11 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite56590.dll 2014-10-11 09:00:23 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite85607.dll 2014-10-11 08:58:39 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite67217.dll 2014-10-10 18:23:53 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite41292.dll 2014-10-09 15:57:29 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite30231.dll 2014-10-09 15:06:12 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite46392.dll 2014-10-09 15:05:12 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite17559.dll 2014-10-08 17:18:35 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite67626.dll 2014-10-08 17:17:20 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite12469.dll 2014-10-07 18:16:19 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite61007.dll 2014-10-07 15:57:23 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite72852.dll 2014-10-07 15:21:04 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite94486.dll 2014-10-07 15:19:44 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite89383.dll 2014-10-06 15:57:24 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite21446.dll 2014-10-06 15:24:09 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite12989.dll 2014-10-06 15:22:45 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite71471.dll 2014-10-05 18:01:46 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite25369.dll 2014-10-05 18:00:14 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\acer\AppData\Local\Temp\System.Data.SQLite41349.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-10-17 18:45:53 F2B359B8FA241B3E9B7340E4DE5B09CF 3886816 ----a-w- C:\Windows\SysWOW64\uninstall.exe 2014-10-16 15:46:46 CDB3123A2ABB34B830224B986568F4D4 626688 ----a-w- C:\Windows\SysWOW64\MrmCoreR.dll 2014-10-16 15:45:55 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-10-16 15:45:29 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-10-16 15:45:27 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-10-16 15:45:26 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-10-16 15:45:25 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-10-16 15:45:25 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-10-16 15:45:24 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 15:45:24 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 15:45:23 980D01CB48811552E09D9CFF397886C9 315904 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 15:45:22 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 15:45:22 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 15:45:22 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 15:45:21 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 15:45:21 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2014-10-16 15:44:12 09ABB665890DDCB614974AE563F0D877 672256 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2014-10-16 15:44:11 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2014-10-16 15:44:11 C2F6C71F5316DA478632B3B463B06E6D 80896 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2014-10-16 15:44:11 B6D3D955FBB174081CDFB977B726D069 123904 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2014-10-16 15:44:04 CE9FDB173E3FDA974B9CC2596558EA47 68608 ----a-w- C:\Windows\SysWOW64\packager.dll 2014-10-16 15:43:56 5D2C15BDAD48646C8CBC83903252D87C 514048 ----a-w- C:\Windows\SysWOW64\rastls.dll 2014-10-16 15:43:49 F51B727AFF404ED8D730DFA069D88D7B 18722600 ----a-w- C:\Windows\SysWOW64\shell32.dll 2014-10-16 15:43:49 074BF061D97E49AAF04F2FAF46409A14 5902848 ----a-w- C:\Windows\SysWOW64\Windows.UI.Search.dll 2014-10-16 15:43:47 7BEE9E040222E7033A820780E1A61204 5777408 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2014-10-16 15:43:46 A4E624F7658D08C1717542FA10E0A973 1467384 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2014-10-16 15:43:45 E86549FED3008360730A6B722079D537 