ilssxx

dit is het logje dat ik kreeg: Zoek.exe v5.0.0.0 Updated 03-February-2015 Tool run by Gebruiker on wo 04-02-2015 at 17:32:55,42. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 4-2-2015 17:37:57 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Registration Acer ScreenSaver Acer VCM Acrobat.com Adobe AIR Adobe Flash Player 16 ActiveX Adobe Reader 9.1 MUI Apple Application Support Apple Mobile Device Support Apple Software Update Backup Manager Advance Bonjour Broadcom Gigabit NetLink Controller D3DX10 DesktopDock eSobi v2 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Google+ Auto Backup Identity Card Intel® Graphics Media Accelerator Driver Intel® Management Engine Components Intel® Rapid Storage Technology InterVideo WinDVD 8 iTunes Junk Mail filter update Launch Manager McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mobile Partner MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norman Security Suite Norton Online Backup NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Picasa 3 Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition Synaptics Pointing Device Driver Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files\Norman\npm\bin\nfservice.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Program Files\Norman\Ngs\Bin\Nprosec.exe C:\Program Files\Norman\Npm\Bin\nwscmon.exe C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Program Files\Norman\Npm\Bin\Njeeves2.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files\Norman\nig\bin\nigsvc32.exe C:\Program Files\Norman\nig\bin\niguser.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Users\Gebruiker\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McComponentHostService deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\MediaPlayersvideos 1.1 deleted C:\PROGRA~3\boost_interprocess deleted C:\Users\Gebruiker\AppData\Local\Desktop_Dock deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\fastplayer deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job deleted C:\Windows\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1 deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11 deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3 deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4 deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5 deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user deleted C:\windows\SysNative\Tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7 deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" deleted "C:\Program Files\McAfee Security Scan" not deleted "C:\PROGRA~2\81d7a982-4aaa-4bc3-9960-778fea6821ac" deleted "C:\Program Files\McAfee Security Scan\3.8.150" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 1783 MB CPU Info: Intel® Pentium® CPU P6100 @ 2.00GHz CPU Speed: 2007.1 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel® HD Graphics | Intel® HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Atheros AR5B97 Wireless Network Adapter | Broadcom NetLink Gigabit Ethernet CD / DVD Drives: 1x (D: | ) D: Optiarc DVD RW AD-7585H Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 219.8GB Hard Disks - Free: C: 150.5GB Manufacturer *: Acer BIOS Info: AT/AT COMPATIBLE | 08/10/10 | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer TravelMate 5740Z Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: Norman Security Suite Anti-Virus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norman Security Suite Anti-Spyware disabled (Outdated) Internet Explorer Version: 11.0.9600.17501 Google Chrome version: 40.0.2214.94 Adobe Reader version: 9.1.0.2009022700 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-02-04 16:22:42 9AD1DF7608C28285AC547618A1045B2B 187 ----a-w- C:\Windows\SysWOW64\erbl.bin ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-01-15 11:22:50 AE3334958D8F631FF14A0AEB3D7EFB3A 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2015-01-15 11:07:10 E95019FE1BE2A04BC98629EC8ABE410E 133152 ----a-w- C:\Windows\Sysnative\drivers\ale7_nf64.sys 2015-01-15 11:07:10 4F9D591D5616099F807F99D5AF63F2C0 123888 ----a-w- C:\Windows\Sysnative\drivers\ale7_nf.sys 2015-01-15 11:07:10 47197E05B0346121D598010AAAD6DF67 120792 ----a-w- C:\Windows\Sysnative\drivers\ale_nf.sys 2015-01-15 11:07:09 EAE239E3A7036FF7C58CE388DD86B4BB 130080 ----a-w- C:\Windows\Sysnative\drivers\ale_nf64.sys 2015-01-15 11:07:09 0DEA0278EC151D34A555760652959A41 461120 ----a-w- C:\Windows\Sysnative\drivers\tdi_nf.sys ====== C:\Windows\Tasks ====== 2015-02-04 16:12:24 625F006099D62E28DDB8167AA476E9CF 3152 ----a-w- C:\Windows\Sysnative\Tasks\{48FB454E-2F4F-4E99-8DEE-41257CE93530} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-02-03 18:46:50 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-02-03 18:40:23 -------- d-----w- C:\PROGRA~2\trend micro ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2015-02-03 18:46:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-02-03 18:39:41 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe ====== C: exe-files == 2015-02-04 16:07:15 DB36F70844AE357ADA13CCC2228A3222 332064 ----a-w- C:\Program Files\Norman\Nig\bin\niguser.exe 2015-02-04 16:07:15 90A3D302F4646BECEE1614DC83E80F9A 546312 ----a-w- C:\Program Files\Norman\Nig\bin\nadvtool.exe 2015-02-04 16:07:15 75FF47628FA83CDE1A862A6ACA306707 85448 ----a-w- C:\Program Files\Norman\Nig\bin\nadvscan.exe 2015-02-04 16:07:15 6A1AC256ACB21D8C6547FC1690394CC5 595176 ----a-w- C:\Program Files\Norman\Nig\bin\nigsvc32.exe 2015-02-03 18:46:51 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2015-02-03 18:46:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-02-03 18:40:26 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files (x86)\trend micro\Gebruiker.exe 2015-02-03 18:39:41 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Gebruiker\Downloads\RSIT.exe 2015-02-02 18:12:32 AF2AD293EFDBACD74E90B3931EC53725 7342160 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.94\40.0.2214.94_39.0.2171.99_chrome_updater.exe === C: other files == 2015-02-04 15:49:23 5EBB53736F500209046BE9196CBED93A 5264429 ----a-w- C:\Users\Gebruiker\Downloads\YE picture.zip 2015-02-03 18:08:53 D39FF779D0EECFFFF10591A2DBA090B3 6877 ----a-w- C:\Users\Gebruiker\Downloads\Outlook.com.