Trage internet site's

Ebonny · 27 december 2014

Welk icoontje moetik aan tikken????

Mako · 27 december 2014

Hallo,

Links bovenaan het venster zie je de versie van ZHPDiag terug. De versie die jij gebruikt is een helemaal verouderde versie. Verwijder ZHPDiag opnieuw van je computer via het configuratiescherm en download de laatste versie. De link in mijn vorige bericht leidt naar de officiële downloadpagina van de auteur waar je de laatste versie kan vinden.

Ik heb zonet nog eens alles gecontroleerd en de icons zijn nog steeds dezelfde als die in de omschrijving in mijn vorige bericht.

Ebonny · 27 december 2014

Hallo Mako,

Deze ging beter. Hierbij de log file.

gr Ebonny

~ Verslag van ZHPDiag v2014.12.25.178 - Nicolas Coolman (25-12-2014)
~ Gelanceerd door Acer (27-12-2014 18:10:01)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Het adres van de webforum : http://forum.nicolascoolman.fr
~ Vertaald door de gebruiker
~ Staat van de versie : Bijgewerkte versie.
~ Lijst wit : Ingeschakeld door het programma
~ Tot misbruik van bevoegdheden : OK
~ Gebruikersaccountbeheer (UAC) : Deactivate by program

---\\ Internet-browsers
MSIE: Internet Explorer v11.0.9600.17501
GCIE: Google Chrome v39.0.2171.95 (Defaut)

---\\ Windows productinformatie
~ Langage: Néerlandais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Software om het systeem te beveiligen
AVG 2015 v15.0.5577
Malwarebytes Anti-Malware versie 2.0.4.1028
Microsoft Security Client NL-NL Language Pack v2.1.1116.0
ESET Online Scanner v3
Windows Defender W7 (Deactivate)

---\\ Systeem optimalisatie software
CCleaner v5.00

---\\ Delen van software PeerToPeer

---\\ Software die extra aandacht behoeft
Adobe Flash Player 16 ActiveX
Adobe Reader XI

---\\ Informatie over het systeem
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3956 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 214 GB (73%) free of 290 GB

---\\ Verbinding met het systeem-modus
~ Computer Name: ACER-PC
~ User Name: Acer
~ All Users Names: Gast, Administrator, Acer,
~ Unselected Option: None
Logged in as Administrator

---\\ Omgevingsvariabelen
~ System Unit : C:\
~ %AppZHP% : C:\Users\Acer\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Acer\AppData\Roaming\
~ %Desktop% : C:\Users\Acer\Desktop\
~ %Favorites% : C:\Users\Acer\Favorites\
~ %LocalAppData% : C:\Users\Acer\AppData\Local\
~ %StartMenu% : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Overzicht vaste en verwisselbare stations
C: Hard drive, Flash drive, Thumb drive (Free 214 Go of 290 Go)
D: Hard drive, Flash drive, Thumb drive (Free 51 Go of 290 Go)
E: CD-ROM drive (Not Inserted)

---\\ Staat van het Windows Beveiligingscentrum
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 46 Legitimates Filtered in 00mn 00s

---\\ Zoeken naar bepaalde algemene bestanden
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Verkenner.) (.25-2-2011 - 7:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Toepassing Opstarten.) (.14-7-2009 - 2:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) (.22-11-2014 - 2:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Toepassing Windows-aanmelden.) (.17-7-2014 - 3:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing-bibliotheek.) (.20-11-2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30-5-2014 - 7:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-7-2009 - 2:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14-7-2009 - 0:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20-11-2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20-11-2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20-11-2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042-poortstuurprogramma.) (.14-7-2009 - 0:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-7-2009 - 1:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27-4-2011 - 3:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20-11-2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) (.24-1-2014 - 3:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) (.14-7-2009 - 1:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20-11-2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-7-2009 - 1:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11-11-2014 - 2:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) (.20-11-2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

---\\ Status van de verborgen bestanden (verborgen/totaal)
~ Mes images (My Pictures) : 1/1065
~ Mes musiques (My Musics) : 13/147
~ Mes Videos (My Videos) : 5/13
~ Mes Favoris (My Favorites) : 1/204
~ Mes Documents (My Documents) : 1/593
~ Mon Bureau (My Desktop) : 1/52
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 01s