756224 ----a-w- C:\Windows\SysWOW64\WSShared.dll 2014-10-16 15:43:45 DBA00F3FC75495058A25B24906C24599 1205976 ----a-w- C:\Windows\SysWOW64\propsys.dll 2014-10-16 15:43:45 BFC6F7889A9CFF451A418862444B9F63 321024 ----a-w- C:\Windows\SysWOW64\Wldap32.dll 2014-10-16 15:43:45 76831C139BD9E227712B283A6A5ABBA8 840192 ----a-w- C:\Windows\SysWOW64\SearchFolder.dll 2014-10-16 15:43:45 24B30DB8D1F8CF0F8C1AAAE319BC508E 838144 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2014-10-16 15:43:43 DA65F1320538BC417B8FAE0BCAC330A0 265216 ----a-w- C:\Windows\SysWOW64\SkyDriveShell.dll 2014-10-16 15:43:11 10F428429F7FF957B226E068A08B158A 3117568 ----a-w- C:\Windows\SysWOW64\msi.dll 2014-10-16 15:43:10 C49344C2F399A22704C682C5E18B8DF2 2321920 ----a-w- C:\Windows\SysWOW64\authui.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-10-16 15:47:21 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\Windows\Sysnative\win32k.sys 2014-10-16 15:46:46 34B5290B8770A2FC578E3FEAD3FD7462 921600 ----a-w- C:\Windows\Sysnative\MrmCoreR.dll 2014-10-16 15:46:44 8CBF1E2761816CFD9D32F8B32531D0FB 118272 ----a-w- C:\Windows\Sysnative\winbici.dll 2014-10-16 15:45:56 7415B29AFE2E4494A57358B8C7E78600 23631360 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-10-16 15:45:32 D3B07C2FABEAE749E4E51F1E93CABA23 5829632 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-10-16 15:45:30 7E60EE8A68F7270D1E1662CBA275D4FA 13619200 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-10-16 15:45:26 9D98D4F390F0B14A782F3B931E613A1A 2309632 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-10-16 15:45:26 050FD78BA4EFA62417F61F4C098B5B25 2796032 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-10-16 15:45:25 0F5A279522FA6A30C9C5A297A1064933 1447936 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-10-16 15:45:24 646C004F58AA4762F92BF7C595216C37 2108416 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-10-16 15:45:24 45B736E3184B68515FDB71D4083A9BCF 731136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-10-16 15:45:23 30FB9ABB6C45C3299CFA5F556904DD5F 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2014-10-16 15:45:23 2A1C9DB3F9C09795D77E9F24C30BE423 363008 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2014-10-16 15:45:23 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-10-16 15:45:22 DB101A62F9BF8E7765685950169EF52B 758272 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-10-16 15:45:22 A2105E46DC9CE38A1D57FB124436E1BC 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-10-16 15:45:22 98241BE7EB26C41562D33393DD12608F 289280 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-10-16 15:45:21 328143D6BC5951E1797BD524C4E98CDC 547328 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-10-16 15:45:21 2E5AF1507CBE735B4D7EBFF1908EA0E1 775168 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-10-16 15:44:12 EEC80B8BF5B050D04DDCD88D03C9A771 59904 ----a-w- C:\Windows\Sysnative\wups.dll 2014-10-16 15:44:12 9FDD8CD31F3FBA88F050318F32D640E2 3448320 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2014-10-16 15:44:12 6D3FB811007A5330C6D85E182BCDFC85 839680 ----a-w- C:\Windows\Sysnative\wuapi.dll 2014-10-16 15:44:12 5E89EC6165E545B77122227E1DFFA23A 54752 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2014-10-16 15:44:12 23C814333BDA6B07248E6E865D91B728 1702400 ----a-w- C:\Windows\Sysnative\wucltux.dll 2014-10-16 15:44:12 1D66D0788D7A398B4BF9030C45B5F71C 50688 ----a-w- C:\Windows\Sysnative\wups2.dll 2014-10-16 15:44:12 1A941A83126E35782401E43C84FC90C7 388608 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2014-10-16 15:44:12 094D5D55C02FA2547A0B46A0ABC629D5 137728 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2014-10-16 15:44:11 65297383420B2C09A7D2838C76106CEE 93696 ----a-w- C:\Windows\Sysnative\wudriver.dll 2014-10-16 15:44:11 35D45C2646794C66EAAD8FE11944A714 35328 ----a-w- C:\Windows\Sysnative\wuapp.exe 