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3669598781-1707341706-770349030-1000\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "PLFSetI"="C:\Windows\PLFSetI.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2010-05-12 12:21:09 1782 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk 2014-12-01 14:30:42 1072 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26-01-2015 22:58] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 12:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27-10-2014 12:07] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.94 (Up to date, latest Stable version: 40.0.2214.94) YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL439NL439" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52 O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe O23 - Service: Norman Intrusion Guard (NIG) - Norman Safeground AS - C:\Program Files\Norman\nig\bin\nigsvc32.exe O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=73 folders=15 21296711 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\McAfee Security Scan" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YK2EEC45\games2.spele.nl" not found "C:\Users\Gebruiker\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YK2EEC45\www.globespotter.nl" not found ==== EOF on wo 04-02-2015 at 18:04:18,68 ======================

Zoek.exe v5.0.0.0 Updated 03-February-2015 Tool run by Gebruiker on wo 04-02-2015 at 17:32:55,42. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used] ===== Runcheck 17:36:50,71 ===== --- Create Environment Variables 17:36:52,30 --- Create System Restore Point 17:37:02,46

sorry, had 32 gedaan maar moest 64, dit is de goede; Logfile of random's system information tool 1.10 (written by random/random) Run by Gebruiker at 2015-02-03 19:46:50 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 154 GB (68%) free of 225 GB Total RAM: 1783 MB (22% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:46:55, on 3-2-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Windows\PLFSetI.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52 O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13566 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe "C:\Program Files\Norman\npm\bin\nfservice.exe" "C:\Program Files\Norman\nse\bin\nseupdatesvc.exe" "C:\Program Files\Norman\nvc\bin\nvcsvc.exe" "C:\Program Files\Norman\Npm\Bin\Nvoy.exe" "C:\Program Files\Norman\Ngs\Bin\Nnf.exe" "C:\Program Files\Norman\Ngs\Bin\Nprosec.exe" "C:\Program Files\Norman\Npm\Bin\nwscmon.exe" C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\Norman\Npm\Bin\Zanda.exe" C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Launch Manager\dsiwmis.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Acer\Registration\GREGsvc.exe" "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe" "C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" "C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "taskhost.exe" WLIDSvcM.exe 2284 "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\system32\igfxsrvc.exe -Embedding "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\PLFSetI.exe" "C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe" C:\Windows\system32\igfxext.exe -Embedding C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe" "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Launch Manager\LManager.exe" "C:\Program Files\Norman\Npm\Bin\zlh.exe" /LOAD /SPLASH C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files\Norman\Npm\Bin\zlhh.exe" /LOAD /NOSPLASH "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe" "C:\Program Files (x86)\Launch Manager\LMworker.exe" "C:\Program Files\Norman\Npm\Bin\scheduler.exe" "C:\Program Files\Norman\Npm\Bin\Njeeves2.exe" "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Windows Media Player\wmpnetwk.exe" "taskhost.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3616.0.573647074\1607779941" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,39 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2104 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.5.1510707224\1876757486" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.8.1432194602\1240662563" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SHA1ToolbarUIJune2016/Warning/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_35/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-accelerated-video-decode --channel="3616.17.1720419564\1600921293" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3616.19.2123103934\962073992" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702 C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\sppsvc.exe "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe14_ Global\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520 "C:\Users\Gebruiker\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\MediaPlayersvideos 1.1-codedownloader.exe /rawdata=NhTCOcuCSgj3INL1wd2u9xHJ7Drk9S0C2RZxMeaeEdfkzLRA5jIafhN1D8GEeQZfq+2lU7hwZypYR2SkmQAUBYcIM+DIVSpeJPk6N8JlhnQgnLBbu+4eBVY2NaHWetyvWf51FBN6/bkg3/twULK4t7ahXtJvlH+CTgxuhKIADEl1NmnaOitVtmKuGmymLxHsf+9WyzzAOlT7piJRmYTNLkmqwGqBA3wapMZoKVg50mseO0cYebx3apn8BL/oZUqR7GsmEjwltRx1GMcceAPw9+mZVeQu1HunrNjLRha+REQAC5qBhS10mh/onAz+e+USPoMxD8u8GwaDKmBRaeFNyBUpAQswWQzyNZ/tSwc5tZGIpUj8Vyz41nEZbJ3RXm9DqvFWUE0eJXnIugKzBu4V2VW9C88LWf0CXvI7QQCaOWjb2Rle35R/RBwyq9nGAkSMFDaY5ScO+QAHYcx4ItnqiZJpFiWK9m9TsWBbapSak9xNmtxhQ2OT4hCB4KkQMCppLdrUpaJghAPeTT69ysXcAHUznmt0r3lP3amOpWfYcQ31Jkp5BODCHmtoOms4dstP60wRqfTdgZXHAaDHWAP7S5SSKqZbadqWh7JllkQklmW2GyY1T+dm2rG/MOAjREQlKMSAMna4lkfmdfLne1/4GPMv5M0NvB0VwbFicvLiVi8zbr8LBX2+sB2MdiADHykMBSkje8bCp+k1EMhMgE2cwp7denmxmnmxfOiqiLPlT3FpKHcaoxzl19+wdgT16OXodvF/n8obC+OOxgfuMAZh5CT6pR3UyGIwuGrqN9JK46/wtbAZiJ1cbzTTVJ+41PAth0ASsEuwiBuxHRSOm6ExbIAUsyqdlzHqgckUmp3t9PxSoQRGNy5VQU3vlN4IuhHe1IgneivxqTXuHmQWsXFiMsveBwF02z4hCUOFBOUcEJU9AfMw87BgbhcZ+1I/FVN3JUG9yXfOaha1j8CISWNikBoFHzeYuctJNS3HDJFYkwQ7PrEo0f89MFOZ9hVk2Ntxx/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeESXO3yeWFw0PRljIOO2UdlZJ7c9MyxL2loxfaaUKVy4n1SKwZWoGD+JGbyFvLwdv+WfFDbRzQD9oP7pE2HUbNF5ws9CJj4WrI/ze1H1CmI8s2DrvygMAb588D/gjaNZDmjDxmB+H8Gn9g4D68bkxJL15mkAnJtmyWeuwlEJwsvXKFrdguSTzNc4ZG6esWiCQVcTPHyGP6VG6nIyNST7NPeaDh3Wub2/Vlu1WxlJWsDwdIEKsUfcr46qS5lpJXZ3np4DHR2N9y/92aksNFo9hN5ytQp1n+UqrbvFg0Oq+l64GZPllvZ41vZ/kcS170JIeSnRTfMRRy48PSpKzVuKJb7r