Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Marivoet on do 30/06/2016 at 8:51:38,48. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marivoet\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 30/06/2016 8:55:00 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\log deleted successfully C:\PROGRA~3\HiSuiteOuc deleted successfully C:\PROGRA~3\NtiDvdCopy deleted successfully C:\Users\Marivoet\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Acer Arcade Deluxe Acer Arcade Instant On Acer Backup Manager Acer Bio Protection Acer Crystal Eye Webcam Acer eRecovery Management Acer GridVista Acer PowerSmart Manager Acer Registration Acer ScreenSaver Acer VCM Acrobat.com Adobe Acrobat Reader DC - Nederlands Adobe AIR Adobe Community Help Adobe Flash Player 22 ActiveX Adobe Photoshop Elements 9 Adobe Refresh Manager Advanced SystemCare 8 Amazon 1Button App Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Ask Toolbar Backup Manager Basic Basissoftware voor HP Deskjet 3050 J610 series Belgium e-ID middleware 4.1.16 (build 1723) Bing Bar Bonjour Broadcom Gigabit NetLink Controller CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB3115247) 32-Bit Edition Driver Booster Elements 9 Organizer Elements STI Installer eSobi v2 Fingerprint Solution G DATA INTERNET SECURITY Google Chrome Google Drive Google Photos Backup Google Toolbar for Internet Explorer Google Update Helper HiSuite HP Deskjet 3050 J610 series Haelp HP Photo Creations HP Update Identity Card Intel© Matrix Storage Manager IObit Malware Fighter IObit Uninstaller iTunes Java 8 Update 91 Java Auto Updater Junk Mail filter update LastPass (alleen de‹nstalleren) Launch Manager Lexar_Echo_Backup_Manager.exe LSI HDA Modem Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft Outlook 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_CRT_x86 Movie Maker Mozilla Firefox 35.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Nuvoton EC Generic HID Driver NVIDIA-configuratiescherm 340.52 NVIDIA Drivers NVIDIA Install Application NVIDIA PhysX ParetoLogic PC Health Advisor Photo Common Photo Gallery Productverbeteringonderzoek HP Deskjet 3050 J610 series QuickTime 7 Reader for PC Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft .NET Framework 4.5.2 (KB3142033) Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984938) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2984943) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115111) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115194) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3115107) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Visio Viewer 2007 (KB2596915) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3115195) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3115243) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Skype Click to Call Skype Web Plugin SkypeT 7.24 Smart Defrag 3 Sonos Controller Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) Surfing Protection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TomTom HOME TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3115127) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Windows\SysWOW64\DllHost.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Users\Marivoet\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Amazon 1Button App Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Amazon 1Button App Service deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hshhsaaaws"=- ==== Deleting Files \ Folders ====================== C:\windows\SysNative\Tasks\ParetoLogic Registration3 deleted C:\Windows\tasks\ParetoLogic Registration3.job deleted C:\Users\Marivoet\.android deleted C:\PROGRA~2\ParetoLogic deleted C:\PROGRA~2\COMMON~1\ParetoLogic deleted C:\Users\Marivoet\AppData\Roaming\ParetoLogic deleted C:\Users\Marivoet\AppData\Roaming\DriverCure deleted C:\PROGRA~3\ParetoLogic deleted C:\Users\Marivoet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted C:\Windows\tasks\ParetoLogic Update Version3.job deleted C:\windows\SysNative\tasks\ParetoLogic Update Version3 deleted C:\Windows\tasks\PC Health Advisor Defrag.job deleted C:\Windows\tasks\PC Health Advisor.job deleted C:\windows\SysNative\tasks\PC Health Advisor deleted C:\windows\SysNative\tasks\PC Health Advisor Defrag deleted C:\Users\Marivoet\Desktop\ParetoLogic PC Health Advisor.lnk deleted "C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonRuntime.dll" deleted "C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll" deleted "C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll" deleted "C:\Program Files (x86)\Amazon" not deleted "C:\Program Files (x86)\Amazon\Amazon1ButtonApp" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4091 MB CPU Info: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz CPU Speed: 453,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 240M | NVIDIA GeForce GT 