Ebonny

Ik heb de firewall gereset. Welke vinkje kan ik het beste aanzetten. nu staat aan Core Metworking, Hulp op afstand en Netwerk detecteren. Printer doet het nog niet. Hoe kan ik zo veilig mijn huidige virus scanner verwijderen en dan een nieuwe erop zetten? Is een virus scanner kopen een optie of is er een free one. Mijn printer "HP Photosmart 3210 All-in-one"

Een andere computer (Desktop) met vaste aansluiting op de router ziet de printer wel en werkt. Dus wat kan het zijn? Stuurprogramma's weg? Is mijn virus scanner Microsoft security oké? gr

Op mijn laptop staat geïnstalleerd "Microsoft Security Essentials" en werkt up to date. gr

Ik ben benieuwt nog steeds niet gelukt ook de lijst van de te kiezen printers is niet meer aanwezig. Alles gereset. kan ook geen wizard draaien. gr

Nummer 2 MalwarebytesAnti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversie:v2013.09.12.09 Windows 7Service Pack 1 x64 NTFS InternetExplorer 10.0.9200.16660 Acer ::ACER-PC [administrator] 12-9-201321:31:36 mbam-log-2013-09-12(21-31-36).txt Scan type:Snelle scan Ingeschakeldescan opties: Geheugen | Opstartitems | Register | Bestanden en mappen |Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakeldescan opties: P2P Objectengescand: 223170 Verstrekentijd: 5 minuut/minuten, 48 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geenkwaadaardige objecten gedetecteerd) Geheugenmodulengedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 5 HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}(PUP.Optional.Datamngr.A) -> Succesvol in quarantaine geplaatst enverwijderd. HKCR\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}(PUP.Optional.Datamngr.A) -> Succesvol in quarantaine geplaatst enverwijderd. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A)-> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\BabylonToolbar (PUP.Optional.Babylon.A) ->Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\qvo6Software(PUP.Optional.qvo6.A) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 1 HKLM\SYSTEM\CurrentControlSet\Services\DPService|ImagePath(PUP.Optional.DProtect) -> Data:C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe -> Succesvol inquarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 3 HKCU\SOFTWARE\Microsoft\InternetExplorer\Main|Default_Page_URL (Hijack.StartPage) -> Slecht:(QVO6 (Google) -> Succesvol in quarantaine geplaatst engerepareerd. HKLM\SOFTWARE\Microsoft\InternetExplorer\Main|Default_Page_URL (Hijack.StartPage) -> Slecht:(QVO6 (Google) -> Succesvol in quarantaine geplaatst engerepareerd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page(Hijack.StartPage) -> Slecht: (QVO6 (Google) -> Succesvol in quarantaine geplaatst engerepareerd. Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Acer\Downloads\FreeYouTubeToMP3Converter (1).exe(PUP.Optional.OpenCandy) -> Succesvol in quarantaine geplaatst enverwijderd.(einde)

Hpi Jion, Na het uitvoeren van de run-script vanmorgen werkt mijn printer die aangesloten zit op mijn router niet meer. Het is een HP 3200 serie. Mijn laptop ziet hem ook niet meer op het netwerk. Heb al van alles geprobeerd. Is er tijdens de run iets verwijderd wat niet mocht? groet

Dit is 1 # AdwCleaner v3.003 - Report created 12/09/2013 at 19:31:13 # Updated 07/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Acer - ACER-PC # Running from : C:\Users\Acer\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1269415 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{125B7A09-B405-46FB-95FB-96CF6B72992D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{125B7A09-B405-46FB-95FB-96CF6B72992D} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D0DE224-C629-4285-8A62-5AA61D6906E8} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFF486FA-90ED-4493-8214-A165F659F4EA} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command Key Deleted : HKCU\Software\Complitly Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\HomeTab Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\SearchCore for Browsers Key Deleted : HKCU\Software\simplytech Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\NCH_EN Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\simplytech Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\NCH_EN Key Deleted : HKLM\Software\BabylonToolbar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\eSafeSecControl Key Deleted : HKLM\Software\Funmoods Key Deleted : HKLM\Software\qvo6Software Key Deleted : HKLM\Software\SearchCore for Browsers Key Deleted : HKLM\Software\SearchquMediabarTb Key Deleted : HKLM\Software\SimplyGen Key Deleted : HKLM\Software\NCH_EN Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchCore for Browsers Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar Key Deleted : [x64] HKLM\SOFTWARE\SearchCore for Browsers Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16660 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] -\\ Google Chrome v29.0.1547.66 [ File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [13087 octets] - [12/09/2013 19:30:24] AdwCleaner[s0].txt - [11671 octets] - [12/09/2013 19:31:13] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11732 octets] ##########

