sites openen ongevraagd

[ilssxx]

hallo! sinds een tijdje openen sites ongevraagd als ik op iets klik. Dit gebeurd alleen als ik al op internet zit en het is zeer irritant. Ik zag dat ik via Hijackthis een scan moest doen, dit heb ik gedaan en de volgende logcode kwam eruit;

 

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 19:51:47, on 2-2-2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

 

 

Boot mode: Normal

 

Running processes:

C:\Windows\PLFSetI.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Norman\Npm\Bin\zlhh.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52

O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe

O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe

O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe

O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 12908 bytes

 

 

 

Kan iemand me helpen?

 

Groetjes, Ilse

[iEscape]

@ ilssxx,

 

 

Uw topic is verplaatst naar het forum-onderdeel Bestrijding malware & virussen.

 

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
• RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de instructievideo.

2 februari 2015 aangepast door iEscape

[ilssxx]

Logfile of random's system information tool 1.10 (written by random/random)

Run by Gebruiker at 2015-02-03 19:40:21

Microsoft Windows 7 Home Premium  Service Pack 1

System drive C: has 154 GB (68%) free of 225 GB

Total RAM: 1783 MB (18% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:40:35, on 3-2-2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

 

Running processes:

C:\Windows\PLFSetI.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Norman\Npm\Bin\zlhh.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\Downloads\RSIT.exe

C:\Program Files (x86)\trend micro\Gebruiker.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52