240M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel(R) WiFi Link 5100 AGN | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 450,4GB | D: 465,8GB | F: 698,6GB Hard Disks - Free: C: 261,4GB | D: 198,1GB | F: 474,6GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 08/18/09 | ACRSYS - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer JM70 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: G DATA INTERNET SECURITY *Disabled/Outdated* {545C8713-0744-B079-87F8-349A6D5C8CF0} SP: G DATA INTERNET SECURITY *Disabled/Outdated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} Default Browser: Google Chrome 51.0.2704.103 Internet Explorer Version: 11.0.9600.18349 Mozilla Firefox version: 35.0 (x86 nl) Google Chrome version: 51.0.2704.103 Adobe Reader version: 15.16.20045.188096 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2016-06-15 16:02:23 9DA3B83F80E205B6C601EEE1312FD0A0 3231232 ----a-w- C:\Windows\explorer.exe ====== C:\Users\Marivoet\AppData\Local\Temp ==== 2016-06-29 12:31:32 2A276BA2B7782476302C59D0F760F4BC 117560 ------w- C:\Users\Marivoet\AppData\Local\Temp\{CF55B279-BA6D-485C-9C6F-648C5338A4D2}\ISBEW64.exe ====== Java Cache ===== 2016-06-13 10:20:14 4F85459CEC4F78A3987FFFD5B6A816C5 605 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-3f388eae 2016-06-13 10:20:14 F9F8208F94C6468442F1AC7BDD91B5F3 429 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap 2016-06-10 19:55:16 215F50F8CB678DFA9E837E14B1D637F6 9328 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\7e0c8f6a-21dba884 2016-06-13 10:20:14 33E6A7F07217C4DAFA9AA4E7714A0CCA 8513 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-2a3279d8 2016-06-13 10:20:22 C1BBA7F1278F193AB584FFF460DB5E2A 17878 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-18b5b9cb 2016-06-10 19:55:12 991D2CEA86C66707C155681C43A76E92 38 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\612e2cb4-8a1867cb66cb04936f519f26d08a634a3fdeed0b7b5c271b64583797669b67b6-6.0.lap ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2016-06-28 08:29:08 FA354F5C71925DD7384858B593D0F274 287232 ----a-w- C:\Windows\Sysnative\drivers\hw_quusbnet.sys 2016-06-28 08:29:08 D6261C78B9A88FE77912634EC961CB66 126592 ----a-w- C:\Windows\Sysnative\drivers\hw_cdcacm.sys 2016-06-28 08:29:08 CB32F01890953A2FEE8FE01F289DF726 223232 ----a-w- C:\Windows\Sysnative\drivers\hw_quusbmdm.sys 2016-06-28 08:29:08 B57B4F0BEC4270A281B9F8537EB2FA04 33280 ----a-w- C:\Windows\Sysnative\drivers\usbser.sys 2016-06-28 08:29:08 7920776AB1C59BD6EC70424952CC5FD4 116864 ----a-w- C:\Windows\Sysnative\drivers\hw_usbdev.sys 2016-06-28 08:29:08 152B8C8590DE93A7C89D058D58090998 18816 ----a-w- C:\Windows\Sysnative\drivers\ew_usbccgpfilter.sys 2016-06-15 16:06:15 FD0008BEDD2723170CCA7D61837DFD52 405504 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2016-06-15 16:06:15 F2F4B895296EE3ECCE781CC2A296A5D1 464896 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2016-06-15 16:06:15 DCC4343B422A13B42C7678998449CE8A 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-06-15 16:06:15 6E85615A86FE86E76DAE49BF9F227483 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-06-15 16:06:15 63B5845D9379262083655D5C6AB8DFC5 168960 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2016-06-15 16:06:15 46C4F5BEE8D98BB1688752EAD0ABB7C0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-06-15 16:06:15 3974E5264A0481600370C5BEED061DDF 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-06-15 16:06:15 3323F76352B0AF14B2CDC4DFBF3E980A 459640 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-06-15 16:06:15 10112D850C844606419C79EE24EE6016 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-06-15 16:05:59 E47D571FEC2C76E867935109AB2A770C 262144 ----a-w- C:\Windows\Sysnative\drivers\netbt.sys ====== C:\Windows\Tasks ====== 2016-06-13 08:47:37 B63AD96D5AB77552EFDB7D2277C3B0CB 3886 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-06-08 20:47:57 -------- d-----w- C:\Program Files\iPod 2016-06-08 20:47:56 -------- d-----w- C:\Program Files\iTunes ======= C:\PROGRA~2 ===== 2016-06-28 08:28:46 -------- d-----w- C:\PROGRA~2\HiSuite 2016-06-13 10:20:44 -------- d-----w- C:\PROGRA~2\Amazon 2016-06-13 10:18:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-06-08 20:47:58 -------- d-----w- C:\PROGRA~2\iTunes ======= C: ===== 2016-06-17 13:38:15 F3C928212D26D01A7A3958790FA89B2D 120 ----a-w- C:\0.bak 2016-05-31 11:17:20 6CC50DA74AFBE9F0B0C65578814ED1BF 1953 ----a-w- C:\DelFix.txt ====== C:\Users\Marivoet\AppData\Roaming ====== 2016-06-14 19:19:45 -------- d-----w- C:\Users\Marivoet\AppData\Local\CEF 2016-06-13 13:18:45 -------- d-----w- C:\Users\Marivoet\AppData\Roaming\com.adobe.mauby 2016-06-13 13:18:44 -------- d-----w- C:\Users\Marivoet\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2016-06-10 09:49:54 -------- d-----w- C:\Users\Marivoet\AppData\Local\Windows Live Writer ====== C:\Users\Marivoet ====== 2016-06-29 08:09:18 