2014-10-16 15:44:04 F782575495709CD79F1A15EFD11D51E3 76288 ----a-w- C:\Windows\Sysnative\packager.dll 2014-10-16 15:43:56 25EE65F2FA154EDED0E87354311FB1E2 590336 ----a-w- C:\Windows\Sysnative\rastls.dll 2014-10-16 15:43:51 34A16F6F9546595952C65003D9A4B474 21195616 ----a-w- C:\Windows\Sysnative\shell32.dll 2014-10-16 15:43:50 1676B06421492B439A9E60C55692A921 8757760 ----a-w- C:\Windows\Sysnative\Windows.UI.Search.dll 2014-10-16 15:43:48 8A522BBE4E06586C57E5D9DC50FB88B0 6649344 ----a-w- C:\Windows\Sysnative\mstscax.dll 2014-10-16 15:43:47 57CA779C19C2F224BE0C5EFC40F54B60 4758528 ----a-w- C:\Windows\Sysnative\SyncEngine.dll 2014-10-16 15:43:46 5053FE9043FB84D71B04EFC7D5DA13CF 1710184 ----a-w- C:\Windows\Sysnative\ntdll.dll 2014-10-16 15:43:46 37C1CBCB3F420C754E86E3EC313D436D 1112512 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2014-10-16 15:43:46 10CE7F7704E293F6CC6E0AF51DBFD95A 1106432 ----a-w- C:\Windows\Sysnative\SearchFolder.dll 2014-10-16 15:43:45 FD4EA8E9232ADD51DC31C295DDEF2768 287744 ----a-w- C:\Windows\Sysnative\SystemEventsBrokerServer.dll 2014-10-16 15:43:45 ACFEE9487693C2BD573DFCA71D98E17C 914432 ----a-w- C:\Windows\Sysnative\iphlpsvc.dll 2014-10-16 15:43:45 ABB028BAB78E7B4AFE374F8246F6CCB6 359424 ----a-w- C:\Windows\Sysnative\Wldap32.dll 2014-10-16 15:43:45 30293301B14D0D11D086B09831F5FE0D 920064 ----a-w- C:\Windows\Sysnative\WSShared.dll 2014-10-16 15:43:45 2ECA23663D13100032E09062C743C70D 1507648 ----a-w- C:\Windows\Sysnative\propsys.dll 2014-10-16 15:43:44 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\Windows\Sysnative\SkyDrive.exe 2014-10-16 15:43:44 E325BCD68EC0CF2E2EDD0AB7CC17C698 267776 ----a-w- C:\Windows\Sysnative\bisrv.dll 2014-10-16 15:43:44 73F269436228D5625E83A1EAF3549F58 118272 ----a-w- C:\Windows\Sysnative\httpprxm.dll 2014-10-16 15:43:44 66CBCDDEF429E5BA83C3288EEB0771A6 717824 ----a-w- C:\Windows\Sysnative\SkyDriveTelemetry.dll 2014-10-16 15:43:44 0DD29E5328436D51517316CD6D3BACCA 286208 ----a-w- C:\Windows\Sysnative\pcsvDevice.dll 2014-10-16 15:43:43 B6F423906D3E10BE38C16726C0905033 388729 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml 2014-10-16 15:43:43 5D4A403DAE434FBA11779496EAFBDDE8 75776 ----a-w- C:\Windows\Sysnative\adhsvc.dll 2014-10-16 15:43:43 36F977EDAE6CEE96CE6409B2B16765B4 290816 ----a-w- C:\Windows\Sysnative\ProximityService.dll 2014-10-16 15:43:43 3014CE5846A486C624E3E2CEB8C3290C 286208 ----a-w- C:\Windows\Sysnative\SkyDriveShell.dll 2014-10-16 15:43:26 6F338144D6C1115C9901024F5CFFDC87 275968 ----a-w- C:\Windows\Sysnative\generaltel.dll 2014-10-16 15:43:26 668D58194CF9C9550C5433B5C210E996 678400 ----a-w- C:\Windows\Sysnative\aepdu.dll 2014-10-16 15:43:25 D46FD43F65070EAA744F2AEC0B7F2405 527360 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-10-16 15:43:10 A00B916CD6A67984257DC53052350219 2646016 ----a-w- C:\Windows\Sysnative\authui.dll 2014-10-16 15:43:10 7667B9D81EA8FD6540E6CF72F92161A6 109568 ----a-w- C:\Windows\Sysnative\appinfo.dll 2014-10-16 15:43:10 4C3A631A721A49324715717535633002 2779648 ----a-w- C:\Windows\Sysnative\msi.dll ====== C:\Windows\Sysnative\drivers ===== 2014-10-16 15:43:47 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-10-16 15:43:44 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-10-15 20:48:43 E16E2431516D904CED3946AD3FF8C86B 854 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-10-15 20:48:43 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-10-15 20:48:43 7846ED59291A134CC5DD017C6EC7B433 8222 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-10-18 16:05:35 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\acer\AppData\Roaming ====== ====== C:\Users\acer ====== 2014-10-19 09:12:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\acer\Desktop\RSITx64.exe ====== C: exe-files == 2014-10-19 09:12:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\acer\Desktop\RSITx64.exe 2014-10-18 17:34:21 5A5CB2FE853550CD47CAEF45DB07943D 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3250906126-519606885-1821637850-1001\$I5SJUG8.exe 2014-10-18 17:27:22 C4079248037E7BB6169AA1BE3D83ABC8 205824 ----a-w- C:\$Recycle.Bin\S-1-5-21-3250906126-519606885-1821637850-1001\$ROECT5Z\proxyfix.exe 2014-10-18 16:05:35 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\acer.exe 2014-10-18 16:04:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$Recycle.Bin\S-1-5-21-3250906126-519606885-1821637850-1001\$R5SJUG8.exe 2014-10-18 11:45:49 2B3450786DF9A6FDE09D34F16B349681 3886816 ----a-w- C:\Users\acer\AppData\Local\Temp\uninstall.exe 2014-10-17 18:45:53 F2B359B8FA241B3E9B7340E4DE5B09CF 3886816 ----a-w- C:\Windows\SysWOW64\uninstall.exe 2014-10-16 15:46:44 743DE31CDA4A16551F4F5F8A006E7295 1408472 ----a-w- C:\Windows\Camera\Camera.exe 2014-10-16 15:45:24 8A120D686685E02B5D8760C723E890B4 810640 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-10-16 15:45:24 0B219DF6F397F076BC4DF0249156D010 812688 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-10-16 15:45:23 C876F8303AA30481A36FE2AACDE77671 483840 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-10-16 15:45:23 53E24F2DB97EFAF85FE093AA254790EC 470528 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-10-16 15:45:23 29C0530E0F120AC3E583889DCD6A63DD 710656 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-10-16 15:44:12 5E89EC6165E545B77122227E1DFFA23A 54752 ----a-w- C:\Windows\System32\wuauclt.exe 2014-10-16 15:44:11 FBC21212942F17DBA0A66C93ADC23F59 31232 ----a-w- C:\Windows\SysWOW64\wuapp.exe 2014-10-16 15:44:11 35D45C2646794C66EAAD8FE11944A714 35328 ----a-w- C:\Windows\System32\wuapp.exe 2014-10-16 15:43:44 F58FBEA392B663B936E62939A877CA80 1120768 ----a-w- C:\Windows\System32\SkyDrive.exe 2014-10-16 15:43:25 D43F34B4901C499FE13798149879DCD8 161960 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe === C: other files == 2014-10-18 17:33:47 4F725203669BB2461016519956268C21 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3250906126-519606885-1821637850-1001\$ITG3IXO.zip 2014-10-18 17:09:10 2D9A27911C7209D31767D912FBF253EC 150281 ----a-w- C:\$Recycle.Bin\S-1-5-21-3250906126-519606885-1821637850-1001\$RTG3IXO.zip 2014-10-16 15:55:45 9F31630D7FC2DD9D5DA1CE359AAD1F46 1148120 ----a-w- C:\Windows\System32\drivers\NISx64\1506000.020\symefa64.sys 2014-10-16 15:55:45 5570A74FF9B1EFBC5154DD1E2F05C517 593112 ----a-w- C:\Windows\System32\drivers\NISx64\1506000.020\symnets.sys 2014-10-16 15:55:45 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1506000.020\symelam.sys 2014-10-16 15:55:44 E163E10191958FF6A2B0B48353F9E9FD 876248 ----a-w- C:\Windows\System32\drivers\NISx64\1506000.020\srtsp64.sys 2014-10-16 15:55:44 68E7B6708B9EEE021301C483825D05EA 37592 ----a-w- C:\Windows\System32\drivers\NISx64\1506000.020\srtspx64.sys 2014-10-16 15:55:44 5C9EE2303CA7F267665D75237862B39C 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1506000.020\symds64.sys 2014-10-16 15:55:44 2C95265BE19F338E1C1090E4E91055BB 266968 ----a-w- C:\Windows\System32\drivers\NISx64\1506000.020\ironx64.sys 2014-10-16 15:55:44 0510396A957E9FD7205BA62D3CAE4528 162392 ----a-r- C:\Windows\System32\drivers\NISx64\1506000.020\ccsetx64.sys 2014-10-16 15:47:21 C2BBFC3872442092AD2260F564AB9AD9 4183040 ----a-w- C:\Windows\System32\win32k.sys 2014-10-16 15:43:47 87F3713E620F62D243A82B3CB66CBDDE 2498880 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-10-16 15:43:44 329FEB41BBE82FBBD9BD69547BA1CB82 428864 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-10-15 20:48:43 97E11C50CE52277B377396EA8838E539 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2014-10-15 20:48:42 20F758E6339A16F97DD83389D582E09A 23568 ----a-r- C:\Windows\ELAMBKUP\SYMELAM.SYS ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3250906126-519606885-1821637850-1001\Software\Microsoft\Windows\CurrentVersion\Run] "AcerCloud"="C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe startup" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "AppSafe"="C:\Program Files (x86)\AppSafe\AppSafe.exe" "Google Update"="C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\acer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AcerCloud"="C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe startup" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" "AppSafe"="C:\Program Files (x86)\AppSafe\AppSafe.exe" "Google Update"="C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google+ Auto Backup"="C:\Users\acer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe /autostart" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Folders ====================== 2014-04-25 18:31:15 1286 ----a-w- C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\AppCloudUpdater.job --a-------- C:\Users\acer\AppData\Roaming\APPCLO1\UPDATE1\UPDATE1.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-04-2014 16:39] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-04-2014 16:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3250906126-519606885-1821637850-1001UA.job --a-------- C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe [17-05-2014 19:16] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\AppCloudUpdater" [C:\Users\acer\AppData\Roaming\APPCLO~1\UPDATE~1\UPDATE~1.EXE] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3250906126-519606885-1821637850-1001Core" [C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3250906126-519606885-1821637850-1001UA" [C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"] "C:\Windows\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5CFACF31-2E6E-4479-A05C-7D75295E803D}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{EA0C424A-CE2B-4A8F-8670-365168DB2BDE}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\SymErr.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn" [18-10-2014 19:29] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iikflkcanblccfahdhdonehdalibjnif - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20-09-2014 10:52] Google Docs - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Norton Identity Safe - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif Norton Security Toolbar - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Google Wallet - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://nl.search.yahoo.com/?type=501549&fr=spigot-yhp-ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{655C6F88-424F-4F3B-948E-F831D7C94EB1}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{655C6F88-424F-4F3B-948E-F831D7C94EB1}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {F3744891-35DE-4B2E-B5AC-1293604A5FC1} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3250906126-519606885-1821637850-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F3744891-35DE-4B2E-B5AC-1293604A5FC1} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:55149;https=127.0.0.1:55149" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll O4 - HKCU\..\Run: [AcerCloud] "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" O4 - HKCU\..\Run: [AppSafe] C:\Program Files (x86)\AppSafe\AppSafe.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\acer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Update WiseEnhance - Unknown owner - C:\Program Files (x86)\WiseEnhance\updateWiseEnhance.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3927 folders=139 366356920 bytes) ==== Empty Temp Folders ====================== C:\Users\acer\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\acer\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\acer\AppData\Local\Pokki\analytics.db" not found "C:\Users\acer\AppData\Local\Pokki\engine_update.db" not found "C:\Users\acer\AppData\Local\Pokki" not found ==== EOF on zo 19-10-2014 at 19:50:00,30 ======================