C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-11.exe /rawdata=SfTelymPLKjQeInjPjHMVB8adOPlTqfh+BrWuFvREvb7E3F982S0Z1QCi8/MdHZW6Epj/yBFwLTM+h6UKjMnokp5goTZ4oBYeWflvDvyIc33rhCM/8u27JrkKvxSg+gTdU506c5mh81RNecqMh1/72v/nQ/kfm0VuJZop4yCYzRkNPaELKGl6zfSOG7/4iNm4ujaLvkxsg3l1rLFc/FrqrkQaZOrYxRpkPKvxr3nxrQjTSuNbGuwc4735EG9mDHn8QrkNDXx0Q3cVadCC8PNQv+bd/EslWBOk4mtroCFvpum4hVY0qd+53+7HSsi7vKlIT0eo4qCd1GyNiXqrJdIqID0IBmgecbGGMPq1iXe9krkwf1WlKoxAIxU3lbCfdrrkdh5UqIPO1N/1IVjof/hmkicGG6LHlO0wDVzuYLQPwHSUZT9SFLYqnCgTneAjP7EqBHHz3m4Job+NV+JkEB/IXuXYmSakfL5Bbxc6oyODx+atqrLd7PsYNa2hyAOMQxun2CoSoo09gWxrh7pQZcPrHrsAw+R2BFo7LDFmaw91lU+p6L1r8W1tWv1J3FQwOXXs0u+TqZ3f/Mz6qS98Y5JJTgFiVdmOyXfLGVjTlnGwKe6ARx/QXRT6xyovdasebUHfSskrFvUxRe8EFX/kxaF9vHhAn+tjScHwqmhFBkV2b/HU/SUOunBDv1IQxKA9zQZ9ksxeSdwqLikF64fIqvsYTXE7f/BgsJVxV4AmQKq3Li3IaNb7FQeUeUp1prgycFpJBrOaWvt5G1RI2cg+UobhXY+eAGeuH9n/c8Sr3xQkZNK/aZCKc7Z2QxgX7aIUY0rWX2dV3xrSZzEKh+4ckfL7mh61F8g/KBvWoP/MjF+CQTokEV2YhOV/QMMpYDD30H7l1FmiA+OUuqaCqefqXYlfviNbwiGpm1Hf1sjqwPZrg8ZNHlLatTv7e1xCnijoeHzFahQjThLW+jc9fUvsLjNmZiNuVkuvgeBhJsxP7U7n1CZUMJYyhQaPDC/84x5ThxpcC7H49l4zirf7rv7V3IbnU21UvFyqUjFuqbdNtQkZYqwqIQ4SL30X1DqNBEkZZw52JIHcqso8eWAdSGH3iTqQbRIjE5Q0Fo3QJmITIZpOP+meuuWaWnVMKMOHGzoaIk29V6xNewiQq+VRc2nuAY6DZPGaqm4QkJ0Yxmh77Y8QbGTU0SZssZJK9ySk/fDppTFsLdW2BSQu+ld1KenFlsYc2I7CNRCs5jtz3nsqAQBrcVMYjOdG9gqnUS+Uu07fjnBhCyGSVDdS7n8ZwC+BLMr15b/pyFhZl2PykSFxI/Mn0mbKRDTIvAXqZ+cNJfVyeKHFQJhRWYoi++mZO9mhB3Wc2FgAIilIg2zw+/SVNaQBFSKBPT6tEMamnLxltBxzohzhJOwOfTlrweL39uY2EgibteIYuv+JjpDqPXOR8770VwJt8nabs9m3RyeoDnSvoBc7G5Pxydx9lkQ1FXkuSPuo5Ncedq62buJ165WjNUis7BMc97th88DhtTfOc0Z2IgSQ0lCOH33UVuGuJNnVOrHNsKjjhryS6KBJ/W3N8xOfpGKL4TfS3BYRU3Cm4NdLhW78qJzF7HjD9ZwMOsPLfT9pqrwFbdUCsxUZ4GQY9kXt/1WihLlqquIGfEJSNB+q0nwzBWJnXzwUoiSSAuA7pKfhjBE5aMyp1ueetChK0Bv5TCpo+lyOHyWY7IoQ0Hznv5dmwFrzmhiVEHH1iAavOOenNe+0tsrC1FGfNQsL7gooVFQLMJ+2XtJLhkyDILb57l5voPwb+j5MVa2F3vcbX3rJmEM29X06yor4s50X26NUNANZbP79nweTIqKFD8/Dvn9EJWc7psyl+xfXSNjlZdbrLTpthxOeV7iNLfXU5//VQlOgKbsq5kEMWeDRiAgxCaf4Y+cS+T4RTVeUlka4imJXGjvtZA4Kdj/kcTph2FdGIi/SYSdfNQ95YZn+EMuFCZuXsHg2/L00nEYzG9k1lLIxa6jgrLShHARiwC/PiIm9nQLkDaK6M9LMhqU6djuxQ5ZcyLqVwcjNZQhZjAKEG+W2YEPoh8udeYJUdwGZzhiY7c8PLBHMfvLnv9xCO7thw+vqMGEcCdZLZyKdHnQVhEY+YXThmyab/CrNZpwNU/urb3bEuAq+DUecnX6ODske+MLnyrYR7Hlu8VxI9XbMEWZzjSkbvx8EHDobgzycEJb0wJDmWNJnm9noEQxNiBg5fhoHyX1j99rhE672W1Dt6D/pukU/Jo4PzPQ0dg+wSvL2WTsHKcd4ydHKnQHKWxHyHVtReIPBqQyj+7f5DBn46lNoNFUF+6Awimnyuxz7+hBS3AwgkR3vKn2wihOwfhgx3LWXBax960dprwOUTlbT65X5w== C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-3.exe /rawdata=hSt/Tjz1y+M5kCYLUIJEuIS8O1j3vDGXPfkJOW5fb8Rn3XMoUuKAdoHB1ogKiTAzWrO6mOpuO0Oh7b+Pp1RtDuixXHflSNdm1O4ZMxDNnIVA93KXhZ7ui9lomhh59vprkz4uRepesoj0aiK2em5+kOGK/MXEYuKhx2LW9f/t2n6VnuIhX++NMPadKbMWVe96R52d+iDHj6NWev56kOQKMd9otQ+wN+vMntM3ftS4meaXLTJX7aheb/iry7d7NRgrVCun0QUJuuI397T/TaObu66BkWKXSb1nYLtvRAXspsFTIY5TjlYc5rORNoJyHkJ4e9GPyAPD4f1Tmc5vjfLzI0SU4dZuXTjKk2kopKiRD/YMIyCqcpyrKr3JljbirYYF8kmlMh9qB5gIJN5WQZ09Hu9RxoSMH09Ga9bPWjyfnTLnvyuo/EN4sUxzq4u55f/NsEA1w+1E0YWviqk6QaraySJuPj8bszuCtkSd56yFKrLxQ5c0qrQVU8UjC3iEiKvwWaD0Bo+3gRTaZviO+0i0sa49OxMl11yt8/IG30smfP26nZxz+MdQaKjx0YVRF6WUgOMi37KjrFo7a8YLHc7hlq3tXpmGYTou5V8sogg7Wob2PAx0Dl5vj8kceJPOhILLmJKAqHpyMsSS6dde2ZHTmh0i+WxmYJ3Gp/zeUgh0IbZb7qNMEU1nKAFw/BFmO/oXFZocLgeu2FmJvPcpW6pHGBnkiyBDvboQS9Xaqp+MSFouCEv6Nbbm01fTu1npfrYi7eVhGYFFH8DFV+YkO2MHjlSdj93rwUQRx63uz02Idua7KA6dzQG3mVs8a+ysMFShwDj7Q0FNsWRSzeNnQYykIH8FQUV/XYsvInA5LzPgIddswaU7m3BAga1Jp5ml6PqEnvrUED8nao8hVhDdAHxNKFQ4l4Lpptq3GP4RG/riFwPuuAeZgHUeeo7hTZIkEPzDt0acjcCjY5Sub0z04vTgM7lLsmxXoHZuSbsVJao3RhRo5ljfu6U/zvEcqc80lXo5x/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeES0fL23FL0vJKb9BmL5yv4+Unm75fCO+0rXfX+8WQcLpeFQYEygkN5upiW0K3I3q6hxMiRHjrLQQ9evjCiUj7iPyienFicXIpgVLC8whB1QYb9IUpS8IxNkgzPZUzzdRzuwvctSeToYtCW3ojkrOZPuKualfgUzwN5EzdtF99dJCn3Y/JEjCv453ivihSY/8QvUDtaLa/2fNQNRY+UEW3O/QW4EepNBGhQBDAzIbpKUv0C40m16frnYiIuqf/Bpb+J7ZzdB6LNAtzFdugULV4IJj5X9c/cfjcBi6GO48RhxtHKlEJFFdo8+ns0hikFtQxP6B9F1/zqGo7oFcKiebRfUUx4TbqpXDVz82puqaEP0iam/E9o5X4ered1O/1plOxceMU+A07pIdOwrpb8zQfCpI6ZMu8S4mgbxpkM2isBntA6NndcTyyxESKv1zvrq8m/Pahk5MrJc0BxYrz5sOyfo62mj4rI6oRa0jdPFI8rsuCwia33Qt57Tgqruvn/uvhiXJArFFMlb4eHXl600PBVP2/3hXQ0cT6hQfsHApfT6vL7cC6qEBOtXOGanJY4Ke+wU7k9Q6fj4mY4yfSjeIZ5wv4ZMfm1b3r6GVZ6Pehs0O0cFv3HKKNEsQofkJrh3LQ59cz1ByBeiS/6Vf0SUx1yz4oEtsnhghyDCziLgLTExMzQn4lylFJLFTXsBRtReb/ERhTNSUXSA6CRg8oFUG98lx0tUoWMVjpauTmRajL4qt7FRE8Cdw7/5Fsn7RiZCOSeKzrogJKAiVb9SYzFzWBs6hjSAlNwtBmNw7urrj2tG+qewGTc73doXuwAPXb1/Lw/bj2qajIyjN6EIOuYimhF1 C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-4.exe /rawdata=s6pRoYZDl3U4Al9NZJlT0nxu3KEP9e6g8Smp2s2TUUF6JnCGmGJW9N9+J+rGOmDrUZuqTl2p9scy72mzyc1gBOspYfUu4iL7KFR8C+Jr+kXNLLBFhNbxTttecK6qE41qr83QaJTpIdfpWyIC53YZOu6d4TAvf6OiaKy1GRM0M1J4wymL3v85m+189lTuKe37FFtU9+XGc4pwLyv2JU8mEvOW+Bli4PtOfGGjxLm3F6LHG1IxWi4vCdILnduB3mT07XdTOhNZuYW9cm2jI36OCKd/b9jui9AmKeflDTKsN6i0+36zIIio+FbVIJ0Uyk8MiRuTzmmWW/HzA5FUadttwzpsKkQ1nh3pO5z2pUEgFmkUCx5Pk+xHY5LRe6LcahTRonWXyCpUlhDytB8Cd/A3RW9eg6QSJmI3QFu+lrUOX7RYtgfC/m4zA2YA5x0B0tJJgmLgX2irkwB8f1b9o3JpMdua/QarqQUUJLUcFMc+xAlbErG1Oe8AAVygEVDCKe7pwqg2T/5dVml0LJdz75BC9KIJGapDH/0oO6CsP1mJVVZjRaZ03zDzitreHnYpnsM+IzSFuLd/RFVo4DiLDMhpgiegpECDLQNHfvbRw4M+a/YctgHf6LbzarSVVHcRO0ohv9fUXC96Y6tvGkZNd8ZASUFNdR3gUrnmtHQBy42lj0JFZJnvppitLFPd5L9bDdX6Not1i/mrwdhTcsxohb2hpgCYhA52OouVMZ1yjZW5N8b0FLQUIkrn3ia6a8jv3Y5p+nEnmDkg179OVZkYEx6blW+UZf5eL9vjihVk5W0mJAPKlhhFeGyk1Cst9DhwClFRFk6PFU1gQYI9VQB7olzssbPw5eEUjRZw2bRkTyJJcic+j3WY3j+U6BzHg1CsbAkuxCGm8ZiVsJs91Ii7BbSHwmk8Q9aV+9yvsYUD5aRtYhfjVbjojKh+jFALI2gvS8ELCml+5Dgsb/MZ/8kXHQ4q0dqTIrokIuUCHshvdEOD6EsOyn5cRIuwo1t0xExin4ZYGwnxnfLIu7hFFvLuSU4FtWtTXHr8bSpSEYsjB0NF8bTTx4iGa2BxhTVK5