Dit stond in het mapje zoek results op de C-schijf Zoek.exe Version 4.0.0.4 Updated 11-September-2013 Tool run by Acer on do 12-09-2013 at 9:26:05,66. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Acer\Downloads\zoek\zoek.exe [script inserted] ==== System Restore Info ====================== 12-9-2013 9:28:58 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9fdfb66c-713b-4201-83a6-5b78ae227b41} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{18D85E67-B985-4959-9FAE-3FD6C5F1A4AD} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C4A15F01-8F01-4219-A265-5DBEB3A5D209} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{9fdfb66c-713b-4201-83a6-5b78ae227b41} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{9fdfb66c-713b-4201-83a6-5b78ae227b41} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully ==== Deleting Files \ Folders ====================== "C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx" deleted "C:\Users\Acer\Downloads\SoftonicDownloader_voor_acdsee-photo-manager.exe" deleted "C:\user.js" deleted "C:\END" deleted "C:\Windows\Launcher.exe" deleted "C:\Users\Acer\AppData\Roaming\AC1\{23874FC4-964C2838-CD4D1EEF-1A92734D}" deleted "C:\Users\Acer\AppData\Local\DProtect\config.dat" not deleted "C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe" not deleted "C:\Users\Acer\AppData\Local\DProtect\DPUninstall.exe" not deleted "C:\Users\Acer\AppData\Local\DProtect\eBP.dll" not deleted "C:\Users\Acer\AppData\Local\DProtect\eBPSD.dll" not deleted "C:\Users\Acer\AppData\Local\DProtect\eDelayinfo.edb" not deleted "C:\Users\Acer\AppData\Local\DProtect\eGdpSvc.exe" not deleted "C:\Users\Acer\AppData\Roaming\AC1" deleted "C:\Users\Acer\AppData\Roaming\Mozilla" deleted "C:\Users\Acer\AppData\Roaming\Complitly" deleted "C:\Program Files (x86)\NCH_EN" deleted "C:\Program Files (x86)\NCH Software" deleted "C:\Users\Acer\AppData\Roaming\HomeTab" deleted "C:\Program Files (x86)\HomeTab" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\NCH_EN" deleted "C:\SoloApp" deleted "C:\Users\Acer\AppData\Roaming\SimplyTech" deleted "C:\Program Files (x86)\SearchCore for Browsers" deleted "C:\Program Files (x86)\NCH_EN" deleted "C:\Program Files\Babylon" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Program Files (x86)\iMesh Applications" deleted "C:\Program Files (x86)\HomeTab" deleted "C:\Program Files (x86)\Yontoo" deleted "C:\Program Files (x86)\Complitly" deleted "C:\Program Files (x86)\Perion" deleted "C:\Program Files (x86)\Conduit" deleted "C:\SoloApp" deleted "C:\Users\Acer\AppData\Roaming\Complitly" deleted "C:\Users\Acer\AppData\Roaming\HomeTab" deleted "C:\Users\Acer\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\Users\Acer\AppData\Roaming\SimplyTech" deleted "C:\Users\Acer\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\eSafe" deleted "C:\ProgramData\boost_interprocess" deleted "C:\ProgramData\iMesh" deleted "C:\Users\Acer\AppData\Local\iMesh" deleted "C:\Users\Acer\AppData\Local\DProtect" not deleted "C:\Users\Acer\AppData\Local\PackageAware" deleted "C:\Users\Acer\AppData\Local\Conduit" deleted "C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda" deleted "C:\windows\SysNative\Tasks\Browser Updater" deleted "C:\Users\Acer\AppData\LocalLow\HomeTab" deleted "C:\Users\Acer\AppData\LocalLow\mediabarim" deleted "C:\Users\Acer\AppData\LocalLow\DataMngr" deleted "C:\Users\Acer\AppData\LocalLow\SimplyTech" deleted "C:\Users\Acer\AppData\LocalLow\searchqutoolbar" deleted "C:\Users\Acer\AppData\LocalLow\Conduit" deleted "C:\Users\Acer\AppData\LocalLow\NCH_EN" deleted "C:\windows\SysNative\tasks\ProtectedSearch" deleted "C:\Windows\Syswow64\WNLT" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Acer\AppData\Local\Temp ==== 2013-09-10 19:38:10 BCB0728F4B117855765CE8FE883B5E9B 1536 ----a-w- C:\Users\Acer\AppData\Local\Temp\NOSEventMessages.dll 2013-09-10 19:38:10 BCB0728F4B117855765CE8FE883B5E9B 1536 ----a-w- C:\Users\Acer\AppData\Local\Temp\NEventMessages.dll ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-08-15 06:55:04 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-15 06:55:03 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-09-11 15:45:17 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== ======= C: ===== ====== C:\Users\Acer\AppData\Roaming ====== 2013-09-12 07:18:21 !HASH: COULD NOT OPEN FILE !!!!! 2048 --sha-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\lastalive1.dat 2013-09-12 07:18:21 !HASH: COULD NOT OPEN FILE !!!!! 2048 --sha-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\lastalive0.dat 2013-09-09 11:45:26 -------- d-----w- C:\Users\Acer\AppData\Local\DProtect 2013-08-15 16:13:51 9ED94095E1C5C23AB15A19C5CCD91A6C 8388608 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-S-1-5-21-2668737801-3381503766-2512015713-1000.dat 2013-08-15 16:08:32 33F6DF6CD2D21BECFB9D004E4BDFEEA4 582772 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\~FontCache-System.dat ====== C:\Users\Acer ====== 2013-09-11 13:01:18 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Acer\Downloads\RSITx64.exe 2013-09-11 12:31:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker 2013-09-10 08:50:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-09-09 11:57:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2013-09-09 11:57:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs 2013-09-09 11:56:00 98A0E3DD0D9F8C03EE7B3D8EB024B78E 623168 ----a-w- C:\Users\Acer\Downloads\disketchpsetup.exe ====== C: exe-files == 2013-09-11 15:45:17 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Acer.exe 2013-09-11 13:01:18 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Acer\Downloads\RSITx64.exe 2013-09-11 12:31:07 B9284A1FFA6AF5D43171F2BC3B0740B7 715264 ----a-w- C:\Programs\PartyGaming\SmartUpgrader\PGSmartUpgrade.exe 2013-09-11 12:31:07 952CAB49CF81203B07157F93675EA6B6 227328 ----a-w- C:\Programs\PartyGaming\SmartUpgrader\SIInvoker.exe 2013-09-10 08:48:17 277DF1C06782563C95661C30AA02CD49 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.0.5.5\SetupAdmin.exe 2013-09-09 11:56:00 98A0E3DD0D9F8C03EE7B3D8EB024B78E 623168 ----a-w- C:\Users\Acer\Downloads\disketchpsetup.exe 2013-09-09 11:45:40 256F569179D786680CD216C0240A42D3 825920 ----a-w- C:\Users\Acer\AppData\Local\DProtect\eGdpSvc.exe 2013-09-09 11:45:26 E503794A2C5BAEE9AAC34267C3359D18 175168 ----a-w- C:\Users\Acer\AppData\Local\DProtect\DPUninstall.exe 2013-09-09 11:45:26 76C7617847CCE2E948701365BEB45CE2 342592 ----a-w- C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe 2013-09-09 06:36:34 CB139AE37B93E21CD858D748B3DF0EEA 34509664 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_chrome_installer.exe 2013-09-08 15:51:21 69078D1A8E8BADFCD2B2EA9B66AB1FD8 6950240 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\29.0.1547.66\29.0.1547.66_28.0.1500.95_chrome_updater.exe 2013-09-06 21:27:02 4D70EA97DA15CAC05A4759285629A9FA 801792 ----a-w- C:\Programs\PartyGaming\PartyPoker\Uninstall\Setup.exe 2013-09-06 20:44:28 E92A9E50F2417CF23A43988D012B01D0 2272256 ----a-w- C:\Programs\PartyGaming\PartyGaming.exe 2013-09-05 14:04:06 8FE3018198ACD7BFCD5C062710F5A8B7 20864 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32Info.exe 2013-09-05 14:04:04 66CBA380C78A1D1649E9B6CC41763B02 1411448 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 2013-09-05 14:04:04 0203027AEE70D083C40EF6324D210DE0 694152 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe 2013-09-05 14:04:02 B6F39BA8B6D3526459FE9F1D7760D073 131464 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe 2013-09-05 14:04:02 AEB9DC4B28F873CA2BDC2174A1266ED8 45448 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroTextExtractor.exe 2013-09-05 14:04:02 457A5985CD9A5915BE8FDF45B330C368 264568 ----a-w- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroBroker.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c" "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d" "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "Reader Library Launcher"="C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "Google Update"="C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c" "NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "PLFSetI"="C:\Windows\PLFSetI.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2011-12-22 15:54:54 2103 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-03-2012 17:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10-03-2012 17:10] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core.job --a------ C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [12-02-2013 11:21] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA.job --a------ C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [12-02-2013 11:21] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions amhlacfinnaffmhfohbpecabbjfhkdji - C:\Users\Acer\AppData\Local\CRE\amhlacfinnaffmhfohbpecabbjfhkdji.crx[] dlfienamagdnkekbbbocojppncdambda - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx[] gclijllifhfpomppedeljakfegbcpojn - C:\Users\Acer\AppData\Local\Temp\ccex.crx[] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] niapdbllcanepiiimjjndipklodoedlc - C:\Users\Acer\AppData\Local\Temp\YontooLayers.crx[] npgpgjiajblpbldjkelafjjhfjcddlba - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions amhlacfinnaffmhfohbpecabbjfhkdji - C:\Users\Acer\AppData\Local\CRE\amhlacfinnaffmhfohbpecabbjfhkdji.crx[] nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[] AFAS Personal Bijwerk Assistent - Acer - Default\Extensions\cdcefkchgdibcdegcafkekacfdapplbo ==== Chrome Fix ====================== C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlfienamagdnkekbbbocojppncdambda_0.localstorage deleted successfully C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="QVO6" "Default_Page_URL"="QVO6" "Search Page"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Default_Search_URL"="Certified-Toolbar Search=" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Certified-Toolbar Search=" "Default_Page_URL"="QVO6" "Start Page"="QVO6" "Search Page"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Certified-Toolbar Search=" "Default_Page_URL"="QVO6" "Start Page"="QVO6" "Search Page"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="{searchTerms} - (1)" "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="{searchTerms} - (1)" "(Default)"="%s - Search results" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Search results" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="{searchTerms} - (1)" "(Default)"="%s - Search results" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Certified-Toolbar Search=" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Certified-Toolbar Search=" "SearchAssistant"="{searchTerms} - (1)" "Search Bar"="Certified-Toolbar Search=" "Search Page"="Certified-Toolbar Search=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="Bing" "Search Bar"="Bing" "Default_Search_URL"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="Google" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Search Bar"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="Bing" "Search Page"="Bing" "Search Bar"="Bing" "Default_Page_URL"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" "Start Page"="MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="%s - Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="%s - Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="Bing" "Search Bar"="Bing" "Search Page"="Bing" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-2668737801-3381503766-2512015713-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\npgpgjiajblpbldjkelafjjhfjcddlba deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amhlacfinnaffmhfohbpecabbjfhkdji deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Acer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Acer\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Acer\AppData\Local\DProtect\config.dat" not found "C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe" not found "C:\Users\Acer\AppData\Local\DProtect\DPUninstall.exe" not found "C:\Users\Acer\AppData\Local\DProtect\eBP.dll" not found "C:\Users\Acer\AppData\Local\DProtect\eBPSD.dll" not found "C:\Users\Acer\AppData\Local\DProtect\eDelayinfo.edb" not found "C:\Users\Acer\AppData\Local\DProtect\eGdpSvc.exe" not found "C:\Users\Acer\AppData\Local\DProtect" not found ==== EOF on do 12-09-2013 at 9:40:03,44 ======================

Moet ik dan ook weer run script uitvoeren? Wanneer ik start zoek exe uitvoer dan krijg ik namelijk dat scherm weer waar de door jouw opgegeven code in moest. groet

Bedoel je dit allemaal? Logfile of random's system information tool 1.09 (written by random/random) Run by Acer at 2013-09-12 15:10:36 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 240 GB (81%) free of 297 GB Total RAM: 3957 MB (66% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:10:39, on 12-9-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\trend micro\Acer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl | Jouw startpagina voor weer, verkeer en meer R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Acer\Desktop\PartyPoker.lnk O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Acer\Desktop\PartyPoker.lnk O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {9E858349-A287-4D37-8C27-034330E160F9} (MijnAlbum Album Upload Software Control Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/aus8.0.35/Uploader8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Users\Acer\AppData\Local\DProtect\eBP.dll,C:\Users\Acer\AppData\Local\DProtect\eBPSD.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 16904 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\LSI SoftModem\agr64svc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE "C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Windows\PLFSetI.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey C:\Windows\system32\wbem\unsecapp.exe -Embedding "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" {CBD29E98-0DC1-470E-BB8D-3404C9114FF1} "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3200 series#1324569618" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding {98B87241-9C34-4380-B285-E075645CDC07} "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "c:\Program Files\Microsoft Security Client\NisSrv.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "c:\Program Files\Microsoft Security Client\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 71B0CC34-79B1-3157-044E-30566760D11B -Reinvoke "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\Acer\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-28 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-28 318960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-28 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-12-28 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-12-28 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-28 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-28 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352] "PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-09 206208] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472] "Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-06-10 324608] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-09-02 829392] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720] "Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-12 116648] ""= [] "NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-29 265984] "Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736] "ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112] "PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2010-01-18 181480] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "Reader Library Launcher"=C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [2010-07-13 906648] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "VIDC.ACDV"=ACDV.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-09-12 09:40:04 ----SHD---- C:\$RECYCLE.BIN 2013-09-12 09:38:47 ----D---- C:\Windows\Temp 2013-09-11 17:45:17 ----D---- C:\rsit 2013-09-11 17:45:17 ----D---- C:\Program Files\trend micro 2013-08-15 12:17:46 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-15 12:17:45 ----A---- C:\Windows\system32\ieui.dll 2013-08-15 12:17:44 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-15 12:17:44 ----A---- C:\Windows\system32\iesetup.dll 2013-08-15 12:17:44 ----A---- C:\Windows\system32\iernonce.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-15 12:17:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 12:17:43 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-15 12:17:43 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-15 12:17:42 ----A---- C:\Windows\system32\iertutil.dll 2013-08-15 12:17:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-15 12:17:40 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-15 12:17:40 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-15 12:17:40 ----A---- C:\Windows\system32\jscript.dll 2013-08-15 12:17:39 ----A---- C:\Windows\system32\jscript9.dll 2013-08-15 12:17:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-15 12:17:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-15 12:17:37 ----A---- C:\Windows\system32\urlmon.dll 2013-08-15 12:17:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-15 12:17:36 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-15 12:17:35 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-15 12:17:35 ----A---- C:\Windows\system32\wininet.dll 2013-08-15 12:17:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-15 12:17:32 ----A---- C:\Windows\system32\ieframe.dll 2013-08-15 12:17:31 ----A---- C:\Windows\system32\mshtml.dll 2013-08-15 12:17:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-15 12:05:35 ----D---- C:\Windows\system32\MRT 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-15 08:55:24 ----A---- C:\Windows\system32\wintrust.dll 2013-08-15 08:55:24 ----A---- C:\Windows\system32\crypt32.dll 2013-08-15 08:55:23 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-15 08:55:23 