---\\ Gestarte processen
[MD5.0D6972A795995F07B6D78CA7724744FB] - (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe   [349552] [PID.3344]
[MD5.75102FC486595CF486DFD7239BE30DD5] - (.No owner - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe   [206208] [PID.3360]
[MD5.48C3EBD6D5E52AFCB1A0FA9B7F9802FA] - (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe   [59720] [PID.3372]
[MD5.D3F78E38C39AB0E7358735717FB52EAE] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe   [1563440] [PID.3648]
[MD5.646A34526CC33BE4CA933C5680D80B48] - (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe   [1090912] [PID.3696]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe   [270336] [PID.4120]
[MD5.94F80155B91B8DF7A0EAD527C853D377] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe   [265984] [PID.4336]
[MD5.0ADF079D36B2C25E6E9BECE1BD937ACE] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe   [407920] [PID.4500]
[MD5.56D1890D74A8999F756E338210846AF1] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1094736] [PID.4916]
[MD5.B569E48B3A30E24601FCE6C98501E383] - (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe   [419112] [PID.4924]
[MD5.3D295062806875591B8BC30DC3A8AF61] - (.Sony Corporation - Reader Library Launcher.) -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe   [906648] [PID.4936]
[MD5.4312B4DD07050FC58146756634058CE8] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe   [3653136] [PID.4964]
[MD5.EB1B7B961090A4AF33FC297516B88FAE] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe   [310064] [PID.5004]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.5024]
[MD5.887CAA31048EB8ED09A0CBD0E6F46F09] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [507776] [PID.5032]
[MD5.0EF0822810009D58118CCDFD098FA9F4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe   [157480] [PID.5040]
[MD5.F255E48EA981E943A14CF16269F3F3AF] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe   [201584] [PID.4316]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe   [168960] [PID.4192]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe   [559104] [PID.4740]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe   [362496] [PID.4360]
[MD5.58FBD16C4BB84D9F69C25F30DAA4CE31] - (.Nokia - Microsoft Bluetooth Media Server.) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe   [158032] [PID.5432]
[MD5.A24BFBAE8B50A6780B68FF3673FAB52F] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe   [815280] [PID.6668]
[MD5.BB513BA628D328BF05C15F4B86AEF64C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8144896] [PID.1680]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [81088] [PID.1920]
[MD5.650D03E40F93FAE323CB841F80368E5C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [60744] [PID.1964]
[MD5.BA5BEC7FB1EABF3FBD38924AB45C7B3A] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe   [298080] [PID.2024]
[MD5.0191DEE9B9EB7902AF2CF4F67301095D] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe   [23584] [PID.2496]
[MD5.23DE5B62B0445A6F874BE633C95B483E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe   [268824] [PID.2544]
[MD5.9A308FCDCCA98A15B6F62D36A272160E] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe   [255744] [PID.2684]
[MD5.B8D903B2894FF9AFBD99CA51C35590D7] - (.NTI, Inc. - NTI Backup Now 5 Scheduler Service.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe   [144640] [PID.2708]
[MD5.616F6E52CAE254727A886BA8EDA1BEEA] - (.No owner - RichVideo Module.) -- C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe   [247152] [PID.2764]
[MD5.CC907C2FB839D3F92690A25FF8E463BE] - (.TeamViewer GmbH - TeamViewer 9.) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe   [4972864] [PID.2908]
[MD5.F9EC9ACD504D823D9B9CA98A4F8D3CA2] - (.Acer Group - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe   [243232] [PID.2960]
[MD5.CB8C1CC4F46FBAC78150754D77460C73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe   [230792] [PID.3592]
[MD5.CC3775100ABA633984F73DFAE1F55CAE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe   [2320920] [PID.940]
[MD5.78F7BB9F4924BE164294C59B8C3FC096] - (.Nokia - ServiceLayer Module.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe   [737616] [PID.5052]
~ Processes Running: Scanned in 00mn 00s

---\\ Google Chrome, start, zoeken, extensies (G0, G1, G2)
C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Google Chrome extensie map
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, proxybeheer (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Analyse van lijnen F0, F1, F2, F3 - IniFiles, Autoloading programma's
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

---\\ Hosts-bestand omleiding (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s