O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe

O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe

O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe

O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 13611 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\MediaPlayersvideos  1.1-codedownloader.exe  /rawdata=NhTCOcuCSgj3INL1wd2u9xHJ7Drk9S0C2RZxMeaeEdfkzLRA5jIafhN1D8GEeQZfq+2lU7hwZypYR2SkmQAUBYcIM+DIVSpeJPk6N8JlhnQgnLBbu+4eBVY2NaHWetyvWf51FBN6/bkg3/twULK4t7ahXtJvlH+CTgxuhKIADEl1NmnaOitVtmKuGmymLxHsf+9WyzzAOlT7piJRmYTNLkmqwGqBA3wapMZoKVg50mseO0cYebx3apn8BL/oZUqR7GsmEjwltRx1GMcceAPw9+mZVeQu1HunrNjLRha+REQAC5qBhS10mh/onAz+e+USPoMxD8u8GwaDKmBRaeFNyBUpAQswWQzyNZ/tSwc5tZGIpUj8Vyz41nEZbJ3RXm9DqvFWUE0eJXnIugKzBu4V2VW9C88LWf0CXvI7QQCaOWjb2Rle35R/RBwyq9nGAkSMFDaY5ScO+QAHYcx4ItnqiZJpFiWK9m9TsWBbapSak9xNmtxhQ2OT4hCB4KkQMCppLdrUpaJghAPeTT69ysXcAHUznmt0r3lP3amOpWfYcQ31Jkp5BODCHmtoOms4dstP60wRqfTdgZXHAaDHWAP7S5SSKqZbadqWh7JllkQklmW2GyY1T+dm2rG/MOAjREQlKMSAMna4lkfmdfLne1/4GPMv5M0NvB0VwbFicvLiVi8zbr8LBX2+sB2MdiADHykMBSkje8bCp+k1EMhMgE2cwp7denmxmnmxfOiqiLPlT3FpKHcaoxzl19+wdgT16OXodvF/n8obC+OOxgfuMAZh5CT6pR3UyGIwuGrqN9JK46/wtbAZiJ1cbzTTVJ+41PAth0ASsEuwiBuxHRSOm6ExbIAUsyqdlzHqgckUmp3t9PxSoQRGNy5VQU3vlN4IuhHe1IgneivxqTXuHmQWsXFiMsveBwF02z4hCUOFBOUcEJU9AfMw87BgbhcZ+1I/FVN3JUG9yXfOaha1j8CISWNikBoFHzeYuctJNS3HDJFYkwQ7PrEo0f89MFOZ9hVk2Ntxx/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeESXO3yeWFw0PRljIOO2UdlZJ7c9MyxL2loxfaaUKVy4n1SKwZWoGD+JGbyFvLwdv+WfFDbRzQD9oP7pE2HUbNF5ws9CJj4WrI/ze1H1CmI8s2DrvygMAb588D/gjaNZDmjDxmB+H8Gn9g4D68bkxJL15mkAnJtmyWeuwlEJwsvXKFrdguSTzNc4ZG6esWiCQVcTPHyGP6VG6nIyNST7NPeaDh3Wub2/Vlu1WxlJWsDwdIEKsUfcr46qS5lpJXZ3np4DHR2N9y/92aksNFo9hN5ytQp1n+UqrbvFg0Oq+l64GZPllvZ41vZ/kcS170JIeSnRTfMRRy48PSpKzVuKJb7r 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-11.exe  /rawdata=SfTelymPLKjQeInjPjHMVB8adOPlTqfh+BrWuFvREvb7E3F982S0Z1QCi8/MdHZW6Epj/yBFwLTM+h6UKjMnokp5goTZ4oBYeWflvDvyIc33rhCM/8u27JrkKvxSg+gTdU506c5mh81RNecqMh1/72v/nQ/kfm0VuJZop4yCYzRkNPaELKGl6zfSOG7/4iNm4ujaLvkxsg3l1rLFc/FrqrkQaZOrYxRpkPKvxr3nxrQjTSuNbGuwc4735EG9mDHn8QrkNDXx0Q3cVadCC8PNQv+bd/EslWBOk4mtroCFvpum4hVY0qd+53+7HSsi7vKlIT0eo4qCd1GyNiXqrJdIqID0IBmgecbGGMPq1iXe9krkwf1WlKoxAIxU3lbCfdrrkdh5UqIPO1N/1IVjof/hmkicGG6LHlO0wDVzuYLQPwHSUZT9SFLYqnCgTneAjP7EqBHHz3m4Job+NV+JkEB/IXuXYmSakfL5Bbxc6oyODx+atqrLd7PsYNa2hyAOMQxun2CoSoo09gWxrh7pQZcPrHrsAw+R2BFo7LDFmaw91lU+p6L1r8W1tWv1J3FQwOXXs0u+TqZ3f/Mz6qS98Y5JJTgFiVdmOyXfLGVjTlnGwKe6ARx/QXRT6xyovdasebUHfSskrFvUxRe8EFX/kxaF9vHhAn+tjScHwqmhFBkV2b/HU/SUOunBDv1IQxKA9zQZ9ksxeSdwqLikF64fIqvsYTXE7f/BgsJVxV4AmQKq3Li3IaNb7FQeUeUp1prgycFpJBrOaWvt5G1RI2cg+UobhXY+eAGeuH9n/c8Sr3xQkZNK/aZCKc7Z2QxgX7aIUY0rWX2dV3xrSZzEKh+4ckfL7mh61F8g/KBvWoP/MjF+CQTokEV2YhOV/QMMpYDD30H7l1FmiA+OUuqaCqefqXYlfviNbwiGpm1Hf1sjqwPZrg8ZNHlLatTv7e1xCnijoeHzFahQjThLW+jc9fUvsLjNmZiNuVkuvgeBhJsxP7U7n1CZUMJYyhQaPDC/84x5ThxpcC7H49l4zirf7rv7V3IbnU21UvFyqUjFuqbdNtQkZYqwqIQ4SL30X1DqNBEkZZw52JIHcqso8eWAdSGH3iTqQbRIjE5Q0Fo3QJmITIZpOP+meuuWaWnVMKMOHGzoaIk29V6xNewiQq+VRc2nuAY6DZPGaqm4QkJ0Yxmh77Y8QbGTU0SZssZJK9ySk/fDppTFsLdW2BSQu+ld1KenFlsYc2I7CNRCs5jtz3nsqAQBrcVMYjOdG9gqnUS+Uu07fjnBhCyGSVDdS7n8ZwC+BLMr15b/pyFhZl2PykSFxI/Mn0mbKRDTIvAXqZ+cNJfVyeKHFQJhRWYoi++mZO9mhB3Wc2FgAIilIg2zw+/SVNaQBFSKBPT6tEMamnLxltBxzohzhJOwOfTlrweL39uY2EgibteIYuv+JjpDqPXOR8770VwJt8nabs9m3RyeoDnSvoBc7G5Pxydx9lkQ1FXkuSPuo5Ncedq62buJ165WjNUis7BMc97th88DhtTfOc0Z2IgSQ0lCOH33UVuGuJNnVOrHNsKjjhryS6KBJ/W3N8xOfpGKL4TfS3BYRU3Cm4NdLhW78qJzF7HjD9ZwMOsPLfT9pqrwFbdUCsxUZ4GQY9kXt/1WihLlqquIGfEJSNB+q0nwzBWJnXzwUoiSSAuA7pKfhjBE5aMyp1ueetChK0Bv5TCpo+lyOHyWY7IoQ0Hznv5dmwFrzmhiVEHH1iAavOOenNe+0tsrC1FGfNQsL7gooVFQLMJ+2XtJLhkyDILb57l5voPwb+j5MVa2F3vcbX3rJmEM29X06yor4s50X26NUNANZbP79nweTIqKFD8/Dvn9EJWc7psyl+xfXSNjlZdbrLTpthxOeV7iNLfXU5//VQlOgKbsq5kEMWeDRiAgxCaf4Y+cS+T4RTVeUlka4imJXGjvtZA4Kdj/kcTph2FdGIi/SYSdfNQ95YZn+EMuFCZuXsHg2/L00nEYzG9k1lLIxa6jgrLShHARiwC/PiIm9nQLkDaK6M9LMhqU6djuxQ5ZcyLqVwcjNZQhZjAKEG+W2YEPoh8udeYJUdwGZzhiY7c8PLBHMfvLnv9xCO7thw+vqMGEcCdZLZyKdHnQVhEY+YXThmyab/CrNZpwNU/urb3bEuAq+DUecnX6ODske+MLnyrYR7Hlu8VxI9XbMEWZzjSkbvx8EHDobgzycEJb0wJDmWNJnm9noEQxNiBg5fhoHyX1j99rhE672W1Dt6D/pukU/Jo4PzPQ0dg+wSvL2WTsHKcd4ydHKnQHKWxHyHVtReIPBqQyj+7f5DBn46lNoNFUF+6Awimnyuxz7+hBS3AwgkR3vKn2wihOwfhgx3LWXBax960dprwOUTlbT65X5w== 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-3.exe  /rawdata=hSt/Tjz1y+M5kCYLUIJEuIS8O1j3vDGXPfkJOW5fb8Rn3XMoUuKAdoHB1ogKiTAzWrO6mOpuO0Oh7b+Pp1RtDuixXHflSNdm1O4ZMxDNnIVA93KXhZ7ui9lomhh59vprkz4uRepesoj0aiK2em5+kOGK/MXEYuKhx2LW9f/t2n6VnuIhX++NMPadKbMWVe96R52d+iDHj6NWev56kOQKMd9otQ+wN+vMntM3ftS4meaXLTJX7aheb/iry7d7NRgrVCun0QUJuuI397T/TaObu66BkWKXSb1nYLtvRAXspsFTIY5TjlYc5rORNoJyHkJ4e9GPyAPD4f1Tmc5vjfLzI0SU4dZuXTjKk2kopKiRD/YMIyCqcpyrKr3JljbirYYF8kmlMh9qB5gIJN5WQZ09Hu9RxoSMH09Ga9bPWjyfnTLnvyuo/EN4sUxzq4u55f/NsEA1w+1E0YWviqk6QaraySJuPj8bszuCtkSd56yFKrLxQ5c0qrQVU8UjC3iEiKvwWaD0Bo+3gRTaZviO+0i0sa49OxMl11yt8/IG30smfP26nZxz+MdQaKjx0YVRF6WUgOMi37KjrFo7a8YLHc7hlq3tXpmGYTou5V8sogg7Wob2PAx0Dl5vj8kceJPOhILLmJKAqHpyMsSS6dde2ZHTmh0i+WxmYJ3Gp/zeUgh0IbZb7qNMEU1nKAFw/BFmO/oXFZocLgeu2FmJvPcpW6pHGBnkiyBDvboQS9Xaqp+MSFouCEv6Nbbm01fTu1npfrYi7eVhGYFFH8DFV+YkO2MHjlSdj93rwUQRx63uz02Idua7KA6dzQG3mVs8a+ysMFShwDj7Q0FNsWRSzeNnQYykIH8FQUV/XYsvInA5LzPgIddswaU7m3BAga1Jp5ml6PqEnvrUED8nao8hVhDdAHxNKFQ4l4Lpptq3GP4RG/riFwPuuAeZgHUeeo7hTZIkEPzDt0acjcCjY5Sub0z04vTgM7lLsmxXoHZuSbsVJao3RhRo5ljfu6U/zvEcqc80lXo5x/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeES0fL23FL0vJKb9BmL5yv4+Unm75fCO+0rXfX+8WQcLpeFQYEygkN5upiW0K3I3q6hxMiRHjrLQQ9evjCiUj7iPyienFicXIpgVLC8whB1QYb9IUpS8IxNkgzPZUzzdRzuwvctSeToYtCW3ojkrOZPuKualfgUzwN5EzdtF99dJCn3Y/JEjCv453ivihSY/8QvUDtaLa/2fNQNRY+UEW3O/QW4EepNBGhQBDAzIbpKUv0C40m16frnYiIuqf/Bpb+J7ZzdB6LNAtzFdugULV4IJj5X9c/cfjcBi6GO48RhxtHKlEJFFdo8+ns0hikFtQxP6B9F1/zqGo7oFcKiebRfUUx4TbqpXDVz82puqaEP0iam/E9o5X4ered1O/1plOxceMU+A07pIdOwrpb8zQfCpI6ZMu8S4mgbxpkM2isBntA6NndcTyyxESKv1zvrq8m/Pahk5MrJc0BxYrz5sOyfo62mj4rI6oRa0jdPFI8rsuCwia33Qt57Tgqruvn/uvhiXJArFFMlb4eHXl600PBVP2/3hXQ0cT6hQfsHApfT6vL7cC6qEBOtXOGanJY4Ke+wU7k9Q6fj4mY4yfSjeIZ5wv4ZMfm1b3r6GVZ6Pehs0O0cFv3HKKNEsQofkJrh3LQ59cz1ByBeiS/6Vf0SUx1yz4oEtsnhghyDCziLgLTExMzQn4lylFJLFTXsBRtReb/ERhTNSUXSA6CRg8oFUG98lx0tUoWMVjpauTmRajL4qt7FRE8Cdw7/5Fsn7RiZCOSeKzrogJKAiVb9SYzFzWBs6hjSAlNwtBmNw7urrj2tG+qewGTc73doXuwAPXb1/Lw/bj2qajIyjN6EIOuYimhF1 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-4.exe  /rawdata=s6pRoYZDl3U4Al9NZJlT0nxu3KEP9e6g8Smp2s2TUUF6JnCGmGJW9N9+J+rGOmDrUZuqTl2p9scy72mzyc1gBOspYfUu4iL7KFR8C+Jr+kXNLLBFhNbxTttecK6qE41qr83QaJTpIdfpWyIC53YZOu6d4TAvf6OiaKy1GRM0M1J4wymL3v85m+189lTuKe37FFtU9+XGc4pwLyv2JU8mEvOW+Bli4PtOfGGjxLm3F6LHG1IxWi4vCdILnduB3mT07XdTOhNZuYW9cm2jI36OCKd/b9jui9AmKeflDTKsN6i0+36zIIio+FbVIJ0Uyk8MiRuTzmmWW/HzA5FUadttwzpsKkQ1nh3pO5z2pUEgFmkUCx5Pk+xHY5LRe6LcahTRonWXyCpUlhDytB8Cd/A3RW9eg6QSJmI3QFu+lrUOX7RYtgfC/m4zA2YA5x0B0tJJgmLgX2irkwB8f1b9o3JpMdua/QarqQUUJLUcFMc+xAlbErG1Oe8AAVygEVDCKe7pwqg2T/5dVml0LJdz75BC9KIJGapDH/0oO6CsP1mJVVZjRaZ03zDzitreHnYpnsM+IzSFuLd/RFVo4DiLDMhpgiegpECDLQNHfvbRw4M+a/YctgHf6LbzarSVVHcRO0ohv9fUXC96Y6tvGkZNd8ZASUFNdR3gUrnmtHQBy42lj0JFZJnvppitLFPd5L9bDdX6Not1i/mrwdhTcsxohb2hpgCYhA52OouVMZ1yjZW5N8b0FLQUIkrn3ia6a8jv3Y5p+nEnmDkg179OVZkYEx6blW+UZf5eL9vjihVk5W0mJAPKlhhFeGyk1Cst9DhwClFRFk6PFU1gQYI9VQB7olzssbPw5eEUjRZw2bRkTyJJcic+j3WY3j+U6BzHg1CsbAkuxCGm8ZiVsJs91Ii7BbSHwmk8Q9aV+9yvsYUD5aRtYhfjVbjojKh+jFALI2gvS8ELCml+5Dgsb/MZ/8kXHQ4q0dqTIrokIuUCHshvdEOD6EsOyn5cRIuwo1t0xExin4ZYGwnxnfLIu7hFFvLuSU4FtWtTXHr8bSpSEYsjB0NF8bTTx4iGa2BxhTVK5KH37Ne2PLghfvM62epF8DAkSR69wP6awyXckIPChA8AVlt6gll9x6dQ7S4tJ6mGIXmILpUPYJ9CUPkoTQuWJiq+3J6N7e113vDs9zJcb0KtbfLEGzMVHft/noUIZ6YBbal2s+uP+/BkUDRa9hDa+XhWKYuIJTCUbWsMHqDnjGQzs8on9cFtntsoIc36y+0z7oiC+DDRab1h08e93gYiPRGgyCdNm9L0AgC7p7jIyihX0gxZaI5TvItyg+22FqWCCmJ+NbmGuEW/rVtVRNRISuWcPfiTvCm9MYdvSqIzQELVnV8MCYLenc2XNu652GmvQiSOswoak//D7/tfMfM1/FEzZfwVU1rgQ77BOVt2wZw2MR3QsKy/82eOT+t9Z5pol7ScRPazxDwoZbrSWdWJN99c2HFkSgi/PYKTm3e5opoOb997YdTh/Oukf16O4ahdEb5zUwSsVI1g4wKNuajOTpuxN7B4hyZ9mjBTSbi3KBSuUK79bK2R3VtrNut5JHBPleTkb3s0TNIbJHDzps7bCV9fNV3+8daV/Wwp1Ni761cU3Mwj6XVVK8ytURbsf2FFTWtTh3kzv8lWWgqPp9BjVB0fC7uqAJB0rmjCWhV3xaHRedc8VcJG1GzMdk4sySnFyVauLntxaLNnXaBgcfhBnTb6JAwc/0UzjwzvsEUhbnnNrT0zFickui0kaXt2yr5NGhvH8qO43Ye0I8MKC3xQHv2gq9diadqIi/6R4u2Ake8vhT6pSfQVIbvsrUQYmtEfdVfaeoSReFGPOwywt1B7oSrxUcRpcrsfkxBfL/zRCqNHtloVd1mya7eyJwRt45pFI5Z79xyg0E841JFDBah9q4jwi+BqTaf0bm7gqfyWY8U+9LR94SBlTJ4zYqrBpDGnbi+kQOikFRZyJbuPVR/1B8AKfrxuz4ph3aTPcmsoHWzsLH5UV0+1vo65DS+fvjOu3rnViNjf 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe  /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1rMDVoJ7HoPUP0N4lkqqGeHqV8TL2eXXqN5DjUMVai5PsIFdDgcXxciXrNlvEVyShTUUvBtFnyW+O7kzbZHD7ybo6QaGFbILNDM+aQCY1DbqHlXlhu6uQLsOKTWHrYV1MuabYmT9rzXP7rtrDs7q4TPVYfoAhIWTaK6pRqUSFbInUO2UAVe4YphaT0okS/tpLeRIDNXklQPv9+y4VaQk3jXRsSguEVFLE/9Q7zOElfzHP5IscujjIFxvhx6s+rB/3AAqUw7BAhFgvu5VLzkQ9Hww2e31zOPp7vpW3Tu4xofMqkeCgvAdxIOBc1deVRORx7HJa3OVBKLHzWzwOXK2Xo= 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe  /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1PCYcXJDeE4wm97iuv66+guraKDEdIv1+bj9Jh+5xaVbD3n7yEskKh94M9bvNK1FqLAYp7wZKYiJJfIEgYyyB/cfA+QZSkbAxcP7Q/87hApgClSJetpn28PuaoqzG/YX4glrd11/Vh2m6nVBt4lo0Sqqewkrt/OO2W7pzlUxw+JbyBXnkHmqh8Hw0ys4gHOtoCbRlQ/hCgqzNgesdlAeNvrDzRsa0YcZO03R/eWu0QFp5M6LS4oI1G0Vwo9OmyozmpwfOHO5L73+2+YyMJ7STlqBuCw0O6aGFqFLXwhuDvlFFi5R0EUrivQZTCuW/dNAYDw19dR/vY4DHuo/7oqo18= 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-7.exe  /rawdata=Ukf4E/fC43JLK0NmaL1ycDdfknrWlMIP9oNfuF6yxaPD/kvm3Gj/ybMogb4zizZTOWYcNwEoxPJhMi421Kiae2alth6COWGXfKjSNvY+MErydjivWlV2ujVevRKlNoSY2Jj+ChhTOEB6ydwFxX44YmOR663n7mKE9lUPO4+Nj65Nbl4nPjTRiYagmprPQVjNHMpMm+zlSW9PgZ/D4/RWNxQwiDKf+5uJXUEtDbAafZgXjMEbYbkZujIDtajz2H59cpfJtBFVUCkXvS5PWhMj9lRd3FiFXXpuch/eZptE4kqAxnMipfv5rX+h1lzFkBXXOnv1nH3el8ZOGy/kRhzhrxRYAae9c4nBR1ib805a7gpFJEH0SA79APOxmMwrLkSLetORQwk+96NnYd+Loqyt32uriK54c9uPiRyZbFqHP9y7vJaFoas088fIwPb5PTsd1/4rXX0cu0SNFVz0GQtmjpdaf9gDR/+usYz78SADe3xrFYaCAAfPcS0PRLlLhJf0w+dKc30DBnvqtzrCde3iqKkBIbpUt7gZtvJJIvxDC7ll6Rfx2ugQBgdfOx91Ma7j3cvrctsJ9oiDUPEMyV57hfbNyqmqNEBk6KkTXWmpsS6ex6xpXrmifdB/KxDEs/XnM/WU5v74YrGy5jFg2RSdMQmFpV93B2YfMo4YC/2tTLexmKQ//e0fkUZ2nJ1D4jdJYsCHbOe/qCHNxQKqrdlzjU/mIfOXHtXL7aqCFf5/bo+K++/pYtO7K00tHae6wV4sbqMpBORlaJaZEZo0K4gbVKAyGkDNhbkN56CTrj0IrnA2m4NfsAJ7E+h2vnVi8uQwp9hO073rrz7xM1pSU/0n1Z3SDowEM7+TMbMoIgWZVEOi/Sa9adeopDIUx29r8DoD8DhsrDjWi8a7pq3ebec9FOUH15GCDcl+YQ8JcKmOVvUNnMLYiO2OGCmqOw3KRDGFUAhmAYwh89oCqVZKhRIptnaXF0MQ4QBMcbrj8/lIueonoyaMdBhgJ6/0VBASnQGGDMCY94bWjDlnrWPSJc5VuP/nMLGKUVMwvcAvFGbjLu/wGuTTUlzd+ivSd299q5r+/v7GMNdVnv47kmGLTqlUtKLCqV3wmhB5fH0sZYynUDAdAYveqoUlUd3fAdLMgMJKLzOg+NToanJs7OYveQNw1DTeyh3HOX/53VEmMu9V+fSMuoLag6oy48abXCXV6L0gujmK7LEV83FYIFNpAOxfBBRmUL2A5itoyonJwjJocAvLz518lh07uFkH/Pr8T5OidQmJ/c7F2nBRYfKVg+zwKfC6NPB9I1eG1P+fYsCVusGkcnYK98K8JlkEo9raQ4RWqf0zXjrPCTbGOdQo1mhMdCs8ZZSlF2LPWsnIFAFVtdnTnRrq7rl6MxhVR5POVViABsbST+JpGneTBxR5hhKQMHdDPlH45T2+1OgOlf9mRQRrV2NmxUPolHaZR8ESNjSvvhU/DrM8ZTOaTlhM37xyR27zA0iwyIb6cpMpS6QPnLMapO4cvM1mw6BjO+Q4JxraIORgvFAZ1hOfzXzSIJ51+Dn6a9qQI2KKGMaD4eJNsPd+Jpdnq8SNtkbhuHfA298HLhmAsowaQG8dwOWweSUnt+/Jy8chwkMq0UnS65Dm5fuKdHcBNNpg3M5kb5179dGvWXasqhxQV7HtMb9cJ/QztHrGsD91rj0OLZTxPXtX73CMt9TpgZiWFQS1xf3P0wdDOrggIyamK2PONSGlIWgRDcEMeNee2bR/uKr/V9Tf5mNAwucUmUWCZsNmMx3b2aPfKPPUlEWP+ZmijrIH0eHzEcGNb5B17xRW5/lDtzIQ5DPn9eMb2bODuEmQG1F1rM5eti+LNVyPXqkR6/L96ZX5B3+ApzF3+xp28wr6IHQpoeqFVZnmmtXwMFnAT0S1iZk6Y452tkwdEPzLV5wTf3K8zkYhYLWv2SlFBqv+X14hmbFcdmj5ljT4b70sJEhjSjQLrWNjwf7x3XLMOeXCeraJkaz0H98xJWGFPt6YGBTzgIgvigekIvxH1DKy1b1VZqtTfjW/y6Q4M/3vZzuWg98C/h04Vrq4NRsZdDv7h61w0+ibyI4jpG77OCAqJDpM5GK62dG6p5C8wC0m9Uab0S9zvDUsEpETp/lsOee4sTmoGe489zfl87QepBxAyxcKW3RQFfUeyOk207TV0Zey2pzjk72DaO/Jq5x7v+kED3TSbfmAQd/9mF50oEtudBridkaSbqEU9dxc9nk5rFBVLPALA2VuJXkPdvk0x+e24tU7+16jbRb9Hp6iRX2k310SPsxCmuP/Jc+z9/+wkMHR4laIuTADhm1q5/V36bxolOlFZdJYAMW+7/cB+Kza7KhUe+byLc4w3RO5teCAVweHb2a0l0c9W3iyhqw0iTGPKht9v512uKrxlFXYGQBAzEu+z+C2nVSBVKqaTNDods8M5eSGBMSHgpgxh6V1d63c4thnExtAeoAmTwUAFgstKdPTw5M+3bq+MQQqkgd/ZFIRTl+XYuZNIOUimPVUGT5DOTYFcaruwzBr7Fc8ecpZgg0jkwO0 