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-15 08:55:23 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-15 08:55:17 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-15 08:55:17 ----A---- C:\Windows\system32\tzres.dll 2013-08-15 08:55:12 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-15 08:55:11 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-15 08:55:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-15 08:55:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-08-15 08:55:10 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-15 08:55:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-08-15 08:55:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-08-15 08:55:08 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-08-15 08:55:08 ----A---- C:\Windows\system32\ntdll.dll 2013-08-15 08:55:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-08-15 08:55:07 ----A---- C:\Windows\system32\wow64.dll 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\user.exe 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-08-15 08:55:04 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-15 08:55:03 ----A---- C:\Windows\system32\drivers\tcpip.sys ======List of files/folders modified in the last 1 month====== 2013-09-12 15:07:24 ----D---- C:\Windows\SysWOW64 2013-09-12 15:07:24 ----AD---- C:\Windows 2013-09-12 15:00:14 ----A---- C:\Windows\SYSWOW64\log.txt 2013-09-12 12:05:43 ----D---- C:\Windows\system32\config 2013-09-12 10:54:48 ----SHD---- C:\System Volume Information 2013-09-12 09:33:57 ----D---- C:\Windows\system32\Tasks 2013-09-12 09:33:52 ----HD---- C:\ProgramData 2013-09-12 09:33:50 ----RD---- C:\Program Files (x86) 2013-09-12 09:33:43 ----RD---- C:\Program Files 2013-09-12 09:33:42 ----D---- C:\Program Files (x86)\Common Files 2013-09-11 19:43:53 ----SHD---- C:\Windows\Installer 2013-09-11 19:43:53 ----HD---- C:\Config.Msi 2013-09-11 19:43:50 ----D---- C:\Windows\Prefetch 2013-09-11 08:08:27 ----D---- C:\Windows\system32\catroot2 2013-09-10 21:37:27 ----D---- C:\Windows\inf 2013-09-10 21:29:38 ----D---- C:\Windows\Tasks 2013-09-10 21:29:36 ----D---- C:\Windows\system32\wfp 2013-09-10 21:29:31 ----D---- C:\Windows\system32\wbem 2013-09-10 21:28:54 ----D---- C:\Windows\system32\DriverStore 2013-09-10 21:28:53 ----D---- C:\Windows\system32\CodeIntegrity 2013-09-10 21:28:51 ----D---- C:\Windows\registration 2013-09-10 10:50:51 ----D---- C:\Windows\System32 2013-09-10 10:50:50 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-10 10:50:49 ----D---- C:\Program Files\iTunes 2013-09-10 10:50:47 ----D---- C:\Program Files (x86)\iTunes 2013-09-10 10:50:28 ----D---- C:\Program Files\iPod 2013-09-09 17:39:49 ----D---- C:\Windows\system32\catroot 2013-09-09 14:42:08 ----D---- C:\Program Files\Microsoft Security Client 2013-09-09 14:41:52 ----D---- C:\Windows\system32\drivers 2013-09-09 14:41:51 ----D---- C:\Program Files (x86)\Microsoft Security Client 2013-09-09 12:25:07 ----D---- C:\ProgramData\Microsoft Help 2013-09-09 08:43:58 ----D---- C:\Windows\Panther 2013-09-09 08:43:58 ----D---- C:\Windows\ModemLogs 2013-09-09 08:43:57 ----D---- C:\Windows\debug 2013-09-08 17:48:26 ----D---- C:\Windows\system32\drivers\UMDF 2013-09-08 17:48:26 ----D---- C:\Windows\AppCompat 2013-09-08 17:48:18 ----D---- C:\Program Files (x86)\PokerStars.EU 2013-09-08 17:46:10 ----RHD---- C:\MSOCache 2013-08-25 14:01:51 ----D---- C:\Users\Acer\AppData\Roaming\PC Suite 2013-08-15 15:15:06 ----D---- C:\Users\Acer\AppData\Roaming\Belastingdienst 2013-08-15 14:00:58 ----D---- C:\Windows\rescache 2013-08-15 13:06:49 ----D---- C:\Windows\Microsoft.NET 2013-08-15 13:06:48 ----RSD---- C:\Windows\assembly 2013-08-15 12:26:32 ----D---- C:\Windows\winsxs 2013-08-15 12:24:09 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-15 12:24:09 ----D---- C:\Windows\system32\nl-NL 2013-08-15 12:24:09 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-15 12:24:08 ----D---- C:\Windows\AppPatch 2013-08-15 12:24:08 ----D---- C:\Program Files\Internet Explorer 2013-08-15 12:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-15 12:05:25 ----A---- C:\Windows\system32\MRT.exe 2013-08-13 19:05:50 ----A---- C:\Windows\NeroDigital.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/12/19 20:58:07]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616] R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-12 2229608] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328] R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-29 18432] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-29 17408] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-06-10 40448] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136] S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112] S3 PCDSRVC{D1725DDC-01E99333-06020101}_0;PCDSRVC{D1725DDC-01E99333-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\ejcvpotesvv7\pcdrdiag\bin\pcdsrvc_x64.pkms [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216] S3 USB28xxBGA;USB 2861 Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2011-03-06 683136] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2011-03-06 1189504] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-18 247152] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-10 136176] S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-04-19 161384] S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-10 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-28 182768] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2010-04-02 73728] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-17 1255736] S4 DPService;DPService; C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe [] -----------------EOF-----------------