---\\ Toepassingen gestart door register & bestand (O4)
O4 - HKLM\..\Run: [mwlDaemon] . (.Egis Technology Inc. - MyWinLocker.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [PLFSetI] . (.No owner - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe   =>.Microsoft Corporation
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKLM\..\Wow6432Node\Run: [backupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe   =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [suiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe   =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeDeluxeAgent] . (.CyberLink Corp. - Acer Arcade Deluxe Resident Program.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Reader Library Launcher] . (.Sony Corporation - Reader Library Launcher.) -- C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe   =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Windows-bureaubladgadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q \SearchProtect   =>PUP.SearchProtect
O4 - HKUS\S-1-5-18\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q \SearchProtect   =>PUP.SearchProtect
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2668737801-3381503766-2512015713-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe   =>.Piriform Ltd
~ Application: Scanned in 00mn 00s

---\\ Knoppen op de werkbalk "belangrijkste instrumenten" Internet Explorer (O9)
O9 - Extra button: &Verzenden naar OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: &Gekoppelde notities van OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ ActiveX-objecten (Downloaded Program Files) (O16)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} ((no name)) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.6.0.cab
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Domeinadres van de DNS (O17) wijzigen
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE77A58F-6CE0-4869-A3F6-569F157EA701}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpDomain = arnhem.chello.nl
O17 - HKLM\System\CS1\Services\Tcpip\..\{BE77A58F-6CE0-4869-A3F6-569F157EA701}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CS1\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpDomain = arnhem.chello.nl
O17 - HKLM\System\CS2\Services\Tcpip\..\{BE77A58F-6CE0-4869-A3F6-569F157EA701}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpNameServer = 213.46.228.196 62.179.104.196
O17 - HKLM\System\CS2\Services\Tcpip\..\{E7C159C5-E95D-4032-87E2-DFF0B685D449}: DhcpDomain = arnhem.chello.nl
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

---\\ Aanvullend Protocol (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Lijst van niet-Microsoft NT services die niet uitgeschakeld zijn (O23)
O23 - Service: GS-Supporter (e81a9dc1) . (...) - C:\Program Files (x86)\gs-ena~1\AssistantSvc.dll (.not file.) =>PUP.SaveClicker
~ Services: 20 Legitimates Filtered in 00mn 04s

---\\ Taken die zijn gepland in de automatische modus (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [940]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1052]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1056]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000Core   [1010]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2668737801-3381503766-2512015713-1000UA   [1062]
~ Scheduled Task: 20 Legitimates Filtered in 00mn 05s

---\\ Geïnstalleerde software (O42)
O42 - Logiciel: Aangifte inkomstenbelasting 2011 - (.Belastingdienst.) [HKLM][64Bits] -- Aangifte inkomstenbelasting 2011
O42 - Logiciel: Aangifte inkomstenbelasting 2012 - (.Belastingdienst.) [HKLM][64Bits] -- Aangifte inkomstenbelasting 2012
O42 - Logiciel: Aangifte inkomstenbelasting 2013 - (.Belastingdienst.) [HKLM][64Bits] -- Aangifte inkomstenbelasting 2013
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5637-4300-76A7-A758B70C0A00} =>Toolbar.Avira
O42 - Logiciel: Hema Fotoalbum - (.Hema.) [HKCU][64Bits] -- {83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1
O42 - Logiciel: LimeWire Music - (.ProNetSharing LLC.) [HKLM][64Bits] -- LimeWire Music
O42 - Logiciel: PokerStars.eu - (.PokerStars.eu.) [HKLM][64Bits] -- PokerStars.eu
O42 - Logiciel: SyncDroid version 1.2.4 - (.JunTu Software, Inc..) [HKLM][64Bits] -- {BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1
O42 - Logiciel: Widevine Media Optimizer IE 6.0.0 - (.Widevine Technologies.) [HKCU][64Bits] -- optimizer_ie
O42 - Logiciel: partypoker - (.PartyGaming.) [HKLM][64Bits] -- PartyPoker
~ Logic: 32 Legitimates Filtered in 00mn 00s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC1]
[HKCU\Software\PartyGaming]
[HKCU\Software\Reg]
[HKCU\Software\SyncDroid]
[HKCU\Software\Widevine]
[HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Å¶¬‚³‚ê‚½ƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\SyncDroid]
~ Key Software: 423 Legitimates Filtered in 00mn 00s