KH37Ne2PLghfvM62epF8DAkSR69wP6awyXckIPChA8AVlt6gll9x6dQ7S4tJ6mGIXmILpUPYJ9CUPkoTQuWJiq+3J6N7e113vDs9zJcb0KtbfLEGzMVHft/noUIZ6YBbal2s+uP+/BkUDRa9hDa+XhWKYuIJTCUbWsMHqDnjGQzs8on9cFtntsoIc36y+0z7oiC+DDRab1h08e93gYiPRGgyCdNm9L0AgC7p7jIyihX0gxZaI5TvItyg+22FqWCCmJ+NbmGuEW/rVtVRNRISuWcPfiTvCm9MYdvSqIzQELVnV8MCYLenc2XNu652GmvQiSOswoak//D7/tfMfM1/FEzZfwVU1rgQ77BOVt2wZw2MR3QsKy/82eOT+t9Z5pol7ScRPazxDwoZbrSWdWJN99c2HFkSgi/PYKTm3e5opoOb997YdTh/Oukf16O4ahdEb5zUwSsVI1g4wKNuajOTpuxN7B4hyZ9mjBTSbi3KBSuUK79bK2R3VtrNut5JHBPleTkb3s0TNIbJHDzps7bCV9fNV3+8daV/Wwp1Ni761cU3Mwj6XVVK8ytURbsf2FFTWtTh3kzv8lWWgqPp9BjVB0fC7uqAJB0rmjCWhV3xaHRedc8VcJG1GzMdk4sySnFyVauLntxaLNnXaBgcfhBnTb6JAwc/0UzjwzvsEUhbnnNrT0zFickui0kaXt2yr5NGhvH8qO43Ye0I8MKC3xQHv2gq9diadqIi/6R4u2Ake8vhT6pSfQVIbvsrUQYmtEfdVfaeoSReFGPOwywt1B7oSrxUcRpcrsfkxBfL/zRCqNHtloVd1mya7eyJwRt45pFI5Z79xyg0E841JFDBah9q4jwi+BqTaf0bm7gqfyWY8U+9LR94SBlTJ4zYqrBpDGnbi+kQOikFRZyJbuPVR/1B8AKfrxuz4ph3aTPcmsoHWzsLH5UV0+1vo65DS+fvjOu3rnViNjf C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1rMDVoJ7HoPUP0N4lkqqGeHqV8TL2eXXqN5DjUMVai5PsIFdDgcXxciXrNlvEVyShTUUvBtFnyW+O7kzbZHD7ybo6QaGFbILNDM+aQCY1DbqHlXlhu6uQLsOKTWHrYV1MuabYmT9rzXP7rtrDs7q4TPVYfoAhIWTaK6pRqUSFbInUO2UAVe4YphaT0okS/tpLeRIDNXklQPv9+y4VaQk3jXRsSguEVFLE/9Q7zOElfzHP5IscujjIFxvhx6s+rB/3AAqUw7BAhFgvu5VLzkQ9Hww2e31zOPp7vpW3Tu4xofMqkeCgvAdxIOBc1deVRORx7HJa3OVBKLHzWzwOXK2Xo= C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1PCYcXJDeE4wm97iuv66+guraKDEdIv1+bj9Jh+5xaVbD3n7yEskKh94M9bvNK1FqLAYp7wZKYiJJfIEgYyyB/cfA+QZSkbAxcP7Q/87hApgClSJetpn28PuaoqzG/YX4glrd11/Vh2m6nVBt4lo0Sqqewkrt/OO2W7pzlUxw+JbyBXnkHmqh8Hw0ys4gHOtoCbRlQ/hCgqzNgesdlAeNvrDzRsa0YcZO03R/eWu0QFp5M6LS4oI1G0Vwo9OmyozmpwfOHO5L73+2+YyMJ7STlqBuCw0O6aGFqFLXwhuDvlFFi5R0EUrivQZTCuW/dNAYDw19dR/vY4DHuo/7oqo18= C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-7.exe /rawdata=Ukf4E/fC43JLK0NmaL1ycDdfknrWlMIP9oNfuF6yxaPD/kvm3Gj/ybMogb4zizZTOWYcNwEoxPJhMi421Kiae2alth6COWGXfKjSNvY+MErydjivWlV2ujVevRKlNoSY2Jj+ChhTOEB6ydwFxX44YmOR663n7mKE9lUPO4+Nj65Nbl4nPjTRiYagmprPQVjNHMpMm+zlSW9PgZ/D4/RWNxQwiDKf+5uJXUEtDbAafZgXjMEbYbkZujIDtajz2H59cpfJtBFVUCkXvS5PWhMj9lRd3FiFXXpuch/eZptE4kqAxnMipfv5rX+h1lzFkBXXOnv1nH3el8ZOGy/kRhzhrxRYAae9c4nBR1ib805a7gpFJEH0SA79APOxmMwrLkSLetORQwk+96NnYd+Loqyt32uriK54c9uPiRyZbFqHP9y7vJaFoas088fIwPb5PTsd1/4rXX0cu0SNFVz0GQtmjpdaf9gDR/+usYz78SADe3xrFYaCAAfPcS0PRLlLhJf0w+dKc30DBnvqtzrCde3iqKkBIbpUt7gZtvJJIvxDC7ll6Rfx2ugQBgdfOx91Ma7j3cvrctsJ9oiDUPEMyV57hfbNyqmqNEBk6KkTXWmpsS6ex6xpXrmifdB/KxDEs/XnM/WU5v74YrGy5jFg2RSdMQmFpV93B2YfMo4YC/2tTLexmKQ//e0fkUZ2nJ1D4jdJYsCHbOe/qCHNxQKqrdlzjU/mIfOXHtXL7aqCFf5/bo+K++/pYtO7K00tHae6wV4sbqMpBORlaJaZEZo0K4gbVKAyGkDNhbkN56CTrj0IrnA2m4NfsAJ7E+h2vnVi8uQwp9hO073rrz7xM1pSU/0n1Z3SDowEM7+TMbMoIgWZVEOi/Sa9adeopDIUx29r8DoD8DhsrDjWi8a7pq3ebec9FOUH15GCDcl+YQ8JcKmOVvUNnMLYiO2OGCmqOw3KRDGFUAhmAYwh89oCqVZKhRIptnaXF0MQ4QBMcbrj8/lIueonoyaMdBhgJ6/0VBASnQGGDMCY94bWjDlnrWPSJc5VuP/nMLGKUVMwvcAvFGbjLu/wGuTTUlzd+ivSd299q5r+/v7GMNdVnv47kmGLTqlUtKLCqV3wmhB5fH0sZYynUDAdAYveqoUlUd3fAdLMgMJKLzOg+NToanJs7OYveQNw1DTeyh3HOX/53VEmMu9V+fSMuoLag6oy48abXCXV6L0gujmK7LEV83FYIFNpAOxfBBRmUL2A5itoyonJwjJocAvLz518lh07uFkH/Pr8T5OidQmJ/c7F2nBRYfKVg+zwKfC6NPB9I1eG1P+fYsCVusGkcnYK98K8JlkEo9raQ4RWqf0zXjrPCTbGOdQo1mhMdCs8ZZSlF2LPWsnIFAFVtdnTnRrq7rl6MxhVR5POVViABsbST+JpGneTBxR5hhKQMHdDPlH45T2+1OgOlf9mRQRrV2NmxUPolHaZR8ESNjSvvhU/DrM8ZTOaTlhM37xyR27zA0iwyIb6cpMpS6QPnLMapO4cvM1mw6BjO+Q4JxraIORgvFAZ1hOfzXzSIJ51+Dn6a9qQI2KKGMaD4eJNsPd+Jpdnq8SNtkbhuHfA298HLhmAsowaQG8dwOWweSUnt+/Jy8chwkMq0UnS65Dm5fuKdHcBNNpg3M5kb5179dGvWXasqhxQV7HtMb9cJ/QztHrGsD91rj0OLZTxPXtX73CMt9TpgZiWFQS1xf3P0wdDOrggIyamK2PONSGlIWgRDcEMeNee2bR/uKr/V9Tf5mNAwucUmUWCZsNmMx3b2aPfKPPUlEWP+ZmijrIH0eHzEcGNb5B17xRW5/lDtzIQ5DPn9eMb2bODuEmQG1F1rM5eti+LNVyPXqkR6/L96ZX5B3+ApzF3+xp28wr6IHQpoeqFVZnmmtXwMFnAT0S1iZk6Y452tkwdEPzLV5wTf3K8zkYhYLWv2SlFBqv+X14hmbFcdmj5ljT4b70sJEhjSjQLrWNjwf7x3XLMOeXCeraJkaz0H98xJWGFPt6YGBTzgIgvigekIvxH1DKy1b1VZqtTfjW/y6Q4M/3vZzuWg98C/h04Vrq4NRsZdDv7h61w0+ibyI4jpG77OCAqJDpM5GK62dG6p5C8wC0m9Uab0S9zvDUsEpETp/lsOee4sTmoGe489zfl87QepBxAyxcKW3RQFfUeyOk207TV0Zey2pzjk72DaO/Jq5x7v+kED3TSbfmAQd/9mF50oEtudBridkaSbqEU9dxc9nk5rFBVLPALA2VuJXkPdvk0x+e24tU7+16jbRb9Hp6iRX2k310SPsxCmuP/Jc+z9/+wkMHR4laIuTADhm1q5/V36bxolOlFZdJYAMW+7/cB+Kza7KhUe+byLc4w3RO5teCAVweHb2a0l0c9W3iyhqw0iTGPKht9v512uKrxlFXYGQBAzEu+z+C2nVSBVKqaTNDods8M5eSGBMSHgpgxh6V1d63c4thnExtAeoAmTwUAFgstKdPTw5M+3bq+MQQqkgd/ZFIRTl+XYuZNIOUimPVUGT5DOTYFcaruwzBr7Fc8ecpZgg0jkwO0 C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-01 256456] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-01 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-07 166424] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-07 391192] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-07 413720] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-01-29 10038304] "PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208] "Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2010-04-23 861216] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-28 39408] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696] "NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe DesktopDock.lnk - C:\Program Files (x86)\Desktop Dock\DesktopDock.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-03-31 269824] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Windows\System32\WScript.exe" "%1" %* .