C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-01 194504]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]

"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]

"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]

"Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-28 39408]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

DesktopDock.lnk - C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"msacm.siren"=sirenacm.dll

 

======File associations======

 

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Windows\System32\WScript.exe" "%1" %*

.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

 

======List of files/folders created in the last 1 month======

 

2015-02-03 19:40:23 ----D---- C:\Program Files (x86)\trend micro

2015-02-03 19:40:21 ----D---- C:\rsit

2015-01-15 12:22:54 ----A---- C:\Windows\SysWOW64\nlaapi.dll

2015-01-15 12:22:54 ----A---- C:\Windows\SysWOW64\ncsi.dll

2015-01-15 12:20:21 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-15 12:20:19 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-15 12:20:16 ----A---- C:\Windows\SysWOW64\srclient.dll

 

======List of files/folders modified in the last 1 month======

 

2015-02-03 19:40:29 ----D---- C:\Windows\Temp

2015-02-03 19:40:23 ----RD---- C:\Program Files (x86)

2015-02-03 17:50:56 ----A---- C:\Windows\SysWOW64\log.txt

2015-02-02 19:14:08 ----SHD---- C:\System Volume Information

2015-01-26 22:59:01 ----D---- C:\Windows\SysWOW64

2015-01-26 22:58:42 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-22 11:44:16 ----D---- C:\Windows\winsxs