---\\ 'Inhoud van mappen programma's, ProgramFiles, ProgramData, AppData (O43)
O43 - CFD: 9-4-2012 - 14:46:06 - [] ----D C:\Program Files (x86)\35Label
O43 - CFD: 20-2-2012 - 14:50:46 - [] ----D C:\Program Files (x86)\Belastingdienst
O43 - CFD: 30-1-2013 - 15:25:09 - [] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30-1-2013 - 17:22:29 - [] ----D C:\Program Files (x86)\LimeWire Music
O43 - CFD: 2-5-2014 - 17:02:04 - [] ----D C:\Program Files (x86)\PokerStars.EU
O43 - CFD: 25-7-2014 - 16:59:24 - [] ----D C:\Program Files (x86)\SyncDroid
O43 - CFD: 2-12-2014 - 10:45:20 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 9-6-2012 - 15:34:46 - [] ----D C:\ProgramData\LimeWire Music
O43 - CFD: 20-2-2012 - 14:50:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belastingdienst
O43 - CFD: 26-11-2014 - 11:34:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs
O43 - CFD: 30-12-2013 - 16:49:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 30-1-2013 - 15:25:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LimeWire Music
O43 - CFD: 2-5-2014 - 17:04:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
O43 - CFD: 17-1-2013 - 15:58:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
O43 - CFD: 10-4-2012 - 15:50:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reader
O43 - CFD: 25-7-2014 - 16:59:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncDroid
O43 - CFD: 14-11-2011 - 12:32:18 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 12-9-2013 - 17:17:36 - [] ----D C:\Users\Acer\AppData\Roaming\AC1
O43 - CFD: 5-11-2014 - 15:48:50 - [] ----D C:\Users\Acer\AppData\Roaming\Belastingdienst
O43 - CFD: 14-2-2013 - 20:54:51 - [] ----D C:\Users\Acer\AppData\Roaming\cef-cache
O43 - CFD: 9-6-2012 - 15:47:47 - [] ----D C:\Users\Acer\AppData\Roaming\LimeWire Music
O43 - CFD: 2-10-2012 - 16:34:17 - [] ----D C:\Users\Acer\AppData\Roaming\Party
O43 - CFD: 7-10-2014 - 15:34:00 - [] ----D C:\Users\Acer\AppData\Roaming\SyncDroid
O43 - CFD: 12-11-2014 - 13:06:20 - [] -SH-D C:\Users\Acer\AppData\Local\EmieBrowserModeList
O43 - CFD: 26-1-2013 - 12:49:57 - [] ----D C:\Users\Acer\AppData\Local\Hema Fotoalbum
O43 - CFD: 26-1-2013 - 12:20:10 - [] ----D C:\Users\Acer\AppData\Local\PokerStars
O43 - CFD: 2-5-2014 - 17:02:37 - [] ----D C:\Users\Acer\AppData\Local\PokerStars.EU
O43 - CFD: 26-12-2012 - 13:06:24 - [] ----D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hema Fotoalbum
O43 - CFD: 30-1-2013 - 14:35:06 - [0] ----D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
~ Program Folder: 308 Legitimates Filtered in 00mn 01s

---\\ Meest recente bestanden gewijzigd of gemaakt op Windows en System32 (O44)
O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 19-12-2014 - 19:40:57 ---A- . (...) -- C:\Windows\NeroDigital.ini   [69]
O44 - LFC:[MD5.5D119CE420D2ECFCB4C746B535AB9181] - 24-12-2014 - 11:57:04 ---A- . (...) -- C:\zoek-results2014-12-24-105704.log   [27670]
O44 - LFC:[MD5.CC7AA7B42CF418FC3D926913490048F8] - 26-12-2014 - 15:55:49 ---A- . (...) -- C:\Windows\zoek-delete.exe   [24064]
O44 - LFC:[MD5.A76BEAAE411D6D0AECB48239D218C767] - 26-12-2014 - 16:16:50 ---A- . (...) -- C:\zoek-results.log   [5439]
~ Files: 11 Legitimates Filtered in 00mn 01s

---\\ Activiteiten en functies bij het opstarten van Windows Verkenner (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Registersleutel Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{1f496acc-1a23-11e4-bb78-00262d757ec2}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Opsomming van het register sleutels PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

---\\ Opsomming van de registersleutel PoliciesExplorer (CÖKVI) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