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-06-28 08:29:37 -------- d-----w- C:\ProgramData\HandSetService 2016-06-28 08:29:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2016-06-17 11:14:56 A6258C2552098043FF0DD04A72BD49BA 3703360 ----a-w- C:\Users\Marivoet\Downloads\adwcleaner_5.200.exe 2016-06-13 10:16:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-06-08 20:48:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes ====== C: exe-files == 2016-06-29 12:31:32 2A276BA2B7782476302C59D0F760F4BC 117560 ------w- C:\Users\Marivoet\AppData\Local\Temp\{CF55B279-BA6D-485C-9C6F-648C5338A4D2}\ISBEW64.exe 2016-06-29 08:09:18 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-06-28 08:29:37 CCA6CF3F3435967E084D70CEEDC73104 152264 ----a-w- C:\ProgramData\HandSetService\HSService.exe 2016-06-28 08:29:37 9A06277A13CBA9DB1DFF3FC448AD3731 1670066 ----a-w- C:\Program Files (x86)\HiSuite\uninst.exe 2016-06-28 08:29:37 32ED4147E7252A6885C28BE688895FD8 191688 ----a-w- C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe 2016-06-28 08:29:37 1310FED626F7DE96B817A089E4AE1CA9 155336 ----a-w- C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe 2016-06-28 08:29:35 C92D1D24546841C7284736F9A9D712C5 262960 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\hwtools\hwtransport.exe 2016-06-28 08:29:35 8C91726DD622CEA9C477FC48AB94C195 319488 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\hwtools\fastboot.exe 2016-06-28 08:29:35 8A107C50B2CF732B446971ECC3D21F4E 267568 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\hwtools\hdbtransport.exe 2016-06-28 08:29:33 60C2423FBA51821F69EDA8E1EB6F4B2D 334424 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\DriverUninstall.exe 2016-06-28 08:29:32 DBA20F6E47ACDDE1689E05DFCD6173E8 338520 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\DriverSetup.exe 2016-06-28 08:29:32 CBB1BDF610676E2EC8C7DA792749D84F 422032 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\devsetup64.exe 2016-06-28 08:29:32 94D35DC3648FE89EB5F5F0BBC969D998 301712 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\devsetup32.exe 2016-06-28 08:27:13 086A2350215D9E211F0511E708956735 25955304 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\LiveUpdateHisuite\full\HiSuite V400R001B003D55SP00C06\HiSuite_4.0.5.300.exe === C: other files == 2016-06-30 06:02:14 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI28082\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-06-30 06:02:14 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI28082\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2016-06-28 08:29:34 F8003EDBC99F0618EDF9EBAFFA013A1B 112512 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\hw_cdcacm.sys 2016-06-28 08:29:34 DF18F4F309F516A6B953D706DDF4EB99 249856 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\hw_quusbnet.sys 2016-06-28 08:29:34 A688A69EDEC88B7517D76CF25C0A1DA5 195200 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\hw_quusbmdm.sys 2016-06-28 08:29:34 59E2CD43D0B11050289E6EB0808FFC52 102272 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\hw_usbdev.sys 2016-06-28 08:29:34 560B07041FA335481C4D5DE7D2FDA159 15360 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\ew_usbccgpfilter.sys 2016-06-28 08:29:34 1FF9DCF3554025DFC0DBFF26136420E4 28160 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X86\usbser.sys 2016-06-28 08:29:33 FA354F5C71925DD7384858B593D0F274 287232 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\hw_quusbnet.sys 2016-06-28 08:29:33 D6261C78B9A88FE77912634EC961CB66 126592 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\hw_cdcacm.sys 2016-06-28 08:29:33 CB32F01890953A2FEE8FE01F289DF726 223232 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\hw_quusbmdm.sys 2016-06-28 08:29:33 B57B4F0BEC4270A281B9F8537EB2FA04 33280 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\usbser.sys 2016-06-28 08:29:33 7920776AB1C59BD6EC70424952CC5FD4 116864 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\hw_usbdev.sys 2016-06-28 08:29:33 152B8C8590DE93A7C89D058D58090998 18816 ----a-w- C:\Users\Marivoet\AppData\Local\HiSuite\userdata\driver\all\Driver\X64\ew_usbccgpfilter.sys 2016-06-28 08:29:08 FA354F5C71925DD7384858B593D0F274 287232 ----a-w- C:\Windows\System32\drivers\hw_quusbnet.sys 2016-06-28 08:29:08 D6261C78B9A88FE77912634EC961CB66 126592 ----a-w- C:\Windows\System32\drivers\hw_cdcacm.sys 2016-06-28 08:29:08 CB32F01890953A2FEE8FE01F289DF726 223232 ----a-w- C:\Windows\System32\drivers\hw_quusbmdm.sys 2016-06-28 08:29:08 B57B4F0BEC4270A281B9F8537EB2FA04 33280 ----a-w- C:\Windows\System32\drivers\usbser.sys 2016-06-28 08:29:08 7920776AB1C59BD6EC70424952CC5FD4 116864 ----a-w- C:\Windows\System32\drivers\hw_usbdev.sys 2016-06-28 08:29:08 152B8C8590DE93A7C89D058D58090998 18816 ----a-w- C:\Windows\System32\drivers\ew_usbccgpfilter.sys 2016-06-27 05:25:43 DC4352DFBBCF1C1326BACEAD88F968E5 1598774 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\lptmp79641310\lp_languages.zip 2016-06-25 05:44:38 DC4352DFBBCF1C1326BACEAD88F968E5 1598774 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\lptmp994736958\lp_languages.