2015-01-22 11:41:34 ----D---- C:\Windows\System32

2015-01-21 11:26:41 ----D---- C:\Windows\Tasks

2015-01-21 11:25:19 ----D---- C:\Program Files (x86)\MediaPlayersvideos  1.1

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs64.sys [2014-06-27 23488]

R1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [2014-08-27 41536]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [2014-10-15 68792]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []

R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2014-06-04 138232]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys []

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []

S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]

R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824]

R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\npm\bin\nfservice.exe [2014-11-03 194536]

R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-01-08 306360]

R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664]

R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032]

R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2014-12-03 261456]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]

R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2014-11-27 401560]

R2 NVOY;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\Nvoy.exe [2013-06-27 246560]

R2 NWSCMON;Norman WSC Monitor Service; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [2014-08-05 231008]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]

R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080]

R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 199680]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26 267440]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

 

-----------------EOF-----------------

[ilssxx]

sorry, had 32 gedaan maar moest 64, dit is de goede;

 

Logfile of random's system information tool 1.10 (written by random/random)

Run by Gebruiker at 2015-02-03 19:46:50

Microsoft Windows 7 Home Premium  Service Pack 1

System drive C: has 154 GB (68%) free of 225 GB

Total RAM: 1783 MB (22% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:46:55, on 3-2-2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

 

Running processes:

C:\Windows\PLFSetI.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Norman\Npm\Bin\zlhh.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\Gebruiker.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52

O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe

O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe

O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe

O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 13566 bytes

 

======Listing Processes======

 

 

 

\SystemRoot\System32\smss.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

"C:\Program Files\Norman\npm\bin\nfservice.exe"

"C:\Program Files\Norman\nse\bin\nseupdatesvc.exe"

"C:\Program Files\Norman\nvc\bin\nvcsvc.exe"

"C:\Program Files\Norman\Npm\Bin\Nvoy.exe"

"C:\Program Files\Norman\Ngs\Bin\Nnf.exe"

"C:\Program Files\Norman\Ngs\Bin\Nprosec.exe"

"C:\Program Files\Norman\Npm\Bin\nwscmon.exe"

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files\Norman\Npm\Bin\Zanda.exe"

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"

"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"

"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"

"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"

"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"

"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

"taskhost.exe"

WLIDSvcM.exe 2284

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Windows\System32\igfxtray.exe" 

"C:\Windows\System32\hkcmd.exe" 

"C:\Windows\System32\igfxpers.exe" 

C:\Windows\system32\igfxsrvc.exe -Embedding

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Windows\PLFSetI.exe" 

"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" 

"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe" 

C:\Windows\system32\igfxext.exe -Embedding

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" 

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" 

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 

"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

"C:\Program Files (x86)\Launch Manager\LManager.exe" 

"C:\Program Files\Norman\Npm\Bin\zlh.exe" /LOAD /SPLASH

C:\Windows\system32\SearchIndexer.exe /Embedding

"C:\Program Files (x86)\iTunes\iTunesHelper.exe" 

"C:\Program Files\Norman\Npm\Bin\zlhh.exe" /LOAD /NOSPLASH

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"

"C:\Program Files (x86)\Launch Manager\LMworker.exe"

"C:\Program Files\Norman\Npm\Bin\scheduler.exe"

"C:\Program Files\Norman\Npm\Bin\Njeeves2.exe"

"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\System32\svchost.exe -k secsvcs

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"taskhost.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3616.0.573647074\1607779941" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.5.1510707224\1876757486" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.8.1432194602\1240662563" /prefetch:673131151

 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SHA1ToolbarUIJune2016/Warning/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.17.1720419564\1600921293" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3616.19.2123103934\962073992" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\sppsvc.exe

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 

"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 

"C:\Users\Gebruiker\Downloads\RSITx64.exe" 

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\MediaPlayersvideos  1.1-codedownloader.exe  /rawdata=NhTCOcuCSgj3INL1wd2u9xHJ7Drk9S0C2RZxMeaeEdfkzLRA5jIafhN1D8GEeQZfq+2lU7hwZypYR2SkmQAUBYcIM+DIVSpeJPk6N8JlhnQgnLBbu+4eBVY2NaHWetyvWf51FBN6/bkg3/twULK4t7ahXtJvlH+CTgxuhKIADEl1NmnaOitVtmKuGmymLxHsf+9WyzzAOlT7piJRmYTNLkmqwGqBA3wapMZoKVg50mseO0cYebx3apn8BL/oZUqR7GsmEjwltRx1GMcceAPw9+mZVeQu1HunrNjLRha+REQAC5qBhS10mh/onAz+e+USPoMxD8u8GwaDKmBRaeFNyBUpAQswWQzyNZ/tSwc5tZGIpUj8Vyz41nEZbJ3RXm9DqvFWUE0eJXnIugKzBu4V2VW9C88LWf0CXvI7QQCaOWjb2Rle35R/RBwyq9nGAkSMFDaY5ScO+QAHYcx4ItnqiZJpFiWK9m9TsWBbapSak9xNmtxhQ2OT4hCB4KkQMCppLdrUpaJghAPeTT69ysXcAHUznmt0r3lP3amOpWfYcQ31Jkp5BODCHmtoOms4dstP60wRqfTdgZXHAaDHWAP7S5SSKqZbadqWh7JllkQklmW2GyY1T+dm2rG/MOAjREQlKMSAMna4lkfmdfLne1/4GPMv5M0NvB0VwbFicvLiVi8zbr8LBX2+sB2MdiADHykMBSkje8bCp+k1EMhMgE2cwp7denmxmnmxfOiqiLPlT3FpKHcaoxzl19+wdgT16OXodvF/n8obC+OOxgfuMAZh5CT6pR3UyGIwuGrqN9JK46/wtbAZiJ1cbzTTVJ+41PAth0ASsEuwiBuxHRSOm6ExbIAUsyqdlzHqgckUmp3t9PxSoQRGNy5VQU3vlN4IuhHe1IgneivxqTXuHmQWsXFiMsveBwF02z4hCUOFBOUcEJU9AfMw87BgbhcZ+1I/FVN3JUG9yXfOaha1j8CISWNikBoFHzeYuctJNS3HDJFYkwQ7PrEo0f89MFOZ9hVk2Ntxx/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeESXO3yeWFw0PRljIOO2UdlZJ7c9MyxL2loxfaaUKVy4n1SKwZWoGD+JGbyFvLwdv+WfFDbRzQD9oP7pE2HUbNF5ws9CJj4WrI/ze1H1CmI8s2DrvygMAb588D/gjaNZDmjDxmB+H8Gn9g4D68bkxJL15mkAnJtmyWeuwlEJwsvXKFrdguSTzNc4ZG6esWiCQVcTPHyGP6VG6nIyNST7NPeaDh3Wub2/Vlu1WxlJWsDwdIEKsUfcr46qS5lpJXZ3np4DHR2N9y/92aksNFo9hN5ytQp1n+UqrbvFg0Oq+l64GZPllvZ41vZ/kcS170JIeSnRTfMRRy48PSpKzVuKJb7r 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-11.exe  /rawdata=SfTelymPLKjQeInjPjHMVB8adOPlTqfh+BrWuFvREvb7E3F982S0Z1QCi8/MdHZW6Epj/yBFwLTM+h6UKjMnokp5goTZ4oBYeWflvDvyIc33rhCM/8u27JrkKvxSg+gTdU506c5mh81RNecqMh1/72v/nQ/kfm0VuJZop4yCYzRkNPaELKGl6zfSOG7/4iNm4ujaLvkxsg3l1rLFc/FrqrkQaZOrYxRpkPKvxr3nxrQjTSuNbGuwc4735EG9mDHn8QrkNDXx0Q3cVadCC8PNQv+bd/EslWBOk4mtroCFvpum4hVY0qd+53+7HSsi7vKlIT0eo4qCd1GyNiXqrJdIqID0IBmgecbGGMPq1iXe9krkwf1WlKoxAIxU3lbCfdrrkdh5UqIPO1N/1IVjof/hmkicGG6LHlO0wDVzuYLQPwHSUZT9SFLYqnCgTneAjP7EqBHHz3m4Job+NV+JkEB/IXuXYmSakfL5Bbxc6oyODx+atqrLd7PsYNa2hyAOMQxun2CoSoo09gWxrh7pQZcPrHrsAw+R2BFo7LDFmaw91lU+p6L1r8W1tWv1J3FQwOXXs0u+TqZ3f/Mz6qS98Y5JJTgFiVdmOyXfLGVjTlnGwKe6ARx/QXRT6xyovdasebUHfSskrFvUxRe8EFX/kxaF9vHhAn+tjScHwqmhFBkV2b/HU/SUOunBDv1IQxKA9zQZ9ksxeSdwqLikF64fIqvsYTXE7f/BgsJVxV4AmQKq3Li3IaNb7FQeUeUp1prgycFpJBrOaWvt5G1RI2cg+UobhXY+eAGeuH9n/c8Sr3xQkZNK/aZCKc7Z2QxgX7aIUY0rWX2dV3xrSZzEKh+4ckfL7mh61F8g/KBvWoP/MjF+CQTokEV2YhOV/QMMpYDD30H7l1FmiA+OUuqaCqefqXYlfviNbwiGpm1Hf1sjqwPZrg8ZNHlLatTv7e1xCnijoeHzFahQjThLW+jc9fUvsLjNmZiNuVkuvgeBhJsxP7U7n1CZUMJYyhQaPDC/84x5ThxpcC7H49l4zirf7rv7V3IbnU21UvFyqUjFuqbdNtQkZYqwqIQ4SL30X1DqNBEkZZw52JIHcqso8eWAdSGH3iTqQbRIjE5Q0Fo3QJmITIZpOP+meuuWaWnVMKMOHGzoaIk29V6xNewiQq+VRc2nuAY6DZPGaqm4QkJ0Yxmh77Y8QbGTU0SZssZJK9ySk/fDppTFsLdW2BSQu+ld1KenFlsYc2I7CNRCs5jtz3nsqAQBrcVMYjOdG9gqnUS+Uu07fjnBhCyGSVDdS7n8ZwC+BLMr15b/pyFhZl2PykSFxI/Mn0mbKRDTIvAXqZ+cNJfVyeKHFQJhRWYoi++mZO9mhB3Wc2FgAIilIg2zw+/SVNaQBFSKBPT6tEMamnLxltBxzohzhJOwOfTlrweL39uY2EgibteIYuv+JjpDqPXOR8770VwJt8nabs9m3RyeoDnSvoBc7G5Pxydx9lkQ1FXkuSPuo5Ncedq62buJ165WjNUis7BMc97th88DhtTfOc0Z2IgSQ0lCOH33UVuGuJNnVOrHNsKjjhryS6KBJ/W3N8xOfpGKL4TfS3BYRU3Cm4NdLhW78qJzF7HjD9ZwMOsPLfT9pqrwFbdUCsxUZ4GQY9kXt/1WihLlqquIGfEJSNB+q0nwzBWJnXzwUoiSSAuA7pKfhjBE5aMyp1ueetChK0Bv5TCpo+lyOHyWY7IoQ0Hznv5dmwFrzmhiVEHH1iAavOOenNe+0tsrC1FGfNQsL7gooVFQLMJ+2XtJLhkyDILb57l5voPwb+j5MVa2F3vcbX3rJmEM29X06yor4s50X26NUNANZbP79nweTIqKFD8/Dvn9EJWc7psyl+xfXSNjlZdbrLTpthxOeV7iNLfXU5//VQlOgKbsq5kEMWeDRiAgxCaf4Y+cS+T4RTVeUlka4imJXGjvtZA4Kdj/kcTph2FdGIi/SYSdfNQ95YZn+EMuFCZuXsHg2/L00nEYzG9k1lLIxa6jgrLShHARiwC/PiIm9nQLkDaK6M9LMhqU6djuxQ5ZcyLqVwcjNZQhZjAKEG+W2YEPoh8udeYJUdwGZzhiY7c8PLBHMfvLnv9xCO7thw+vqMGEcCdZLZyKdHnQVhEY+YXThmyab/CrNZpwNU/urb3bEuAq+DUecnX6ODske+MLnyrYR7Hlu8VxI9XbMEWZzjSkbvx8EHDobgzycEJb0wJDmWNJnm9noEQxNiBg5fhoHyX1j99rhE672W1Dt6D/pukU/Jo4PzPQ0dg+wSvL2WTsHKcd4ydHKnQHKWxHyHVtReIPBqQyj+7f5DBn46lNoNFUF+6Awimnyuxz7+hBS3AwgkR3vKn2wihOwfhgx3LWXBax960dprwOUTlbT65X5w== 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-3.exe  /rawdata=hSt/Tjz1y+M5kCYLUIJEuIS8O1j3vDGXPfkJOW5fb8Rn3XMoUuKAdoHB1ogKiTAzWrO6mOpuO0Oh7b+Pp1RtDuixXHflSNdm1O4ZMxDNnIVA93KXhZ7ui9lomhh59vprkz4uRepesoj0aiK2em5+kOGK/MXEYuKhx2LW9f/t2n6VnuIhX++NMPadKbMWVe96R52d+iDHj6NWev56kOQKMd9otQ+wN+vMntM3ftS4meaXLTJX7aheb/iry7d7NRgrVCun0QUJuuI397T/TaObu66BkWKXSb1nYLtvRAXspsFTIY5TjlYc5rORNoJyHkJ4e9GPyAPD4f1Tmc5vjfLzI0SU4dZuXTjKk2kopKiRD/YMIyCqcpyrKr3JljbirYYF8kmlMh9qB5gIJN5WQZ09Hu9RxoSMH09Ga9bPWjyfnTLnvyuo/EN4sUxzq4u55f/NsEA1w+1E0YWviqk6QaraySJuPj8bszuCtkSd56yFKrLxQ5c0qrQVU8UjC3iEiKvwWaD0Bo+3gRTaZviO+0i0sa49OxMl11yt8/IG30smfP26nZxz+MdQaKjx0YVRF6WUgOMi37KjrFo7a8YLHc7hlq3tXpmGYTou5V8sogg7Wob2PAx0Dl5vj8kceJPOhILLmJKAqHpyMsSS6dde2ZHTmh0i+WxmYJ3Gp/zeUgh0IbZb7qNMEU1nKAFw/BFmO/oXFZocLgeu2FmJvPcpW6pHGBnkiyBDvboQS9Xaqp+MSFouCEv6Nbbm01fTu1npfrYi7eVhGYFFH8DFV+YkO2MHjlSdj93rwUQRx63uz02Idua7KA6dzQG3mVs8a+ysMFShwDj7Q0FNsWRSzeNnQYykIH8FQUV/XYsvInA5LzPgIddswaU7m3BAga1Jp5ml6PqEnvrUED8nao8hVhDdAHxNKFQ4l4Lpptq3GP4RG/riFwPuuAeZgHUeeo7hTZIkEPzDt0acjcCjY5Sub0z04vTgM7lLsmxXoHZuSbsVJao3RhRo5ljfu6U/zvEcqc80lXo5x/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeES0fL23FL0vJKb9BmL5yv4+Unm75fCO+0rXfX+8WQcLpeFQYEygkN5upiW0K3I3q6hxMiRHjrLQQ9evjCiUj7iPyienFicXIpgVLC8whB1QYb9IUpS8IxNkgzPZUzzdRzuwvctSeToYtCW3ojkrOZPuKualfgUzwN5EzdtF99dJCn3Y/JEjCv453ivihSY/8QvUDtaLa/2fNQNRY+UEW3O/QW4EepNBGhQBDAzIbpKUv0C40m16frnYiIuqf/Bpb+J7ZzdB6LNAtzFdugULV4IJj5X9c/cfjcBi6GO48RhxtHKlEJFFdo8+ns0hikFtQxP6B9F1/zqGo7oFcKiebRfUUx4TbqpXDVz82puqaEP0iam/E9o5X4ered1O/1plOxceMU+A07pIdOwrpb8zQfCpI6ZMu8S4mgbxpkM2isBntA6NndcTyyxESKv1zvrq8m/Pahk5MrJc0BxYrz5sOyfo62mj4rI6oRa0jdPFI8rsuCwia33Qt57Tgqruvn/uvhiXJArFFMlb4eHXl600PBVP2/3hXQ0cT6hQfsHApfT6vL7cC6qEBOtXOGanJY4Ke+wU7k9Q6fj4mY4yfSjeIZ5wv4ZMfm1b3r6GVZ6Pehs0O0cFv3HKKNEsQofkJrh3LQ59cz1ByBeiS/6Vf0SUx1yz4oEtsnhghyDCziLgLTExMzQn4lylFJLFTXsBRtReb/ERhTNSUXSA6CRg8oFUG98lx0tUoWMVjpauTmRajL4qt7FRE8Cdw7/5Fsn7RiZCOSeKzrogJKAiVb9SYzFzWBs6hjSAlNwtBmNw7urrj2tG+qewGTc73doXuwAPXb1/Lw/bj2qajIyjN6EIOuYimhF1 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-4.exe  /rawdata=s6pRoYZDl3U4Al9NZJlT0nxu3KEP9e6g8Smp2s2TUUF6JnCGmGJW9N9+J+rGOmDrUZuqTl2p9scy72mzyc1gBOspYfUu4iL7KFR8C+Jr+kXNLLBFhNbxTttecK6qE41qr83QaJTpIdfpWyIC53YZOu6d4TAvf6OiaKy1GRM0M1J4wymL3v85m+189lTuKe37FFtU9+XGc4pwLyv2JU8mEvOW+Bli4PtOfGGjxLm3F6LHG1IxWi4vCdILnduB3mT07XdTOhNZuYW9cm2jI36OCKd/b9jui9AmKeflDTKsN6i0+36zIIio+FbVIJ0Uyk8MiRuTzmmWW/HzA5FUadttwzpsKkQ1nh3pO5z2pUEgFmkUCx5Pk+xHY5LRe6LcahTRonWXyCpUlhDytB8Cd/A3RW9eg6QSJmI3QFu+lrUOX7RYtgfC/m4zA2YA5x0B0tJJgmLgX2irkwB8f1b9o3JpMdua/QarqQUUJLUcFMc+xAlbErG1Oe8AAVygEVDCKe7pwqg2T/5dVml0LJdz75BC9KIJGapDH/0oO6CsP1mJVVZjRaZ03zDzitreHnYpnsM+IzSFuLd/RFVo4DiLDMhpgiegpECDLQNHfvbRw4M+a/YctgHf6LbzarSVVHcRO0ohv9fUXC96Y6tvGkZNd8ZASUFNdR3gUrnmtHQBy42lj0JFZJnvppitLFPd5L9bDdX6Not1i/mrwdhTcsxohb2hpgCYhA52OouVMZ1yjZW5N8b0FLQUIkrn3ia6a8jv3Y5p+nEnmDkg179OVZkYEx6blW+UZf5eL9vjihVk5W0mJAPKlhhFeGyk1Cst9DhwClFRFk6PFU1gQYI9VQB7olzssbPw5eEUjRZw2bRkTyJJcic+j3WY3j+U6BzHg1CsbAkuxCGm8ZiVsJs91Ii7BbSHwmk8Q9aV+9yvsYUD5aRtYhfjVbjojKh+jFALI2gvS8ELCml+5Dgsb/MZ/8kXHQ4q0dqTIrokIuUCHshvdEOD6EsOyn5cRIuwo1t0xExin4ZYGwnxnfLIu7hFFvLuSU4FtWtTXHr8bSpSEYsjB0NF8bTTx4iGa2BxhTVK5KH37Ne2PLghfvM62epF8DAkSR69wP6awyXckIPChA8AVlt6gll9x6dQ7S4tJ6mGIXmILpUPYJ9CUPkoTQuWJiq+3J6N7e113vDs9zJcb0KtbfLEGzMVHft/noUIZ6YBbal2s+uP+/BkUDRa9hDa+XhWKYuIJTCUbWsMHqDnjGQzs8on9cFtntsoIc36y+0z7oiC+DDRab1h08e93gYiPRGgyCdNm9L0AgC7p7jIyihX0gxZaI5TvItyg+22FqWCCmJ+NbmGuEW/rVtVRNRISuWcPfiTvCm9MYdvSqIzQELVnV8MCYLenc2XNu652GmvQiSOswoak//D7/tfMfM1/FEzZfwVU1rgQ77BOVt2wZw2MR3QsKy/82eOT+t9Z5pol7ScRPazxDwoZbrSWdWJN99c2HFkSgi/PYKTm3e5opoOb997YdTh/Oukf16O4ahdEb5zUwSsVI1g4wKNuajOTpuxN7B4hyZ9mjBTSbi3KBSuUK79bK2R3VtrNut5JHBPleTkb3s0TNIbJHDzps7bCV9fNV3+8daV/Wwp1Ni761cU3Mwj6XVVK8ytURbsf2FFTWtTh3kzv8lWWgqPp9BjVB0fC7uqAJB0rmjCWhV3xaHRedc8VcJG1GzMdk4sySnFyVauLntxaLNnXaBgcfhBnTb6JAwc/0UzjwzvsEUhbnnNrT0zFickui0kaXt2yr5NGhvH8qO43Ye0I8MKC3xQHv2gq9diadqIi/6R4u2Ake8vhT6pSfQVIbvsrUQYmtEfdVfaeoSReFGPOwywt1B7oSrxUcRpcrsfkxBfL/zRCqNHtloVd1mya7eyJwRt45pFI5Z79xyg0E841JFDBah9q4jwi+BqTaf0bm7gqfyWY8U+9LR94SBlTJ4zYqrBpDGnbi+kQOikFRZyJbuPVR/1B8AKfrxuz4ph3aTPcmsoHWzsLH5UV0+1vo65DS+fvjOu3rnViNjf 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe  /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1rMDVoJ7HoPUP0N4lkqqGeHqV8TL2eXXqN5DjUMVai5PsIFdDgcXxciXrNlvEVyShTUUvBtFnyW+O7kzbZHD7ybo6QaGFbILNDM+aQCY1DbqHlXlhu6uQLsOKTWHrYV1MuabYmT9rzXP7rtrDs7q4TPVYfoAhIWTaK6pRqUSFbInUO2UAVe4YphaT0okS/tpLeRIDNXklQPv9+y4VaQk3jXRsSguEVFLE/9Q7zOElfzHP5IscujjIFxvhx6s+rB/3AAqUw7BAhFgvu5VLzkQ9Hww2e31zOPp7vpW3Tu4xofMqkeCgvAdxIOBc1deVRORx7HJa3OVBKLHzWzwOXK2Xo= 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe  /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1PCYcXJDeE4wm97iuv66+guraKDEdIv1+bj9Jh+5xaVbD3n7yEskKh94M9bvNK1FqLAYp7wZKYiJJfIEgYyyB/cfA+QZSkbAxcP7Q/87hApgClSJetpn28PuaoqzG/YX4glrd11/Vh2m6nVBt4lo0Sqqewkrt/OO2W7pzlUxw+JbyBXnkHmqh8Hw0ys4gHOtoCbRlQ/hCgqzNgesdlAeNvrDzRsa0YcZO03R/eWu0QFp5M6LS4oI1G0Vwo9OmyozmpwfOHO5L73+2+YyMJ7STlqBuCw0O6aGFqFLXwhuDvlFFi5R0EUrivQZTCuW/dNAYDw19dR/vY4DHuo/7oqo18= 