Beste Jion, Volgens mij is het gelukt en het andere probleem ook. Mijn dank. Ga direct een herstelpunt maken. Mocht het weer voorkomen kan ik dan dezelfde ziprun weer uitvoeren? gr Gerard

Het wordt wel heel ingewikkeld. Is dit allemaal nodig om de onderstreepte woorden die een reclame weergeven op te lossen? groet

Hoi iEscape, Ik heb Office 2010 (Illegaal) maar ik heb hier geen problemen mee en ook niet gehad. Werkt al 2 jaar prima.

Ik heb de log gekopieerd kan je hier wat mee? groet Logfile of random's system information tool 1.09 (written by random/random) Run by Acer at 2013-09-11 18:02:30 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 238 GB (80%) free of 297 GB Total RAM: 3957 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:02:32, on 11-9-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16660) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Acer.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Certified-Toolbar Search= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Certified-Toolbar Search= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = Certified-Toolbar Search= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Certified-Toolbar Search= R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Certified-Toolbar Search= R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = {searchTerms} - (1) R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Certified-Toolbar Search= R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Acer\AppData\Roaming\Complitly\Complitly.dll O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH0.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL O2 - BHO: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Acer\AppData\Roaming\HomeTab\HomeTab.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH0.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O3 - Toolbar: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Acer\AppData\Roaming\HomeTab\HomeTab.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Acer\Desktop\PartyPoker.lnk O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Acer\Desktop\PartyPoker.lnk O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} (iCloud Web App Plugin) - https://www.icloud.com/system/iCloud.cab O16 - DPF: {9E858349-A287-4D37-8C27-034330E160F9} (MijnAlbum Album Upload Software Control Control) - http://www.mijnalbum.nl/v3/skinsrc/core/system/aus8.0.35/Uploader8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Users\Acer\AppData\Local\DProtect\eBP.dll,C:\Users\Acer\AppData\Local\DProtect\eBPSD.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19797 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "c:\Program Files\Microsoft Security Client\MsMpEng.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\LSI SoftModem\agr64svc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" C:\Windows\System32\svchost.exe -k HPZ12 "C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" C:\Windows\system32\svchost.exe -k HPService "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "c:\Program Files\Microsoft Security Client\NisSrv.exe" C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding "C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\PLFSetI.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe" "C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" {8A694C6A-6A70-481F-B3D9-03480E6AD48A} "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart 3200 series#1324569618" -Startup {E28A6491-8081-400D-9ADC-A786736FA5F9} "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe" "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" "C:\Program Files\Internet Explorer\iexplore.exe" Windows 7 woorden worden onderstreept en geeft hinderlijke reclame "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4784 CREDAT:209921 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2668737801-3381503766-2512015713-100055_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2668737801-3381503766-2512015713-100055 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524 "C:\Users\Acer\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] Complitly - C:\Users\Acer\AppData\Roaming\Complitly\64\Complitly64.dll [2012-05-21 169688] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}] SearchCore for Browsers - C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\BROWSE~1.DLL [2011-10-02 118168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-28 346736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-12-28 318960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-08-02 336904] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] Complitly - C:\Users\Acer\AppData\Roaming\Complitly\Complitly.dll [2012-05-21 140280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e}] NCH EN Toolbar - C:\Program Files (x86)\NCH_EN\prxtbNCH0.dll [2013-07-17 226592] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-12 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}] SearchCore for Browsers - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL [2011-10-02 101272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41}] HomeTab - C:\Users\Acer\AppData\Roaming\HomeTab\HomeTab.dll [2013-09-02 1071464] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-28 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-12-28 761840] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2011-12-28 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-12 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-08-02 277512] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-01-19 194848] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2011-12-28 346736] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-28 256112] {37483b40-c254-4a72-bda4-22ee90182c1e} - NCH EN Toolbar - C:\Program Files (x86)\NCH_EN\prxtbNCH0.dll [2013-07-17 226592] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928] {ae07101b-46d4-4a98-af68-0333ea26e113} {9fdfb66c-713b-4201-83a6-5b78ae227b41} - HomeTab - C:\Users\Acer\AppData\Roaming\HomeTab\HomeTab.dll [2013-09-02 1071464] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-29 8312352] "PLFSetI"=C:\Windows\PLFSetI.exe [2010-06-09 206208] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472] "Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-02-26 818720] "AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-06-10 324608] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 1356240] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2013-09-02 829392] "iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-04-05 59720] "Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-12 116648] ""= [] "NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-06-29 265984] "Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928] "SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-05-27 337264] "EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-03-11 201584] "EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-10 98304] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736] "ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-29 419112] "PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2010-01-18 181480] "hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528] "HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10 49208] ""= [] "Reader Library Launcher"=C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [2010-07-13 906648] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "VIDC.ACDV"=ACDV.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-09-11 17:45:17 ----D---- C:\rsit 2013-09-11 17:45:17 ----D---- C:\Program Files\trend micro 2013-09-10 10:39:09 ----A---- C:\Windows\Launcher.exe 2013-09-09 13:45:27 ----D---- C:\ProgramData\eSafe 2013-08-27 16:17:09 ----D---- C:\SoloApp 2013-08-27 16:16:41 ----D---- C:\Users\Acer\AppData\Roaming\SimplyTech 2013-08-27 16:16:38 ----D---- C:\Users\Acer\AppData\Roaming\HomeTab 2013-08-27 16:16:38 ----D---- C:\Program Files (x86)\HomeTab 2013-08-15 12:17:46 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-08-15 12:17:45 ----A---- C:\Windows\system32\ieui.dll 2013-08-15 12:17:44 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-08-15 12:17:44 ----A---- C:\Windows\system32\iesetup.dll 2013-08-15 12:17:44 ----A---- C:\Windows\system32\iernonce.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-08-15 12:17:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-08-15 12:17:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-08-15 12:17:43 ----A---- C:\Windows\system32\iesysprep.dll 2013-08-15 12:17:43 ----A---- C:\Windows\system32\ie4uinit.exe 2013-08-15 12:17:42 ----A---- C:\Windows\system32\iertutil.dll 2013-08-15 12:17:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-08-15 12:17:40 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-08-15 12:17:40 ----A---- C:\Windows\system32\msfeeds.dll 2013-08-15 12:17:40 ----A---- C:\Windows\system32\jscript.dll 2013-08-15 12:17:39 ----A---- C:\Windows\system32\jscript9.dll 2013-08-15 12:17:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-08-15 12:17:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-08-15 12:17:37 ----A---- C:\Windows\system32\urlmon.dll 2013-08-15 12:17:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-08-15 12:17:36 ----A---- C:\Windows\system32\jsproxy.dll 2013-08-15 12:17:35 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-08-15 12:17:35 ----A---- C:\Windows\system32\wininet.dll 2013-08-15 12:17:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-08-15 12:17:32 ----A---- C:\Windows\system32\ieframe.dll 2013-08-15 12:17:31 ----A---- C:\Windows\system32\mshtml.dll 2013-08-15 12:17:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-08-15 12:05:35 ----D---- C:\Windows\system32\MRT 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2013-08-15 08:55:24 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2013-08-15 08:55:24 ----A---- C:\Windows\system32\wintrust.dll 2013-08-15 08:55:24 ----A---- C:\Windows\system32\crypt32.dll 2013-08-15 08:55:23 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2013-08-15 08:55:23 ----A---- C:\Windows\system32\cryptsvc.dll 2013-08-15 08:55:23 ----A---- C:\Windows\system32\cryptnet.dll 2013-08-15 08:55:17 ----A---- C:\Windows\SYSWOW64\tzres.dll 2013-08-15 08:55:17 ----A---- C:\Windows\system32\tzres.dll 2013-08-15 08:55:12 ----A---- C:\Windows\system32\WMVDECOD.DLL 2013-08-15 08:55:11 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2013-08-15 08:55:10 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2013-08-15 08:55:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-08-15 08:55:10 ----A---- C:\Windows\system32\rpcrt4.dll 2013-08-15 08:55:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-08-15 08:55:08 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-08-15 08:55:08 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-08-15 08:55:08 ----A---- C:\Windows\system32\ntdll.dll 2013-08-15 08:55:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-08-15 08:55:07 ----A---- C:\Windows\system32\wow64.dll 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\user.exe 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-08-15 08:55:05 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-08-15 08:55:04 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2013-08-15 08:55:03 ----A---- C:\Windows\system32\drivers\tcpip.sys ======List of files/folders modified in the last 1 month====== 2013-09-11 17:46:38 ----D---- C:\Windows\Prefetch 2013-09-11 17:45:21 ----D---- C:\Windows\Temp 2013-09-11 17:45:17 ----RD---- C:\Program Files 2013-09-11 12:40:51 ----A---- C:\Windows\SYSWOW64\log.txt 2013-09-11 12:39:58 ----D---- C:\Windows\system32\config 2013-09-11 09:02:23 ----SHD---- C:\System Volume Information 2013-09-11 08:08:27 ----D---- C:\Windows\system32\catroot2 2013-09-10 21:37:27 ----D---- C:\Windows\inf 2013-09-10 21:37:07 ----AD---- C:\Windows 2013-09-10 21:29:38 ----D---- C:\Windows\Tasks 2013-09-10 21:29:36 ----D---- C:\Windows\system32\wfp 2013-09-10 21:29:31 ----D---- C:\Windows\system32\wbem 2013-09-10 21:28:54 ----D---- C:\Windows\SysWOW64 2013-09-10 21:28:54 ----D---- C:\Windows\system32\DriverStore 2013-09-10 21:28:53 ----D---- C:\Windows\system32\CodeIntegrity 2013-09-10 21:28:51 ----D---- C:\Windows\registration 2013-09-10 10:51:05 ----SHD---- C:\Windows\Installer 2013-09-10 10:51:05 ----HD---- C:\Config.Msi 2013-09-10 10:50:51 ----D---- C:\Windows\System32 2013-09-10 10:50:50 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-10 10:50:49 ----D---- C:\Program Files\iTunes 2013-09-10 10:50:47 ----D---- C:\Program Files (x86)\iTunes 2013-09-10 10:50:28 ----D---- C:\Program Files\iPod 2013-09-10 10:39:12 ----D---- C:\Windows\system32\Tasks 2013-09-10 10:38:12 ----D---- C:\Users\Acer\AppData\Roaming\Complitly 2013-09-09 17:39:49 ----D---- C:\Windows\system32\catroot 2013-09-09 14:42:08 ----D---- C:\Program Files\Microsoft Security Client 2013-09-09 14:41:52 ----D---- C:\Windows\system32\drivers 2013-09-09 14:41:51 ----D---- C:\Program Files (x86)\Microsoft Security Client 2013-09-09 13:57:41 ----D---- C:\Program Files (x86)\NCH Software 2013-09-09 13:56:37 ----RD---- C:\Program Files (x86) 2013-09-09 13:49:44 ----D---- C:\Program Files (x86)\NCH_EN 2013-09-09 13:45:27 ----HD---- C:\ProgramData 2013-09-09 12:25:07 ----D---- C:\ProgramData\Microsoft Help 2013-09-09 08:43:58 ----D---- C:\Windows\Panther 2013-09-09 08:43:58 ----D---- C:\Windows\ModemLogs 2013-09-09 08:43:57 ----D---- C:\Windows\debug 2013-09-08 17:48:26 ----D---- C:\Windows\system32\drivers\UMDF 2013-09-08 17:48:26 ----D---- C:\Windows\AppCompat 2013-09-08 17:48:18 ----D---- C:\Program Files (x86)\PokerStars.EU 2013-09-08 17:48:13 ----D---- C:\Program Files (x86)\Common Files 2013-09-08 17:46:10 ----RHD---- C:\MSOCache 2013-08-25 14:01:51 ----D---- C:\Users\Acer\AppData\Roaming\PC Suite 2013-08-15 15:15:06 ----D---- C:\Users\Acer\AppData\Roaming\Belastingdienst 2013-08-15 14:00:58 ----D---- C:\Windows\rescache 2013-08-15 13:06:49 ----D---- C:\Windows\Microsoft.NET 2013-08-15 13:06:48 ----RSD---- C:\Windows\assembly 2013-08-15 12:26:32 ----D---- C:\Windows\winsxs 2013-08-15 12:24:09 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-08-15 12:24:09 ----D---- C:\Windows\system32\nl-NL 2013-08-15 12:24:09 ----D---- C:\Program Files (x86)\Internet Explorer 2013-08-15 12:24:08 ----D---- C:\Windows\AppPatch 2013-08-15 12:24:08 ----D---- C:\Program Files\Internet Explorer 2013-08-15 12:14:55 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-08-15 12:05:25 ----A---- C:\Windows\system32\MRT.exe 2013-08-13 19:05:50 ----A---- C:\Windows\NeroDigital.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-03 540696] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 247216] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/12/19 20:58:07]; \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 146928] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 139616] R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-08-13 1209856] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-12 2229608] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-10 6179328] R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-29 18432] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-06-25 205472] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-29 17408] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2010-06-10 40448] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328] S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232] S3 E1G60;Intel® PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792] S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416] S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136] S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800] S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112] S3 PCDSRVC{D1725DDC-01E99333-06020101}_0;PCDSRVC{D1725DDC-01E99333-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\ejcvpotesvv7\pcdrdiag\bin\pcdsrvc_x64.pkms [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920] S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216] S3 USB28xxBGA;USB 2861 Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2011-03-06 683136] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2011-03-06 1189504] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640] R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-10 202752] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-03 268824] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 23808] R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-18 247152] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352] R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-06-20 366600] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-10 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-04-19 161384] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-10 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-12-28 182768] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 50899608] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2010-04-02 73728] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-17 1255736] S4 DPService;DPService; C:\Users\Acer\AppData\Local\DProtect\DProtectSvc.exe [2013-09-09 342592] S4 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-09-09 825920] -----------------EOF-----------------

Geachte lezer, Vaak worden op bezoek op de meeste Site's woorden onderstreept en wanneer ik daar met de cursor op ga staan krijg ik reclame te zien. Is dit aan te passen en te zorgen dat de woorden niet meer onderstreept worden? mvg

Geachte Lezers, Tijdens het opstarten van mijn Acer Laptop komt de volgende tekst in beeld wat ik wel weg kan klikken. Protected: Toe te voegen waarde ligt buiten de reeks Parameternaam: Value Mijn vraag is, wat is de oorzaak van deze tekst en hoe kan ik dit oplossen zodat het niet meer verschijnt. Gaarne reacties Gerard