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "G Data ASM"="C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe /autostart" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Startup Folders ====================== 2013-10-25 17:46:11 1786 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk 2015-11-15 10:31:13 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk 2015-11-15 10:31:12 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [18/06/2016 11:39] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:6C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 08:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Marivoet-PC-Marivoet" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Marivoet" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Marivoet)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Marivoet" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2E7FB05F-95D7-4D02-A0AA-2220EBEBAEBB}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{01F89386-34B4-418D-A19E-0CFD456C3577}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{0D78C887-6977-4066-9504-DBAFCA0E1682}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{15560341-B25D-4B9B-A997-51A6F41FD25D}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{19451FCE-8E77-4AC0-BD6B-7E183BC08547}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2B6A3909-8C4F-40D2-9434-FEC662E258E6}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2D94BBAA-B379-4B01-81E1-CBE545D2FAFA}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{3EC935FE-2821-4245-B201-99AB4C32673E}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{490A3B78-9E79-4561-BC39-4306270E9D87}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{4AF8E424-CB90-4F54-B1ED-9D827565B22C}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{57CD478D-16E1-43DD-A2B9-E8AA2303D6C4}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{67ADB8F9-F912-4685-9D3A-21787265EFA2}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B418BEF6-FC55-4896-847F-04F8DDE31AE8}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B6BA070C-BB65-437C-8653-2FD61E54BAB9}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{CF26B49D-8931-47A2-BE8C-A9C9E14D3C74}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{D4A258E2-780C-478C-BCBC-E48AC06FECF1}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EE731FFF-CF38-4056-A282-124A0EB37EFF}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EF73FE72-1038-4979-83A2-5C4B53CA2984}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default user_pref("browser.startup.homepage", "http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=nl-be"); user_pref("browser.search.selectedEngine", "Bing "); user_pref("keyword.URL", "http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [13/06/2016 12:51] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default - LastPass - %ProfilePath%\extensions\support@lastpass.com - Bing Search - %ProfilePath%\extensions\bingsearch.full@microsoft.com.xpi ProfilePath: C:\Users\Marivoet\AppData\Roaming\TomTom\HOME\Profiles\n57wyaa0.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default C426F7E678D6E539041847556059D5E8 - C:\Users\Marivoet\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll - Google Update 270FE7AE3A525AD41EFE5EA9B48E95C9 - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll - Skype Web Plugin CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin BA2559713540A6389A8B7A5618153BFD - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll - Skype Web Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hdokiejnpimakedhajhdlcegeplioahd - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf IObit Surfing Protection & Ads Removal - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi New Tab Assistant - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Netpanel study - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegdldmohomdaelnepdpbkdhfemobdgl Skype - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Chrome Web Store Payments - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [Lexar_Echo_Backup_Manager.exe] C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart O4 - HKCU\..\Run: [BingSvc] C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Marivoet\AppData\Local\Mozilla\Firefox\Profiles\l4yyq8f8.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=380 folders=54 18934089 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marivoet\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Marivoet\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Amazon" not found "C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof" deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 30/06/2016 at 9:51:40,23 ======================