C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job - C:\Program Files (x86)\MediaPlayersvideos  1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-7.exe  /rawdata=Ukf4E/fC43JLK0NmaL1ycDdfknrWlMIP9oNfuF6yxaPD/kvm3Gj/ybMogb4zizZTOWYcNwEoxPJhMi421Kiae2alth6COWGXfKjSNvY+MErydjivWlV2ujVevRKlNoSY2Jj+ChhTOEB6ydwFxX44YmOR663n7mKE9lUPO4+Nj65Nbl4nPjTRiYagmprPQVjNHMpMm+zlSW9PgZ/D4/RWNxQwiDKf+5uJXUEtDbAafZgXjMEbYbkZujIDtajz2H59cpfJtBFVUCkXvS5PWhMj9lRd3FiFXXpuch/eZptE4kqAxnMipfv5rX+h1lzFkBXXOnv1nH3el8ZOGy/kRhzhrxRYAae9c4nBR1ib805a7gpFJEH0SA79APOxmMwrLkSLetORQwk+96NnYd+Loqyt32uriK54c9uPiRyZbFqHP9y7vJaFoas088fIwPb5PTsd1/4rXX0cu0SNFVz0GQtmjpdaf9gDR/+usYz78SADe3xrFYaCAAfPcS0PRLlLhJf0w+dKc30DBnvqtzrCde3iqKkBIbpUt7gZtvJJIvxDC7ll6Rfx2ugQBgdfOx91Ma7j3cvrctsJ9oiDUPEMyV57hfbNyqmqNEBk6KkTXWmpsS6ex6xpXrmifdB/KxDEs/XnM/WU5v74YrGy5jFg2RSdMQmFpV93B2YfMo4YC/2tTLexmKQ//e0fkUZ2nJ1D4jdJYsCHbOe/qCHNxQKqrdlzjU/mIfOXHtXL7aqCFf5/bo+K++/pYtO7K00tHae6wV4sbqMpBORlaJaZEZo0K4gbVKAyGkDNhbkN56CTrj0IrnA2m4NfsAJ7E+h2vnVi8uQwp9hO073rrz7xM1pSU/0n1Z3SDowEM7+TMbMoIgWZVEOi/Sa9adeopDIUx29r8DoD8DhsrDjWi8a7pq3ebec9FOUH15GCDcl+YQ8JcKmOVvUNnMLYiO2OGCmqOw3KRDGFUAhmAYwh89oCqVZKhRIptnaXF0MQ4QBMcbrj8/lIueonoyaMdBhgJ6/0VBASnQGGDMCY94bWjDlnrWPSJc5VuP/nMLGKUVMwvcAvFGbjLu/wGuTTUlzd+ivSd299q5r+/v7GMNdVnv47kmGLTqlUtKLCqV3wmhB5fH0sZYynUDAdAYveqoUlUd3fAdLMgMJKLzOg+NToanJs7OYveQNw1DTeyh3HOX/53VEmMu9V+fSMuoLag6oy48abXCXV6L0gujmK7LEV83FYIFNpAOxfBBRmUL2A5itoyonJwjJocAvLz518lh07uFkH/Pr8T5OidQmJ/c7F2nBRYfKVg+zwKfC6NPB9I1eG1P+fYsCVusGkcnYK98K8JlkEo9raQ4RWqf0zXjrPCTbGOdQo1mhMdCs8ZZSlF2LPWsnIFAFVtdnTnRrq7rl6MxhVR5POVViABsbST+JpGneTBxR5hhKQMHdDPlH45T2+1OgOlf9mRQRrV2NmxUPolHaZR8ESNjSvvhU/DrM8ZTOaTlhM37xyR27zA0iwyIb6cpMpS6QPnLMapO4cvM1mw6BjO+Q4JxraIORgvFAZ1hOfzXzSIJ51+Dn6a9qQI2KKGMaD4eJNsPd+Jpdnq8SNtkbhuHfA298HLhmAsowaQG8dwOWweSUnt+/Jy8chwkMq0UnS65Dm5fuKdHcBNNpg3M5kb5179dGvWXasqhxQV7HtMb9cJ/QztHrGsD91rj0OLZTxPXtX73CMt9TpgZiWFQS1xf3P0wdDOrggIyamK2PONSGlIWgRDcEMeNee2bR/uKr/V9Tf5mNAwucUmUWCZsNmMx3b2aPfKPPUlEWP+ZmijrIH0eHzEcGNb5B17xRW5/lDtzIQ5DPn9eMb2bODuEmQG1F1rM5eti+LNVyPXqkR6/L96ZX5B3+ApzF3+xp28wr6IHQpoeqFVZnmmtXwMFnAT0S1iZk6Y452tkwdEPzLV5wTf3K8zkYhYLWv2SlFBqv+X14hmbFcdmj5ljT4b70sJEhjSjQLrWNjwf7x3XLMOeXCeraJkaz0H98xJWGFPt6YGBTzgIgvigekIvxH1DKy1b1VZqtTfjW/y6Q4M/3vZzuWg98C/h04Vrq4NRsZdDv7h61w0+ibyI4jpG77OCAqJDpM5GK62dG6p5C8wC0m9Uab0S9zvDUsEpETp/lsOee4sTmoGe489zfl87QepBxAyxcKW3RQFfUeyOk207TV0Zey2pzjk72DaO/Jq5x7v+kED3TSbfmAQd/9mF50oEtudBridkaSbqEU9dxc9nk5rFBVLPALA2VuJXkPdvk0x+e24tU7+16jbRb9Hp6iRX2k310SPsxCmuP/Jc+z9/+wkMHR4laIuTADhm1q5/V36bxolOlFZdJYAMW+7/cB+Kza7KhUe+byLc4w3RO5teCAVweHb2a0l0c9W3iyhqw0iTGPKht9v512uKrxlFXYGQBAzEu+z+C2nVSBVKqaTNDods8M5eSGBMSHgpgxh6V1d63c4thnExtAeoAmTwUAFgstKdPTw5M+3bq+MQQqkgd/ZFIRTl+XYuZNIOUimPVUGT5DOTYFcaruwzBr7Fc8ecpZgg0jkwO0 

C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe  /ua /installsource scheduler 

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c 

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler 

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-01 256456]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-01 194504]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192]

"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304]

"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208]

"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-04-23 861216]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-28 39408]

 

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696]

"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608]

"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368]

"Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

DesktopDock.lnk - C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-03-31 269824]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

 

======File associations======

 

.inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

.ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - "C:\Windows\System32\WScript.exe" "%1" %*

.txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1

 

======List of files/folders created in the last 1 month======

 

2015-02-03 19:46:50 ----D---- C:\Program Files\trend micro

2015-02-03 19:40:23 ----D---- C:\Program Files (x86)\trend micro

2015-02-03 19:40:21 ----D---- C:\rsit

2015-01-15 12:22:59 ----A---- C:\Windows\system32\profsvc.dll

2015-01-15 12:22:56 ----A---- C:\Windows\system32\TSWbPrxy.exe

2015-01-15 12:22:54 ----A---- C:\Windows\SYSWOW64\nlaapi.dll

2015-01-15 12:22:54 ----A---- C:\Windows\SYSWOW64\ncsi.dll

2015-01-15 12:22:54 ----A---- C:\Windows\system32\nlasvc.dll

2015-01-15 12:22:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2015-01-15 12:20:22 ----A---- C:\Windows\system32\ntoskrnl.exe

2015-01-15 12:20:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe

2015-01-15 12:20:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe

2015-01-15 12:20:17 ----A---- C:\Windows\system32\srcore.dll

2015-01-15 12:20:17 ----A---- C:\Windows\system32\rstrui.exe

2015-01-15 12:20:16 ----A---- C:\Windows\SYSWOW64\srclient.dll

2015-01-15 12:20:16 ----A---- C:\Windows\system32\srclient.dll

2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale7_nf64.sys

2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale7_nf.sys

2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale_nf.sys

2015-01-15 12:07:09 ----A---- C:\Windows\system32\drivers\tdi_nf.sys

2015-01-15 12:07:09 ----A---- C:\Windows\system32\drivers\ale_nf64.sys

 

======List of files/folders modified in the last 1 month======

 

2015-02-03 19:46:53 ----D---- C:\Windows\Temp

2015-02-03 19:46:50 ----RD---- C:\Program Files

2015-02-03 19:40:23 ----RD---- C:\Program Files (x86)

2015-02-03 18:14:45 ----D---- C:\Windows\system32\config

2015-02-03 17:51:11 ----A---- C:\Windows\SYSWOW64\log.txt

2015-02-03 17:50:02 ----D---- C:\Program Files\Norman

2015-02-02 19:14:08 ----SHD---- C:\System Volume Information

2015-01-26 22:59:01 ----D---- C:\Windows\SysWOW64

2015-01-26 22:58:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2015-01-22 11:44:16 ----D---- C:\Windows\winsxs

2015-01-22 11:41:34 ----D---- C:\Windows\System32

2015-01-22 11:41:33 ----D---- C:\Windows\system32\drivers

2015-01-21 11:38:11 ----D---- C:\Windows\system32\MRT

2015-01-21 11:37:44 ----A---- C:\Windows\system32\MRT.exe

2015-01-21 11:26:41 ----D---- C:\Windows\Tasks

2015-01-21 11:25:19 ----D---- C:\Windows\system32\Tasks

2015-01-21 11:25:19 ----D---- C:\Program Files (x86)\MediaPlayersvideos  1.1

2015-01-15 12:20:32 ----D---- C:\Windows\system32\catroot

2015-01-15 12:12:31 ----D---- C:\Windows\system32\catroot2

2015-01-05 12:08:14 ----D---- C:\Windows\system32\wdi

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]

R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs64.sys [2014-06-27 23488]

R1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [2014-08-27 41536]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [2014-10-15 68792]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]

R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2014-06-04 138232]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848]

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]

R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2014-06-26 389240]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-06-22 116992]

S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 113792]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-22 245280]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]

R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824]

R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\npm\bin\nfservice.exe [2014-11-03 194536]

R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-01-08 306360]

R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664]

R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032]

R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2014-12-03 261456]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368]

R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]

R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2014-11-27 401560]

R2 NVOY;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\Nvoy.exe [2013-06-27 246560]

R2 NWSCMON;Norman WSC Monitor Service; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [2014-08-05 231008]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]

R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352]

R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080]

R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 199680]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26 267440]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]

S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-04 1255736]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

 

-----------------EOF-----------------

[kweezie wabbit]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{0E8A89AD-95D7-40EB-8D9D-083EF7066A01};c
C:\Program Files\McAfee Security Scan;fs
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job;f
C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job;f
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk;f
C:\Program Files (x86)\MediaPlayersvideos  1.1;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}];r64
McComponentHostService;s
emptyclsid;
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
   
• Do a Deep Scan
• Installed Programs
• Auto Clean
   
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[ilssxx]

 

Zoek.exe v5.0.0.0 Updated 03-February-2015

Tool run by Gebruiker on wo 04-02-2015 at 17:32:55,42.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

 

===== Runcheck 17:36:50,71 =====

 

--- Create Environment Variables 17:36:52,30 

--- Create System Restore Point 17:37:02,46 

[ilssxx]

dit is het logje dat ik kreeg:

 

 

Zoek.exe v5.0.0.0 Updated 03-February-2015

Tool run by Gebruiker on wo 04-02-2015 at 17:32:55,42.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

 

==== System Restore Info ======================

 

4-2-2015 17:37:57 Zoek.exe System Restore Point Created Succesfully.

 

==== Empty Folders Check ======================

 

C:\PROGRA~2\MSXML 4.0 deleted successfully

 

==== Deleting CLSID Registry Keys ======================

 

HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

 

==== Deleting CLSID Registry Values ======================

 

 

==== Installed Programs ======================

 

 Update for Microsoft Office 2007 (KB2508958)  

Acer Backup Manager  

Acer Crystal Eye Webcam  

Acer ePower Management  

Acer eRecovery Management  

Acer Registration  

Acer ScreenSaver  

Acer VCM  

Acrobat.com  

Adobe AIR  

Adobe Flash Player 16 ActiveX  

Adobe Reader 9.1 MUI  

Apple Application Support  

Apple Mobile Device Support  

Apple Software Update  

Backup Manager Advance  

Bonjour  

Broadcom Gigabit NetLink Controller  

D3DX10  

DesktopDock  

eSobi v2  

Google Chrome  

Google Toolbar for Internet Explorer  

Google Update Helper  

Google+ Auto Backup  

Identity Card  

Intel® Graphics Media Accelerator Driver  

Intel® Management Engine Components  

Intel® Rapid Storage Technology  

InterVideo WinDVD 8  

iTunes  

Junk Mail filter update  

Launch Manager  

McAfee Security Scan Plus  

Microsoft .NET Framework 4.5.1  

Microsoft .NET Framework 4.5.1 (Nederlands)  

Microsoft .NET Framework 4.5.1 (NLD)  

Microsoft Application Error Reporting  

Microsoft Office 2007 Service Pack 3 (SP3)  

Microsoft Office 2010  

Microsoft Office Excel MUI (Dutch) 2007  

Microsoft Office File Validation Add-In  

Microsoft Office Home and Student 2007  

Microsoft Office Office 64-bit Components 2007  

Microsoft Office OneNote MUI (Dutch) 2007  

Microsoft Office PowerPoint MUI (Dutch) 2007  

Microsoft Office Proof (Dutch) 2007  

Microsoft Office Proof (English) 2007  

Microsoft Office Proof (French) 2007  

Microsoft Office Proof (German) 2007  

Microsoft Office Proofing (Dutch) 2007  

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)  

Microsoft Office Shared 64-bit MUI (Dutch) 2007  

Microsoft Office Shared MUI (Dutch) 2007  

Microsoft Office Word MUI (Dutch) 2007  

Microsoft Silverlight  

Microsoft SQL Server 2005 Compact Edition [ENU]  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  

Mobile Partner  

MSVCRT  

MSVCRT_amd64  

MSXML 4.0 SP2 (KB954430)  

MSXML 4.0 SP2 (KB973688)  