---\\ Overzicht van de drivers (SDL) (O58)
O58 - SDL:14-9-2013 - 12:33:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum   [175]
O58 - SDL:14-9-2013 - 12:33:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum   [175]
O58 - SDL:14-9-2013 - 12:33:10 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys.sum   [175] =>.ALWIL Software
O58 - SDL:14-7-2009 - 2:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:6-3-2011 - 19:26:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\System32\Drivers\emBDA64.sys   [683136]
O58 - SDL:6-3-2011 - 19:25:18 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\System32\Drivers\emOEM64.sys   [1189504]
O58 - SDL:10-6-2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:11-4-2014 - 9:39:22 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [110336]
O58 - SDL:11-4-2014 - 9:39:22 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [206080]
O58 - SDL:14-7-2009 - 2:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:13-12-2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
~ Drivers: 97 Legitimates Filtered in 00mn 56s

---\\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (O61)
O61 - LFC: 24-12-2014 - 18:11:33 ---A- . (...) -- C:\Users\Acer\Downloads\adwcleaner_4.106.exe [2173952]
O61 - LFC: 26-12-2014 - 18:11:33 ---A- . (...) -- C:\Users\Acer\Desktop\zoek.exe [1295360]
~ 45 Fichiers temporaires (Temporary files)
~ 216 Fichiers cookies (Cookies files)
~ Files: 5 Legitimates Filtered in 00mn 04s

---\\ Lijst van cleaning tools (CLAB) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: RSIT - (.random/random.)
~ ADS: Scanned in 00mn 00s

---\\ Bestandsassociaties mogelijk aangepast (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

---\\ Startmenu Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s

---\\ Zoek "infecties in internetbrowsers (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s

---\\ Bepaalde zoekopdracht in de hoofdmap van het systeem (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [sPRF][3-3-2010] (...) -- C:\ProgramData\FullRemove.exe   [131984]
[MD5.4A7D7A329B32E96A3DA4B83C41A16D7C] [sPRF][5-11-2014] (.inkscape.org - Inkscape.) -- C:\Users\Acer\Desktop\Inkscape-0.48.2-1-win32.exe   [35746429]
[MD5.92ABBC6E52E32F8F66684F90BF4A25CE] [sPRF][26-12-2014] (...) -- C:\Users\Acer\Desktop\zoek.exe   [1295360]
~ Files: 7 Legitimates Filtered in 00mn 01s

---\\ Overzicht van de productcodes van software (PUC) (O90)
O90 - PUC: "617DD6FF01B79624F991FF0BA74CDC59" . (.Bing Bar.) -- C:\Windows\Installer\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}\icon_installer_ico =>Toolbar.Bing
O90 - PUC: "D2A425F473650034677A7A857BC0A000" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-4300-76A7-A758B70C0A00}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 2 Legitimates Filtered in 00mn 00s

---\\ Microsoft Installer-bestanden (WIS) (NTFS) (O93)
[MD5.3561A670FD52E8DB7EBEE4E2F85AB036] [WIS][16-12-2013] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\111d3.msi [741376] =>Toolbar.Bing
~ WIS: 1 Legitimates Filtered in 00mn 04s

---\\ Algemene toestand van niet-Microsoft services (GSR) (SR = Running, SS = gestopt)
SS - | Demand 24-12-2014 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 9-11-2014 3488784 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
SS - | Auto 10-7-1658 0 | (e81a9dc1) . (...) - C:\Program Files (x86)\gs-ena~1\AssistantSvc.dll
SS - | Auto 22-10-2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22-10-2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28-12-2011 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 27-5-2010 305520 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
SS - | Demand 17-4-2010 50432 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SS - | Demand 10-7-1658 0 | (PCDSRVC{D1725DDC-01E99333-06020101}_0) . (...) - c:\users\acer\appdata\local\temp\ejcvpotesvv7\pcdrdiag\bin\pcdsrvc_x64.pkms
SS - | Auto 23-10-2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 4-2-2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Demand 2-4-2010 73728 | (Sony SCSI Helper Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
SS - | Demand 14-7-2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19-12-2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 28-3-2009 16896 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SR - | Auto 10-12-2009 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 7-10-2014 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 9-11-2014 298080 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
SR - | Auto 30-8-2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 26-2-2010 841248 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SR - | Auto 8-1-2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SR - | Demand 14-7-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-7-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14-7-2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 15-10-2014 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 3-3-2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
SR - | Auto 14-7-2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 2-6-2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
SR - | Auto 29-6-2010 255744 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 17-4-2010 144640 | (NTISchedulerSvc) . (.NTI, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SR - | Auto 14-7-2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 17-4-2009 247152 | (RichVideo) . (...) - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
SR - | Demand 18-4-2013 737616 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 2-4-2014 4972864 | (TeamViewer9) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
SR - | Auto 3-3-2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
SR - | Auto 29-1-2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Demand 10-7-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14-7-2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13-3-2010 146928 | ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
~ Services: Scanned in 00mn 11s