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2015-02-03 19:46:50 ----D---- C:\Program Files\trend micro 2015-02-03 19:40:23 ----D---- C:\Program Files (x86)\trend micro 2015-02-03 19:40:21 ----D---- C:\rsit 2015-01-15 12:22:59 ----A---- C:\Windows\system32\profsvc.dll 2015-01-15 12:22:56 ----A---- C:\Windows\system32\TSWbPrxy.exe 2015-01-15 12:22:54 ----A---- C:\Windows\SYSWOW64\nlaapi.dll 2015-01-15 12:22:54 ----A---- C:\Windows\SYSWOW64\ncsi.dll 2015-01-15 12:22:54 ----A---- C:\Windows\system32\nlasvc.dll 2015-01-15 12:22:50 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2015-01-15 12:20:22 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-01-15 12:20:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2015-01-15 12:20:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2015-01-15 12:20:17 ----A---- C:\Windows\system32\srcore.dll 2015-01-15 12:20:17 ----A---- C:\Windows\system32\rstrui.exe 2015-01-15 12:20:16 ----A---- C:\Windows\SYSWOW64\srclient.dll 2015-01-15 12:20:16 ----A---- C:\Windows\system32\srclient.dll 2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale7_nf64.sys 2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale7_nf.sys 2015-01-15 12:07:10 ----A---- C:\Windows\system32\drivers\ale_nf.sys 2015-01-15 12:07:09 ----A---- C:\Windows\system32\drivers\tdi_nf.sys 2015-01-15 12:07:09 ----A---- C:\Windows\system32\drivers\ale_nf64.sys ======List of files/folders modified in the last 1 month====== 2015-02-03 19:46:53 ----D---- C:\Windows\Temp 2015-02-03 19:46:50 ----RD---- C:\Program Files 2015-02-03 19:40:23 ----RD---- C:\Program Files (x86) 2015-02-03 18:14:45 ----D---- C:\Windows\system32\config 2015-02-03 17:51:11 ----A---- C:\Windows\SYSWOW64\log.txt 2015-02-03 17:50:02 ----D---- C:\Program Files\Norman 2015-02-02 19:14:08 ----SHD---- C:\System Volume Information 2015-01-26 22:59:01 ----D---- C:\Windows\SysWOW64 2015-01-26 22:58:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-01-22 11:44:16 ----D---- C:\Windows\winsxs 2015-01-22 11:41:34 ----D---- C:\Windows\System32 2015-01-22 11:41:33 ----D---- C:\Windows\system32\drivers 2015-01-21 11:38:11 ----D---- C:\Windows\system32\MRT 2015-01-21 11:37:44 ----A---- C:\Windows\system32\MRT.exe 2015-01-21 11:26:41 ----D---- C:\Windows\Tasks 2015-01-21 11:25:19 ----D---- C:\Windows\system32\Tasks 2015-01-21 11:25:19 ----D---- C:\Program Files (x86)\MediaPlayersvideos 1.1 2015-01-15 12:20:32 ----D---- C:\Windows\system32\catroot 2015-01-15 12:12:31 ----D---- C:\Windows\system32\catroot2 2015-01-05 12:08:14 ----D---- C:\Windows\system32\wdi ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-04-13 540696] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs64.sys [2014-06-27 23488] R1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [2014-08-27 41536] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [2014-10-15 68792] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-04-07 2216960] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2014-06-04 138232] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-03-31 10322848] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-01-29 2260256] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2010-03-21 321064] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104] R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [2014-06-26 389240] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-06-22 116992] S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-06-22 113792] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-04-22 245280] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824] R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\npm\bin\nfservice.exe [2014-11-03 194536] R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-01-08 306360] R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664] R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032] R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2014-12-03 261456] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2014-11-27 401560] R2 NVOY;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\Nvoy.exe [2013-06-27 246560] R2 NWSCMON;Norman WSC Monitor Service; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [2014-08-05 231008] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352] R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080] R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 199680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26 267440] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-04 1255736] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------

Logfile of random's system information tool 1.10 (written by random/random) Run by Gebruiker at 2015-02-03 19:40:21 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 154 GB (68%) free of 225 GB Total RAM: 1783 MB (18% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:40:35, on 3-2-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Windows\PLFSetI.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gebruiker\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52 O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13611 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-1.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\MediaPlayersvideos 1.1-codedownloader.exe /rawdata=NhTCOcuCSgj3INL1wd2u9xHJ7Drk9S0C2RZxMeaeEdfkzLRA5jIafhN1D8GEeQZfq+2lU7hwZypYR2SkmQAUBYcIM+DIVSpeJPk6N8JlhnQgnLBbu+4eBVY2NaHWetyvWf51FBN6/bkg3/twULK4t7ahXtJvlH+CTgxuhKIADEl1NmnaOitVtmKuGmymLxHsf+9WyzzAOlT7piJRmYTNLkmqwGqBA3wapMZoKVg50mseO0cYebx3apn8BL/oZUqR7GsmEjwltRx1GMcceAPw9+mZVeQu1HunrNjLRha+REQAC5qBhS10mh/onAz+e+USPoMxD8u8GwaDKmBRaeFNyBUpAQswWQzyNZ/tSwc5tZGIpUj8Vyz41nEZbJ3RXm9DqvFWUE0eJXnIugKzBu4V2VW9C88LWf0CXvI7QQCaOWjb2Rle35R/RBwyq9nGAkSMFDaY5ScO+QAHYcx4ItnqiZJpFiWK9m9TsWBbapSak9xNmtxhQ2OT4hCB4KkQMCppLdrUpaJghAPeTT69ysXcAHUznmt0r3lP3amOpWfYcQ31Jkp5BODCHmtoOms4dstP60wRqfTdgZXHAaDHWAP7S5SSKqZbadqWh7JllkQklmW2GyY1T+dm2rG/MOAjREQlKMSAMna4lkfmdfLne1/4GPMv5M0NvB0VwbFicvLiVi8zbr8LBX2+sB2MdiADHykMBSkje8bCp+k1EMhMgE2cwp7denmxmnmxfOiqiLPlT3FpKHcaoxzl19+wdgT16OXodvF/n8obC+OOxgfuMAZh5CT6pR3UyGIwuGrqN9JK46/wtbAZiJ1cbzTTVJ+41PAth0ASsEuwiBuxHRSOm6ExbIAUsyqdlzHqgckUmp3t9PxSoQRGNy5VQU3vlN4IuhHe1IgneivxqTXuHmQWsXFiMsveBwF02z4hCUOFBOUcEJU9AfMw87BgbhcZ+1I/FVN3JUG9yXfOaha1j8CISWNikBoFHzeYuctJNS3HDJFYkwQ7PrEo0f89MFOZ9hVk2Ntxx/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeESXO3yeWFw0PRljIOO2UdlZJ7c9MyxL2loxfaaUKVy4n1SKwZWoGD+JGbyFvLwdv+WfFDbRzQD9oP7pE2HUbNF5ws9CJj4WrI/ze1H1CmI8s2DrvygMAb588D/gjaNZDmjDxmB+H8Gn9g4D68bkxJL15mkAnJtmyWeuwlEJwsvXKFrdguSTzNc4ZG6esWiCQVcTPHyGP6VG6nIyNST7NPeaDh3Wub2/Vlu1WxlJWsDwdIEKsUfcr46qS5lpJXZ3np4DHR2N9y/92aksNFo9hN5ytQp1n+UqrbvFg0Oq+l64GZPllvZ41vZ/kcS170JIeSnRTfMRRy48PSpKzVuKJb7r C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-11.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-11.exe /rawdata=SfTelymPLKjQeInjPjHMVB8adOPlTqfh+BrWuFvREvb7E3F982S0Z1QCi8/MdHZW6Epj/yBFwLTM+h6UKjMnokp5goTZ4oBYeWflvDvyIc33rhCM/8u27JrkKvxSg+gTdU506c5mh81RNecqMh1/72v/nQ/kfm0VuJZop4yCYzRkNPaELKGl6zfSOG7/4iNm4ujaLvkxsg3l1rLFc/FrqrkQaZOrYxRpkPKvxr3nxrQjTSuNbGuwc4735EG9mDHn8QrkNDXx0Q3cVadCC8PNQv+bd/EslWBOk4mtroCFvpum4hVY0qd+53+7HSsi7vKlIT0eo4qCd1GyNiXqrJdIqID0IBmgecbGGMPq1iXe9krkwf1WlKoxAIxU3lbCfdrrkdh5UqIPO1N/1IVjof/hmkicGG6LHlO0wDVzuYLQPwHSUZT9SFLYqnCgTneAjP7EqBHHz3m4Job+NV+JkEB/IXuXYmSakfL5Bbxc6oyODx+atqrLd7PsYNa2hyAOMQxun2CoSoo09gWxrh7pQZcPrHrsAw+R2BFo7LDFmaw91lU+p6L1r8W1tWv1J3FQwOXXs0u+TqZ3f/Mz6qS98Y5JJTgFiVdmOyXfLGVjTlnGwKe6ARx/QXRT6xyovdasebUHfSskrFvUxRe8EFX/kxaF9vHhAn+tjScHwqmhFBkV2b/HU/SUOunBDv1IQxKA9zQZ9ksxeSdwqLikF64fIqvsYTXE7f/BgsJVxV4AmQKq3Li3IaNb7FQeUeUp1prgycFpJBrOaWvt5G1RI2cg+UobhXY+eAGeuH9n/c8Sr3xQkZNK/aZCKc7Z2QxgX7aIUY0rWX2dV3xrSZzEKh+4ckfL7mh61F8g/KBvWoP/MjF+CQTokEV2YhOV/QMMpYDD30H7l1FmiA+OUuqaCqefqXYlfviNbwiGpm1Hf1sjqwPZrg8ZNHlLatTv7e1xCnijoeHzFahQjThLW+jc9fUvsLjNmZiNuVkuvgeBhJsxP7U7n1CZUMJYyhQaPDC/84x5ThxpcC7H49l4zirf7rv7V3IbnU21UvFyqUjFuqbdNtQkZYqwqIQ4SL30X1DqNBEkZZw52JIHcqso8eWAdSGH3iTqQbRIjE5Q0Fo3QJmITIZpOP+meuuWaWnVMKMOHGzoaIk29V6xNewiQq+VRc2nuAY6DZPGaqm4QkJ0Yxmh77Y8QbGTU0SZssZJK9ySk/fDppTFsLdW2BSQu+ld1KenFlsYc2I7CNRCs5jtz3nsqAQBrcVMYjOdG9gqnUS+Uu07fjnBhCyGSVDdS7n8ZwC+BLMr15b/pyFhZl2PykSFxI/Mn0mbKRDTIvAXqZ+cNJfVyeKHFQJhRWYoi++mZO9mhB3Wc2FgAIilIg2zw+/SVNaQBFSKBPT6tEMamnLxltBxzohzhJOwOfTlrweL39uY2EgibteIYuv+JjpDqPXOR8770VwJt8nabs9m3RyeoDnSvoBc7G5Pxydx9lkQ1FXkuSPuo5Ncedq62buJ165WjNUis7BMc97th88DhtTfOc0Z2IgSQ0lCOH33UVuGuJNnVOrHNsKjjhryS6KBJ/W3N8xOfpGKL4TfS3BYRU3Cm4NdLhW78qJzF7HjD9ZwMOsPLfT9pqrwFbdUCsxUZ4GQY9kXt/1WihLlqquIGfEJSNB+q0nwzBWJnXzwUoiSSAuA7pKfhjBE5aMyp1ueetChK0Bv5TCpo+lyOHyWY7IoQ0Hznv5dmwFrzmhiVEHH1iAavOOenNe+0tsrC1FGfNQsL7gooVFQLMJ+2XtJLhkyDILb57l5voPwb+j5MVa2F3vcbX3rJmEM29X06yor4s50X26NUNANZbP79nweTIqKFD8/Dvn9EJWc7psyl+xfXSNjlZdbrLTpthxOeV7iNLfXU5//VQlOgKbsq5kEMWeDRiAgxCaf4Y+cS+T4RTVeUlka4imJXGjvtZA4Kdj/kcTph2FdGIi/SYSdfNQ95YZn+EMuFCZuXsHg2/L00nEYzG9k1lLIxa6jgrLShHARiwC/PiIm9nQLkDaK6M9LMhqU6djuxQ5ZcyLqVwcjNZQhZjAKEG+W2YEPoh8udeYJUdwGZzhiY7c8PLBHMfvLnv9xCO7thw+vqMGEcCdZLZyKdHnQVhEY+YXThmyab/CrNZpwNU/urb3bEuAq+DUecnX6ODske+MLnyrYR7Hlu8VxI9XbMEWZzjSkbvx8EHDobgzycEJb0wJDmWNJnm9noEQxNiBg5fhoHyX1j99rhE672W1Dt6D/pukU/Jo4PzPQ0dg+wSvL2WTsHKcd4ydHKnQHKWxHyHVtReIPBqQyj+7f5DBn46lNoNFUF+6Awimnyuxz7+hBS3AwgkR3vKn2wihOwfhgx3LWXBax960dprwOUTlbT65X5w== C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-3.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-3.exe /rawdata=hSt/Tjz1y+M5kCYLUIJEuIS8O1j3vDGXPfkJOW5fb8Rn3XMoUuKAdoHB1ogKiTAzWrO6mOpuO0Oh7b+Pp1RtDuixXHflSNdm1O4ZMxDNnIVA93KXhZ7ui9lomhh59vprkz4uRepesoj0aiK2em5+kOGK/MXEYuKhx2LW9f/t2n6VnuIhX++NMPadKbMWVe96R52d+iDHj6NWev56kOQKMd9otQ+wN+vMntM3ftS4meaXLTJX7aheb/iry7d7NRgrVCun0QUJuuI397T/TaObu66BkWKXSb1nYLtvRAXspsFTIY5TjlYc5rORNoJyHkJ4e9GPyAPD4f1Tmc5vjfLzI0SU4dZuXTjKk2kopKiRD/YMIyCqcpyrKr3JljbirYYF8kmlMh9qB5gIJN5WQZ09Hu9RxoSMH09Ga9bPWjyfnTLnvyuo/EN4sUxzq4u55f/NsEA1w+1E0YWviqk6QaraySJuPj8bszuCtkSd56yFKrLxQ5c0qrQVU8UjC3iEiKvwWaD0Bo+3gRTaZviO+0i0sa49OxMl11yt8/IG30smfP26nZxz+MdQaKjx0YVRF6WUgOMi37KjrFo7a8YLHc7hlq3tXpmGYTou5V8sogg7Wob2PAx0Dl5vj8kceJPOhILLmJKAqHpyMsSS6dde2ZHTmh0i+WxmYJ3Gp/zeUgh0IbZb7qNMEU1nKAFw/BFmO/oXFZocLgeu2FmJvPcpW6pHGBnkiyBDvboQS9Xaqp+MSFouCEv6Nbbm01fTu1npfrYi7eVhGYFFH8DFV+YkO2MHjlSdj93rwUQRx63uz02Idua7KA6dzQG3mVs8a+ysMFShwDj7Q0FNsWRSzeNnQYykIH8FQUV/XYsvInA5LzPgIddswaU7m3BAga1Jp5ml6PqEnvrUED8nao8hVhDdAHxNKFQ4l4Lpptq3GP4RG/riFwPuuAeZgHUeeo7hTZIkEPzDt0acjcCjY5Sub0z04vTgM7lLsmxXoHZuSbsVJao3RhRo5ljfu6U/zvEcqc80lXo5x/va0ZNtkzVtsweH+J256DQQBAtor+ma+HeSHy/vAWDKSBZIFWGZpRS8vClyCNE5DwO3sUMMz6dI60GWNbUfbQr4OxRAHT1lcbbDPvY6rVNYi9fjVicbVddbiFahUCDMHQG1pWJfJ5Kgul5Eu+Bq42Wr1mRTJR+QgntOouSSeES0fL23FL0vJKb9BmL5yv4+Unm75fCO+0rXfX+8WQcLpeFQYEygkN5upiW0K3I3q6hxMiRHjrLQQ9evjCiUj7iPyienFicXIpgVLC8whB1QYb9IUpS8IxNkgzPZUzzdRzuwvctSeToYtCW3ojkrOZPuKualfgUzwN5EzdtF99dJCn3Y/JEjCv453ivihSY/8QvUDtaLa/2fNQNRY+UEW3O/QW4EepNBGhQBDAzIbpKUv0C40m16frnYiIuqf/Bpb+J7ZzdB6LNAtzFdugULV4IJj5X9c/cfjcBi6GO48RhxtHKlEJFFdo8+ns0hikFtQxP6B9F1/zqGo7oFcKiebRfUUx4TbqpXDVz82puqaEP0iam/E9o5X4ered1O/1plOxceMU+A07pIdOwrpb8zQfCpI6ZMu8S4mgbxpkM2isBntA6NndcTyyxESKv1zvrq8m/Pahk5MrJc0BxYrz5sOyfo62mj4rI6oRa0jdPFI8rsuCwia33Qt57Tgqruvn/uvhiXJArFFMlb4eHXl600PBVP2/3hXQ0cT6hQfsHApfT6vL7cC6qEBOtXOGanJY4Ke+wU7k9Q6fj4mY4yfSjeIZ5wv4ZMfm1b3r6GVZ6Pehs0O0cFv3HKKNEsQofkJrh3LQ59cz1ByBeiS/6Vf0SUx1yz4oEtsnhghyDCziLgLTExMzQn4lylFJLFTXsBRtReb/ERhTNSUXSA6CRg8oFUG98lx0tUoWMVjpauTmRajL4qt7FRE8Cdw7/5Fsn7RiZCOSeKzrogJKAiVb9SYzFzWBs6hjSAlNwtBmNw7urrj2tG+qewGTc73doXuwAPXb1/Lw/bj2qajIyjN6EIOuYimhF1 C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-4.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-4.exe /rawdata=s6pRoYZDl3U4Al9NZJlT0nxu3KEP9e6g8Smp2s2TUUF6JnCGmGJW9N9+J+rGOmDrUZuqTl2p9scy72mzyc1gBOspYfUu4iL7KFR8C+Jr+kXNLLBFhNbxTttecK6qE41qr83QaJTpIdfpWyIC53YZOu6d4TAvf6OiaKy1GRM0M1J4wymL3v85m+189lTuKe37FFtU9+XGc4pwLyv2JU8mEvOW+Bli4PtOfGGjxLm3F6LHG1IxWi4vCdILnduB3mT07XdTOhNZuYW9cm2jI36OCKd/b9jui9AmKeflDTKsN6i0+36zIIio+FbVIJ0Uyk8MiRuTzmmWW/HzA5FUadttwzpsKkQ1nh3pO5z2pUEgFmkUCx5Pk+xHY5LRe6LcahTRonWXyCpUlhDytB8Cd/A3RW9eg6QSJmI3QFu+lrUOX7RYtgfC/m4zA2YA5x0B0tJJgmLgX2irkwB8f1b9o3JpMdua/QarqQUUJLUcFMc+xAlbErG1Oe8AAVygEVDCKe7pwqg2T/5dVml0LJdz75BC9KIJGapDH/0oO6CsP1mJVVZjRaZ03zDzitreHnYpnsM+IzSFuLd/RFVo4DiLDMhpgiegpECDLQNHfvbRw4M+a/YctgHf6LbzarSVVHcRO0ohv9fUXC96Y6tvGkZNd8ZASUFNdR3gUrnmtHQBy42lj0JFZJnvppitLFPd5L9bDdX6Not1i/mrwdhTcsxohb2hpgCYhA52OouVMZ1yjZW5N8b0FLQUIkrn3ia6a8jv3Y5p+nEnmDkg179OVZkYEx6blW+UZf5eL9vjihVk5W0mJAPKlhhFeGyk1Cst9DhwClFRFk6PFU1gQYI9VQB7olzssbPw5eEUjRZw2bRkTyJJcic+j3WY3j+U6BzHg1CsbAkuxCGm8ZiVsJs91Ii7BbSHwmk8Q9aV+9yvsYUD5aRtYhfjVbjojKh+jFALI2gvS8ELCml+5Dgsb/MZ/8kXHQ4q0dqTIrokIuUCHshvdEOD6EsOyn5cRIuwo1t0xExin4ZYGwnxnfLIu7hFFvLuSU4FtWtTXHr8bSpSEYsjB0NF8bTTx4iGa2BxhTVK5KH37Ne2PLghfvM62epF8DAkSR69wP6awyXckIPChA8AVlt6gll9x6dQ7S4tJ6mGIXmILpUPYJ9CUPkoTQuWJiq+3J6N7e113vDs9zJcb0KtbfLEGzMVHft/noUIZ6YBbal2s+uP+/BkUDRa9hDa+XhWKYuIJTCUbWsMHqDnjGQzs8on9cFtntsoIc36y+0z7oiC+DDRab1h08e93gYiPRGgyCdNm9L0AgC7p7jIyihX0gxZaI5TvItyg+22FqWCCmJ+NbmGuEW/rVtVRNRISuWcPfiTvCm9MYdvSqIzQELVnV8MCYLenc2XNu652GmvQiSOswoak//D7/tfMfM1/FEzZfwVU1rgQ77BOVt2wZw2MR3QsKy/82eOT+t9Z5pol7ScRPazxDwoZbrSWdWJN99c2HFkSgi/PYKTm3e5opoOb997YdTh/Oukf16O4ahdEb5zUwSsVI1g4wKNuajOTpuxN7B4hyZ9mjBTSbi3KBSuUK79bK2R3VtrNut5JHBPleTkb3s0TNIbJHDzps7bCV9fNV3+8daV/Wwp1Ni761cU3Mwj6XVVK8ytURbsf2FFTWtTh3kzv8lWWgqPp9BjVB0fC7uqAJB0rmjCWhV3xaHRedc8VcJG1GzMdk4sySnFyVauLntxaLNnXaBgcfhBnTb6JAwc/0UzjwzvsEUhbnnNrT0zFickui0kaXt2yr5NGhvH8qO43Ye0I8MKC3xQHv2gq9diadqIi/6R4u2Ake8vhT6pSfQVIbvsrUQYmtEfdVfaeoSReFGPOwywt1B7oSrxUcRpcrsfkxBfL/zRCqNHtloVd1mya7eyJwRt45pFI5Z79xyg0E841JFDBah9q4jwi+BqTaf0bm7gqfyWY8U+9LR94SBlTJ4zYqrBpDGnbi+kQOikFRZyJbuPVR/1B8AKfrxuz4ph3aTPcmsoHWzsLH5UV0+1vo65DS+fvjOu3rnViNjf C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1rMDVoJ7HoPUP0N4lkqqGeHqV8TL2eXXqN5DjUMVai5PsIFdDgcXxciXrNlvEVyShTUUvBtFnyW+O7kzbZHD7ybo6QaGFbILNDM+aQCY1DbqHlXlhu6uQLsOKTWHrYV1MuabYmT9rzXP7rtrDs7q4TPVYfoAhIWTaK6pRqUSFbInUO2UAVe4YphaT0okS/tpLeRIDNXklQPv9+y4VaQk3jXRsSguEVFLE/9Q7zOElfzHP5IscujjIFxvhx6s+rB/3AAqUw7BAhFgvu5VLzkQ9Hww2e31zOPp7vpW3Tu4xofMqkeCgvAdxIOBc1deVRORx7HJa3OVBKLHzWzwOXK2Xo= C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-5_user.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-5.exe /rawdata=IqHLZFQLhj31kvD882eVu7oi2us/Ugfz3ZUXxrCEXBQviWz1Yy3m6JbBQx/vEzLeCgaC6G7RHZbOpjMVF25Nj1IuVBnlJ0KA40R2rd/6hhg0sGg7h2NrFm6TnBLRynV/PDxnJbvcVvBKQlCJeVM01P8TmPpEsflry8HRfNb9gShTUPmJZsx/QGdPqUQmAPD9hgBEHpvajsy8Bj9yfjMkhUI2fNukghiJ9XFahPVK1+4yK5QUKeW+dvZoThgt2omDPEsBQbHk97Wu0jkP5xv+gZLSmEnAd1h+UvzO5h6qRavWVkrHBkxqqDxcdQhAh98CC8CZD49669NJlltPjxlDNCY7BTKZljfJKqSHnBEJb1GoFuig2OeokT3oVGl2XSDm7/oCj5sHnHc0LWXyg2+D7+oWM9liYB0/7d1t0L1hw+/YRQe0Qv+bsjXfivYcdXLBGr/BcXrE52Wz4sxUuNiIeT/1M/vj0MVe5vrSj2UntfKVn7cqrFM2H7ZKijhq2VU/txG1goi+d4QT6/1SWdNdV5ZcQZmJhnDmyhaZH4QFqojIgitRsshGu1YgN3Y6DxCDviIN5gZRYUelsDdoMygeNeCFAlogpI3m//l9LlTAdcTDaq2tyIbcgxFEhuuvqyxZ9jmnuOvthdI4JAm0Ib8hZnwgFchbY3TdAEHdaQTuM/otGIx0o5cHU/StltC02Y6TwmUy2kR6pOWH26KOKKDqa7d+id6idP3R4ke7Gx3j0uk05qFKDrjOiMtFKxrkSpzrSkPvDggEkO2CG8g2cFzRyCQuDvwt1VlcU6oa7Stbz6qm8FznCqEJQYVAg/BH2uMX+Ubi3HBwvTl5w8YL1j4AA1PCYcXJDeE4wm97iuv66+guraKDEdIv1+bj9Jh+5xaVbD3n7yEskKh94M9bvNK1FqLAYp7wZKYiJJfIEgYyyB/cfA+QZSkbAxcP7Q/87hApgClSJetpn28PuaoqzG/YX4glrd11/Vh2m6nVBt4lo0Sqqewkrt/OO2W7pzlUxw+JbyBXnkHmqh8Hw0ys4gHOtoCbRlQ/hCgqzNgesdlAeNvrDzRsa0YcZO03R/eWu0QFp5M6LS4oI1G0Vwo9OmyozmpwfOHO5L73+2+YyMJ7STlqBuCw0O6aGFqFLXwhuDvlFFi5R0EUrivQZTCuW/dNAYDw19dR/vY4DHuo/7oqo18= C:\Windows\tasks\e9fb4241-f448-4690-94ad-c7d79e71919c-7.job - C:\Program Files (x86)\MediaPlayersvideos 1.1\e9fb4241-f448-4690-94ad-c7d79e71919c-7.exe /rawdata=Ukf4E/fC43JLK0NmaL1ycDdfknrWlMIP9oNfuF6yxaPD/kvm3Gj/ybMogb4zizZTOWYcNwEoxPJhMi421Kiae2alth6COWGXfKjSNvY+MErydjivWlV2ujVevRKlNoSY2Jj+ChhTOEB6ydwFxX44YmOR663n7mKE9lUPO4+Nj65Nbl4nPjTRiYagmprPQVjNHMpMm+zlSW9PgZ/D4/RWNxQwiDKf+5uJXUEtDbAafZgXjMEbYbkZujIDtajz2H59cpfJtBFVUCkXvS5PWhMj9lRd3FiFXXpuch/eZptE4kqAxnMipfv5rX+h1lzFkBXXOnv1nH3el8ZOGy/kRhzhrxRYAae9c4nBR1ib805a7gpFJEH0SA79APOxmMwrLkSLetORQwk+96NnYd+Loqyt32uriK54c9uPiRyZbFqHP9y7vJaFoas088fIwPb5PTsd1/4rXX0cu0SNFVz0GQtmjpdaf9gDR/+usYz78SADe3xrFYaCAAfPcS0PRLlLhJf0w+dKc30DBnvqtzrCde3iqKkBIbpUt7gZtvJJIvxDC7ll6Rfx2ugQBgdfOx91Ma7j3cvrctsJ9oiDUPEMyV57hfbNyqmqNEBk6KkTXWmpsS6ex6xpXrmifdB/KxDEs/XnM/WU5v74YrGy5jFg2RSdMQmFpV93B2YfMo4YC/2tTLexmKQ//e0fkUZ2nJ1D4jdJYsCHbOe/qCHNxQKqrdlzjU/mIfOXHtXL7aqCFf5/bo+K++/pYtO7K00tHae6wV4sbqMpBORlaJaZEZo0K4gbVKAyGkDNhbkN56CTrj0IrnA2m4NfsAJ7E+h2vnVi8uQwp9hO073rrz7xM1pSU/0n1Z3SDowEM7+TMbMoIgWZVEOi/Sa9adeopDIUx29r8DoD8DhsrDjWi8a7pq3ebec9FOUH15GCDcl+YQ8JcKmOVvUNnMLYiO2OGCmqOw3KRDGFUAhmAYwh89oCqVZKhRIptnaXF0MQ4QBMcbrj8/lIueonoyaMdBhgJ6/0VBASnQGGDMCY94bWjDlnrWPSJc5VuP/nMLGKUVMwvcAvFGbjLu/wGuTTUlzd+ivSd299q5r+/v7GMNdVnv47kmGLTqlUtKLCqV3wmhB5fH0sZYynUDAdAYveqoUlUd3fAdLMgMJKLzOg+NToanJs7OYveQNw1DTeyh3HOX/53VEmMu9V+fSMuoLag6oy48abXCXV6L0gujmK7LEV83FYIFNpAOxfBBRmUL2A5itoyonJwjJocAvLz518lh07uFkH/Pr8T5OidQmJ/c7F2nBRYfKVg+zwKfC6NPB9I1eG1P+fYsCVusGkcnYK98K8JlkEo9raQ4RWqf0zXjrPCTbGOdQo1mhMdCs8ZZSlF2LPWsnIFAFVtdnTnRrq7rl6MxhVR5POVViABsbST+JpGneTBxR5hhKQMHdDPlH45T2+1OgOlf9mRQRrV2NmxUPolHaZR8ESNjSvvhU/DrM8ZTOaTlhM37xyR27zA0iwyIb6cpMpS6QPnLMapO4cvM1mw6BjO+Q4JxraIORgvFAZ1hOfzXzSIJ51+Dn6a9qQI2KKGMaD4eJNsPd+Jpdnq8SNtkbhuHfA298HLhmAsowaQG8dwOWweSUnt+/Jy8chwkMq0UnS65Dm5fuKdHcBNNpg3M5kb5179dGvWXasqhxQV7HtMb9cJ/QztHrGsD91rj0OLZTxPXtX73CMt9TpgZiWFQS1xf3P0wdDOrggIyamK2PONSGlIWgRDcEMeNee2bR/uKr/V9Tf5mNAwucUmUWCZsNmMx3b2aPfKPPUlEWP+ZmijrIH0eHzEcGNb5B17xRW5/lDtzIQ5DPn9eMb2bODuEmQG1F1rM5eti+LNVyPXqkR6/L96ZX5B3+ApzF3+xp28wr6IHQpoeqFVZnmmtXwMFnAT0S1iZk6Y452tkwdEPzLV5wTf3K8zkYhYLWv2SlFBqv+X14hmbFcdmj5ljT4b70sJEhjSjQLrWNjwf7x3XLMOeXCeraJkaz0H98xJWGFPt6YGBTzgIgvigekIvxH1DKy1b1VZqtTfjW/y6Q4M/3vZzuWg98C/h04Vrq4NRsZdDv7h61w0+ibyI4jpG77OCAqJDpM5GK62dG6p5C8wC0m9Uab0S9zvDUsEpETp/lsOee4sTmoGe489zfl87QepBxAyxcKW3RQFfUeyOk207TV0Zey2pzjk72DaO/Jq5x7v+kED3TSbfmAQd/9mF50oEtudBridkaSbqEU9dxc9nk5rFBVLPALA2VuJXkPdvk0x+e24tU7+16jbRb9Hp6iRX2k310SPsxCmuP/Jc+z9/+wkMHR4laIuTADhm1q5/V36bxolOlFZdJYAMW+7/cB+Kza7KhUe+byLc4w3RO5teCAVweHb2a0l0c9W3iyhqw0iTGPKht9v512uKrxlFXYGQBAzEu+z+C2nVSBVKqaTNDods8M5eSGBMSHgpgxh6V1d63c4thnExtAeoAmTwUAFgstKdPTw5M+3bq+MQQqkgd/ZFIRTl+XYuZNIOUimPVUGT5DOTYFcaruwzBr7Fc8ecpZgg0jkwO0 C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-01 194504] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-04-13 284696] "NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2010-03-09 260608] "LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-04-08 908368] "Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2014-08-21 88536] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-09-17 152392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-05-28 39408] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe DesktopDock.lnk - C:\Program Files (x86)\Desktop Dock\DesktopDock.exe McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.siren"=sirenacm.dll ======File associations====== .inf - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .ini - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - "C:\Windows\System32\WScript.exe" "%1" %* .txt - open - "%SystemRoot%\system32\NOTEPAD.EXE" %1 ======List of files/folders created in the last 1 month====== 2015-02-03 19:40:23 ----D---- C:\Program Files (x86)\trend micro 2015-02-03 19:40:21 ----D---- C:\rsit 2015-01-15 12:22:54 ----A---- C:\Windows\SysWOW64\nlaapi.dll 2015-01-15 12:22:54 ----A---- C:\Windows\SysWOW64\ncsi.dll 2015-01-15 12:20:21 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-15 12:20:19 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-15 12:20:16 ----A---- C:\Windows\SysWOW64\srclient.dll ======List of files/folders modified in the last 1 month====== 2015-02-03 19:40:29 ----D---- C:\Windows\Temp 2015-02-03 19:40:23 ----RD---- C:\Program Files (x86) 2015-02-03 17:50:56 ----A---- C:\Windows\SysWOW64\log.txt 2015-02-02 19:14:08 ----SHD---- C:\System Volume Information 2015-01-26 22:59:01 ----D---- C:\Windows\SysWOW64 2015-01-26 22:58:42 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-22 11:44:16 ----D---- C:\Windows\winsxs 2015-01-22 11:41:34 ----D---- C:\Windows\System32 2015-01-21 11:26:41 ----D---- C:\Windows\Tasks 2015-01-21 11:25:19 ----D---- C:\Program Files (x86)\MediaPlayersvideos 1.1 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [] R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs64.sys [2014-06-27 23488] R1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [2014-08-27 41536] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [] R2 nregsec;Norman Registry Security driver; \??\C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [2014-10-15 68792] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [] R3 gzflt;Norman Filesystem Driver; \??\C:\Program Files\Norman\nvc\bin\gzflt.sys [2014-06-04 138232] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [] R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys [] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [] S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-04-08 312400] R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-04-23 867360] R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336] R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-03-18 268824] R2 nfservice;Norman Flight Recorder service; C:\Program Files\Norman\npm\bin\nfservice.exe [2014-11-03 194536] R2 NNFSVC;Norman Network Filtering service; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [2015-01-08 306360] R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2014-06-30 456664] R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [2014-10-15 140032] R2 nseupdatesvc;Norman Engine Update Service; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [2014-12-03 261456] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-09 250368] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640] R2 nvcsvc;Norman Anti Malware Service; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [2014-11-27 401560] R2 NVOY;Norman Resource Provider (NICCA); C:\Program Files\Norman\Npm\Bin\Nvoy.exe [2013-06-27 246560] R2 NWSCMON;Norman WSC Monitor Service; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [2014-08-05 231008] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-18 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-09-17 641352] R3 NJeeves2;Norman Jeeves; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [2014-11-27 179080] R3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2014-06-30 199680] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26 267440] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-27 107912] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V [] S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856] -----------------EOF-----------------

hallo! sinds een tijdje openen sites ongevraagd als ik op iets klik. Dit gebeurd alleen als ik al op internet zit en het is zeer irritant. Ik zag dat ik via Hijackthis een scan moest doen, dit heb ik gedaan en de volgende logcode kwam eruit; Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 19:51:47, on 2-2-2015 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17496) Boot mode: Normal Running processes: C:\Windows\PLFSetI.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files\Norman\Npm\Bin\zlh.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Norman\Npm\Bin\zlhh.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gebruiker\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: DesktopDock.lnk = C:\Program Files (x86)\Desktop Dock\DesktopDock.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} (CanvasX Class) - http://foto.hema.nl/ips-opdata/layout/hema/objects/canvasx.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7629B75E-3CF3-4B18-83EE-06F84CB08F0E}: NameServer = 31.168.224.106,5.135.12.52 O17 - HKLM\System\CCS\Services\Tcpip\..\{D04F0CB2-0CDC-4D04-9B5B-1C508329A73C}: NameServer = 31.168.224.106,5.135.12.52 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Flight Recorder service (nfservice) - Norman Safeground AS - C:\Program Files\Norman\npm\bin\nfservice.exe O23 - Service: Norman Jeeves (NJeeves2) - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves2.exe O23 - Service: Norman Network Filtering service (NNFSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman ZANDA - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) - Norman Safeground AS - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Engine Update Service (nseupdatesvc) - Norman Safeground AS - C:\Program Files\Norman\nse\bin\nseupdatesvc.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: Norman Anti Malware Service (nvcsvc) - Norman Safeground AS - C:\Program Files\Norman\nvc\bin\nvcsvc.exe O23 - Service: Norman Resource Provider (NICCA) (NVOY) - Norman AS - C:\Program Files\Norman\Npm\Bin\Nvoy.exe O23 - Service: Norman WSC Monitor Service (NWSCMON) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\nwscmon.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norman Scheduler Service (Scheduler) - Norman Safeground AS - C:\Program Files\Norman\Npm\Bin\scheduler.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12908 bytes Kan iemand me helpen? Groetjes, Ilse