Norman Security Suite  

Norton Online Backup  

NTI Backup Now 5  

NTI Backup Now Standard  

NTI Media Maker 8  

Picasa 3  

Realtek High Definition Audio Driver  

Realtek USB 2.0 Card Reader  

Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)  

Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)  

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition  

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition   

Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition   

Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition   

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition   

Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition   

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition  

Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition   

Synaptics Pointing Device Driver  

Update for 2007 Microsoft Office System (KB967642)  

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition  

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition  

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition  

Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition  

Update voor Microsoft Office Excel 2007 Help (KB963678)  

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)  

Update voor Microsoft Office Word 2007 Help (KB963665)  

Welcome Center  

Windows Live Communications Platform  

Windows Live Essentials  

Windows Live ID Sign-in Assistant  

Windows Live Installer  

Windows Live Language Selector  

Windows Live Mail  

Windows Live Messenger  

Windows Live MIME IFilter  

Windows Live Movie Maker  

Windows Live Photo Common  

Windows Live Photo Gallery  

Windows Live PIMT Platform  

Windows Live SOXE  

Windows Live SOXE Definitions  

Windows Live Sync  

Windows Live UX Platform  

Windows Live UX Platform Language Pack  

Windows Live Writer  

Windows Live Writer Resources  

 

==== Running Processes ======================

 

C:\Program Files\Norman\npm\bin\nfservice.exe

C:\Program Files\Norman\Ngs\Bin\Nnf.exe

C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

C:\Program Files\Norman\Npm\Bin\nwscmon.exe

C:\Program Files\Norman\Npm\Bin\Zanda.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\Windows\PLFSetI.exe

C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Norman\Npm\Bin\zlhh.exe

C:\Program Files\Norman\Npm\Bin\Njeeves2.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files\Norman\nig\bin\nigsvc32.exe

C:\Program Files\Norman\nig\bin\niguser.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Users\Gebruiker\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cmd.exe

 

==== Deleting Services ======================

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully

 

==== Registry Fix Code x64 ======================

 

Windows Registry Editor Version 5.00

 

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] 

 

==== Deleting Files \ Folders ======================

 

C:\Program Files (x86)\MediaPlayersvideos  1.1 deleted

C:\PROGRA~3\boost_interprocess deleted

C:\Users\Gebruiker\AppData\Local\Desktop_Dock deleted

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\fastplayer deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job deleted

C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1 deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11 deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3 deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4 deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5 deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user deleted

C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7 deleted

C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted

C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted

C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" deleted

"C:\Program Files\McAfee Security Scan" not deleted

"C:\PROGRA~2\81d7a982-4aaa-4bc3-9960-778fea6821ac" deleted

"C:\Program Files\McAfee Security Scan\3.8.150" not deleted

 

==== System Specs ======================

 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 1783 MB

CPU Info: Intel® Pentium® CPU        P6100  @ 2.00GHz

CPU Speed: 2007.1 MHz

Sound Card: Speakers (Realtek High Definiti | 

Display Adapters: Intel® HD Graphics | Intel® HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Atheros AR5B97 Wireless Network Adapter | Broadcom NetLink Gigabit Ethernet

CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-7585H

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 5 Button Wheel Mouse Present

Hard Disks: C:  219.8GB

Hard Disks - Free: C:  150.5GB

Manufacturer *: Acer

BIOS Info: AT/AT COMPATIBLE | 08/10/10 | ACRSYS - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Acer TravelMate 5740Z

Country: Nederland 

Language: NLD 

 

==== System Specs (Software) ======================

 

Anti-Virus: Norman Security Suite Anti-Virus On-access scanning disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Anti-Spyware: Norman Security Suite Anti-Spyware disabled (Outdated)

Internet Explorer Version: 11.0.9600.17501 

Google Chrome version: 40.0.2214.94

Adobe Reader version: 9.1.0.2009022700

 

==== Files Recently Created / Modified ======================

 

====== C:\Windows ====

====== C:\Users\GEBRUI~1\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2015-02-04 16:22:42 9AD1DF7608C28285AC547618A1045B2B 187 ----a-w- C:\Windows\SysWOW64\erbl.bin

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

2015-01-15 11:22:50 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys

2015-01-15 11:07:10 E95019FE1BE2A04BC98629EC8ABE410E 133152 ----a-w- C:\Windows\Sysnative\drivers\ale7_nf64.sys

2015-01-15 11:07:10 4F9D591D5616099F807F99D5AF63F2C0 123888 ----a-w- C:\Windows\Sysnative\drivers\ale7_nf.sys

2015-01-15 11:07:10 47197E05B0346121D598010AAAD6DF67 120792 ----a-w- C:\Windows\Sysnative\drivers\ale_nf.sys

2015-01-15 11:07:09 EAE239E3A7036FF7C58CE388DD86B4BB 130080 ----a-w- C:\Windows\Sysnative\drivers\ale_nf64.sys

2015-01-15 11:07:09 0DEA0278EC151D34A555760652959A41 461120 ----a-w- C:\Windows\Sysnative\drivers\tdi_nf.sys

====== C:\Windows\Tasks ======

2015-02-04 16:12:24 625F006099D62E28DDB8167AA476E9CF 3152 ----a-w- C:\Windows\Sysnative\Tasks\{48FB454E-2F4F-4E99-8DEE-41257CE93530}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2015-02-03 18:46:50 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2015-02-03 18:40:23 -------- d-----w- C:\PROGRA~2\trend micro

======= C: =====

====== C:\Users\Gebruiker\AppData\Roaming ======

====== C:\Users\Gebruiker ======

2015-02-03 18:46:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2015-02-03 18:39:41 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe

 

====== C: exe-files ==

2015-02-04 16:07:15 DB36F70844AE357ADA13CCC2228A3222 332064 ----a-w- C:\Program Files\Norman\Nig\bin\niguser.exe

2015-02-04 16:07:15 90A3D302F4646BECEE1614DC83E80F9A 546312 ----a-w- C:\Program Files\Norman\Nig\bin\nadvtool.exe

2015-02-04 16:07:15 75FF47628FA83CDE1A862A6ACA306707 85448 ----a-w- C:\Program Files\Norman\Nig\bin\nadvscan.exe

2015-02-04 16:07:15 6A1AC256ACB21D8C6547FC1690394CC5 595176 ----a-w- C:\Program Files\Norman\Nig\bin\nigsvc32.exe

2015-02-03 18:46:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe

2015-02-03 18:46:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe

2015-02-03 18:40:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Gebruiker.exe

2015-02-03 18:39:41 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe

2015-02-02 18:12:32 AF2AD293EFDBACD74E90B3931EC53725 7342160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.94\40.0.2214.94_39.0.2171.99_chrome_updater.exe

=== C: other files ==

2015-02-04 15:49:23 5EBB53736F500209046BE9196CBED93A 5264429 ----a-w- C:\Users\Gebruiker\Downloads\YE picture.zip

2015-02-03 18:08:53 D39FF779D0EECFFFF10591A2DBA090B3 6877 ----a-w- C:\Users\Gebruiker\Downloads\Outlook.com.zip

 

==== Startup Registry Enabled ======================

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

 

[HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

 

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

 

==== Startup Registry Enabled x64 ======================

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"PLFSetI"="C:\Windows\PLFSetI.exe"

"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

 

==== Startup Folders ======================

 

2010-05-12 12:21:09 1782 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

2014-12-01 14:30:42 1072 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk

 

==== Task Scheduler Jobs ======================

 

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26-01-2015 22:58]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 12:07]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 12:07]

 

==== Other Scheduled Tasks ======================

 

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

 

==== Chromium Look ======================

 

Google Chrome Version: 40.0.2214.94 (Up to date, latest Stable version: 40.0.2214.94)

 

 

YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

 

==== Set IE to Default ======================

 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Bar"="http://www.google.com/ie"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

 

==== All HKCU SearchScopes ======================

 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL439NL439"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

 

==== HijackThis Entries ======================

 

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52

O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe

O23 - Service: Norman Intrusion Guard (NIG) - Norman Safeground AS - C:\Program Files\Norman\nig\bin\nigsvc32.exe

O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe

O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe

O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe

O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

==== Empty IE Cache ======================

 

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

 

==== Empty FireFox Cache ======================

 

No FireFox Profiles found

 

==== Empty Chrome Cache ======================

 

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

 

==== Empty All Flash Cache ======================

 

Flash Cache is not empty, a reboot is needed

 

==== Empty All Java Cache ======================

 

No Java Cache Found

 

==== C:\zoek_backup content ======================

 

C:\zoek_backup (files=73 folders=15 21296711 bytes)

 

==== Empty Temp Folders ======================

 

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

 

==== After Reboot ======================

 

==== Empty Temp Folders ======================

 

C:\Windows\Temp successfully emptied

C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

 

==== Empty Recycle Bin ======================

 

C:\$RECYCLE.BIN successfully emptied

 

==== Deleting Files / Folders ======================

 

"C:\Program Files\McAfee Security Scan"  not found

"C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YK2EEC45\games2.spele.nl"  not found

"C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YK2EEC45\www.globespotter.nl"  not found

 

==== EOF on wo 04-02-2015 at 18:04:18,68 ======================

[kweezie wabbit]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).
 

• Sluit alle openstaande vensters.
• Dubbelklik op AdwCleaner om hem te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Klik op Scan.
• Klik vervolgens op Clean (Engelse versie)of Verwijderen (Nederlandse versie).
• Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Voeg dit logje toe aan je volgend bericht.
Anders is het hier terug te vinden C:\\AdwCleaner\\AdwCleaner[s0].txt.