---\\ Onderzoek gelijktijdige op de Master Boot Record (MBR) (O80)
Run by Acer at 27-12-2014 18:12:46
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s

---\\ Onderzoek de Master Boot Record op Infecties (MBRCheck) (O80)
Written by ad13, http://ad13.geekstog
Run by Acer at 27-12-2014 18:12:48
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

---\\ Extra scan (O88)
Database Version : 13026 - (25-12-2014)
Clés trouvées (Keys found) : 7
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 3

[HKLM\SYSTEM\CurrentControlSet\Services\e81a9dc1]   =>PUP.SaveClicker^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-4300-76A7-A758B70C0A00}]   =>Toolbar.Avira^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{b7fe5d70-9aa2-40f1-9c6b-12a255f085e1}]   =>Casino.OnlineGames
[HKCU\Software\PartyGaming]   =>Casino.OnlineGames
[HKLM\Software\Classes\Interface\{09B8C335-1622-42C7-8650-A79D56551343}]   =>Adware.MapsGalaxy
O4 - HKUS\.DEFAULT\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q \SearchProtect   =>PUP.SearchProtect^
O4 - HKUS\S-1-5-18\..\RunOnce: [spUninstallDeleteDir] rmdir /s /q \SearchProtect   =>PUP.SearchProtect^
C:\Windows\Installer\111d3.msi   =>Toolbar.Bing^
~ Additionnel Scan: 451640 Items scanned in 00mn 25s

---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, proxybeheer (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Toepassingen gestart door register & bestand (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Registersleutel Shell MountPoints2 (MPSK) (O51)
~ AMI: 3 Legitimates Filtered in 00mn 00s

---\\ Samenvatting van detecties gevonden op uw werkstation
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-saveclicker =>PUP.SaveClicker
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Casino.OnlineGames
http://nicolascoolman.fr/adware-mapsgalaxy =>Adware.MapsGalaxy
~ MSI: 5 link(s) detected in 00mn 00s

~ 1035 Legitimates filtered by white list
End of the scan (558 lines in 03mn 13s)(0)

Mako · 27 december 2014

Goedenavond Ebonny,

Alvorens we verder gaan wil ik je eerst even vragen wat je niet helemaal begrijpt aan onze procedure voor het toevoegen van een bijlage? Sinds mijn eerste bericht vraag ik je steeds uitdrukkelijk om de logjes als bijlage toe te voegen. Onder het woord 'bijlage' zit tevens een link met extra uitleg over hoe je dit precies kan doen. Desondanks blijf je de logjes plakken in je bericht... .

Er zijn enkele goede redenen waarom we de gebruikers vragen om logjes zo veel mogelijk als bijlage toe te voegen:

Persoonlijke gegevens staan minder openbaar op het internet.
Het is beter voor het forum (technisch aspect)
Het maakt het lezen van de logjes een pak eenvoudiger. Zo worden bepaalde tekens niet vervormd en worden de tekstregels niet afgebroken

Goed, verder dan met de behandeling...

Schakel uw antivirussoftware tijdelijk uit en kopieer onderstaande code volledig:

Script ZHPFix
O23 - Service: GS-Supporter (e81a9dc1) . (...) - C:\Program Files (x86)\gs-ena~1\AssistantSvc.dll (.not file.)  =>PUP.SaveClicker
O42 - Logiciel: Ask Toolbar - (.APN, LLC.) [HKLM][64Bits] -- {4F524A2D-5637-4300-76A7-A758B70C0A00}  =>Toolbar.Avira
[HKCU\Software\ƒAƒvƒŠƒP[ƒVƒ‡ƒ“ ƒEƒBƒU[ƒh‚Å¶¬‚³‚ê‚½ƒ[ƒJƒ‹ ƒAƒvƒŠƒP[ƒVƒ‡ƒ“]
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O90 - PUC: "D2A425F473650034677A7A857BC0A000" . (.Ask Toolbar.) -- C:\Windows\Installer\{4F524A2D-5637-4300-76A7-A758B70C0A00}\ToolbarIcon.exe  =>Toolbar.Ask
[HKLM\SYSTEM\CurrentControlSet\Services\e81a9dc1]   =>PUP.SaveClicker^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5637-4300-76A7-A758B70C0A00}]   =>Toolbar.Avira^
shortcutfix
emptytemp
emptyflash

ZHPFix uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

Dubbelklik de snelkoppeling ZHPFix op het bureaublad.
Druk op de knop "Import"
Druk daarna onderaan op de knop "Go".
Wacht nu geduldig af tot er een logje opent
Voeg het logbestand met de naam "ZPHFix[r1].txt" als bijlage toe aan het volgende bericht.

Hoe gaat het intussen met de computer? Zijn er nog steeds traag ladende webpagina's?

27 december 2014 aangepast door Mako

Ebonny · 28 december 2014

Hallo Mako,

Sorry dat ik het niet heb begrepen zoals je heb gevraagd.Mogelijk onervarenheid of niet goed lezen.

Ook moet ik wennen aan de nieuwe site.

Het inladen van een webpagina is verschillend. Na het opstarten van de laptop en dan inladen is het traagste. Bij de 2e keer gaat dat sneller bij dezelfde webpagina.

De logfile is als bijlage.

gr Ebonny

ZHPFixReport.txt

Mako · 28 december 2014

Hallo Ebonny,

Prima, bedankt!

Ik zou graag nog twee scans doen om er helemaal zeker van te zijn dat er niks meer op je computer aanwezig is. Dat een webpagina vlak na opstarten van je laptop wat trager laadt is wel normaal te noemen denk ik, dat is bij mij ook het geval. Er zijn namelijk nog heel wat processen en programma's die nog achter de schermen aan het opstarten zijn terwijl je de computer eigenlijk al kan gebruiken. Zeker wanneer je in rekening brengt dat veel programma's gaan updaten van zodra de computer is opgestart denk ik niet dat dit abnormaal te noemen is.

Ga naar de site van de ESET Online Scanner

ESET Online Scan uitvoeren

Klik op de knop ESET Online Scanner
Zet een vinkje bij YES, I accept the Terms of Use
Klik op Start
Sta het ActiveX control toe om te installeren.
Klik op "Advanced settings"
Zet een vinkje bij de volgende opties:
- Remove found threats
- Scan archives
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
Klik op Start
De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
Je mag het venster sluiten wanneer de scan klaar is.
Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map "C:\Program Files\EsetOnlineScanner\log.txt")

Download de

Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links

Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren

Dubbelklik op FRST.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Als het programma is geopend klik Yes (Ja) bij de disclaimer.
Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Voeg beide logbestanden als bijlage toe aan het volgende bericht.

Ebonny · 30 december 2014

Beste Mako,

Het opstarten van webpagina's is niet direct na het opstarten traag maar ook wanneer de laptop enige tijd aan staat.Alleen wanneer hij één ker is opgestart gaat de 2e keer sneller.Programma's starten wel snel o.

Ik heb de ESET online scanner uitgevoerd duurde zeker lang.

Alleen Scan for potentially unwanted applications stond er niet bij.

Wel moest ik Enable of Disable detection of potentially unwanted applications aan vinken. Ik heb Disable aan gevinkt.

De andere 2 log files FRST log.txtkomen nog.

gr Ebonny

Ebonny · 30 december 2014

Hierbij de 2 logs van FRST.exe

gr Ebonny

Addition.txt

FRST.txt

Mako · 30 december 2014

Hoi Ebonny,

De optie voor detection of potentially unwanted applications mocht je eigenlijk op 'enable' laten staan hebben, maar dat is nu geen ramp.
Wel lijkt het er op dat het logje niet helemaal is wat het zou moeten zijn. Kan je even het logje op de locatie C:\Program Files\EsetOnlineScanner\log.txt plaatsen aub?

Er zijn nog een aantal zaken die met FRST verwijderd dienen te worden.

Start de Farbar Recovery Scan Tool nogmaals.

Download fixlist.txt uit de bijlage naar het bureaublad, waar ook FRST.exe aanwezig is.
Dubbelklik op FRST.exe om de tool te starten.
Als het programma is geopend klik Yes (Ja) bij de disclaimer.
Druk op de Fix knop
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Voeg dit logbestand als bijlage toe aan het volgende bericht..

fixlist.txt

Ebonny · 31 december 2014

Hallo Mako,

Ik heb alles uitgevoerd.

gr Ebonny

Fixlog.txt

Inloggen

Trage internet site's

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie