Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Deborah on wo 13-04-2016 at 13:20:28,64. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Deborah\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 13-4-2016 13:26:10 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Pinnacle Studio Plus deleted successfully C:\PROGRA~3\Vivendi Universal Games deleted successfully C:\Users\Deborah\AppData\Local\calibre-cache deleted successfully C:\Users\Deborah\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Deborah\AppData\Local\EmieSiteList deleted successfully C:\Users\Deborah\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1173026733-721704400-2366032540-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ęTorrent abDocs abDocs Office AddIn abMusic abPhoto Acer Explorer Agent Acer Launch Manager Acer Portal Acer Power Management Acer Quick Access Acer Recovery Management Acer Remote Files Acer User Experience Improvement Program App Monitor Plugin Acer User Experience Improvement Program Framework Acer Video Player Adobe Digital Editions 4.0 Adobe Reader XI (11.0.04) MUI Aloha TriPeaks AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager AMD Quick Stream AOP Framework Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Audacity 2.0.6 Autodesk Pixlr Barbie(TM) Horse Adventures(TM) Barbie© Paardrijclub BlueStacks App Player BlueStacks Notification Center Bonjour Brother MFL-Pro Suite MFC-J4510DW calibre 64bit Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CEP (Color Enable Package) v.9.2 (beta) Cradle Of Egypt Collector's Edition CyberLink PhotoDirector 3 CyberLink PowerDirector 10 De Sims 3T Film Accessoires De SimsT 3 De SimsT 3 70s, 80s en 90s Accessoires De SimsT 3 Ambities De SimsT 3 Beestenbende De SimsT 3 Bovennatuurlijk De SimsT 3 Buitenleven Accessoires De SimsT 3 Exotisch Eiland De SimsT 3 Jaargetijden De SimsT 3 Levensweg De SimsT 3 Luxe Accessoires De SimsT 3 Na Middernacht De SimsT 3 Slaap- en badkamer Accessoires De SimsT 3 Studententijd De SimsT 3 Wereldavonturen Definition Update for Microsoft Office 2010 (KB3114887) 64-Bit Edition Dropbox Dropbox Update Helper EA Download Manager eBay Worldwide Elite Proxy Switcher 1.27 ePub Reader for Windows version 5.3 ESET Smart Security Free YouTube to MP3 Converter version 3.12.50.1122 Freelang Game Channels Genesys USB Mass Storage Device Google Books Downloader version 2.6 Google Chrome Google Update Helper Governor of Poker 2 Premium Edition Gramblr Host App Service Identity Card Infinite HDT App Intel(R) Technology Access Intel(R) Technology Access Software Asset Manager Intel(R) Update Manager iTunes KMSpico v9.3.3 LG PC Suite LG United Mobile Drivers Live Updater Luxor Evolved Magic Academy Malwarebytes Anti-Malware versie 2.2.1.1043 Microsoft Office Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft WSE 3.0 Runtime More Games from WildTangent Games Mozilla Firefox 45.0.1 (x86 nl) Mozilla Maintenance Service Mozilla Thunderbird 38.7.2 (x86 nl) Nero BackItUp Nero BackItUp 12 Essentials OEM.a01 Nero BackItUp Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Launcher Nero RescueAgent Nero RescueAgent Help (CHM) Nero Update OEM Application Profile Peggle Nights Pinnacle Studio 15 Pinnacle videodriver Plants vs. Zombies - Game of the Year Pokki Start Menu Prerequisite installer PSP Application Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros WLAN and Bluetooth Client Installation Program Realtek Ethernet Controller Driver Realtek High Definition Audio Driver RollerCoaster Tycoon 2 RollerCoaster Tycoon 3 Platinum Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition Security Update for Microsoft Excel 2010 (KB3114759) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3114396) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB3114402) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3114878) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Sims2Pack Clean Installer Spotify Subtitle Edit 3.4.5 System Requirements Lab Detection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD The Chronicles of Emerland Solitaire The Sims 2 Ultimate Collection version 1.17.0.66 The Sims 4 Deluxe Edition version final Trinklit Supreme Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition Update for Microsoft Office 2010 (KB3114555) 64-Bit Edition Update for Microsoft Office 2010 (KB3114750) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft Project 2010 (KB3114891) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition Update Installer for WildTangent Games App VLC media player Windows Movie Maker WinRAR 5.01 (32-bit) xSIMS.de - 'The Sims 2' Nude Censor Remover v2.0 ==== Running Processes ====================== C:\Windows\SysWOW64\tbaseprovisioning.exe c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\Windows\SysWOW64\UMonit64.exe C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe C:\Users\Deborah\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service KMSELDI deleted successfully ==== Deleting Files \ Folders ====================== C:\Users\Deborah\AppData\Roaming\calibre deleted C:\Users\Deborah\.android deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\Public\Pokki deleted C:\install.exe deleted C:\PROGRA~3\{EB5F5A55-037A-4E47-806B-2C8AA9374701} deleted C:\PROGRA~3\Package Cache deleted C:\Users\Default\AppData\Local\Pokki deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Deborah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted C:\Windows\wininit.ini deleted C:\Users\Public\Desktop\Google Books Downloader.lnk deleted "C:\Windows\Installer\22237.msi" deleted "C:\Windows\Installer\2f195.msi" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3544 MB CPU Info: AMD E2-6110 APU with AMD Radeon R2 Graphics CPU Speed: 1497,9 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: AMD Radeon(TM) R2 Graphics | AMD Radeon(TM) R2 Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Bluetooth-apparaat (Personal Area Network) | Microsoft Hosted Network Virtual Adapter | Microsoft Wi-Fi Direct Virtual Adapter | Qualcomm Atheros AR956x Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: No optical drives found. Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 447,8GB Hard Disks - Free: C: 100,2GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer EA70_BE Country: Nederland Language: NLD ==== System Specs (Software) ====================== AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} FW: ESET Personal firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} Default Browser: Google Chrome 49.0.2623.112 Internet Explorer Version: 11.0.9600.18231 Mozilla Firefox version: 45.0.1 (x86 nl) Google Chrome version: 49.0.2623.112 Adobe Reader version: 11.0.04.63 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Deborah\AppData\Local\Temp ==== 2016-04-12 20:20:03 0A6ABAECA9346E0D169C2FB86F60D7C3 36083712 ----a-w- C:\Users\Deborah\AppData\Local\Temp\EADA2E8.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-04-01 21:25:01 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll 2016-04-01 21:25:01 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll 2016-04-01 21:24:58 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-04-01 21:25:01 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll 2016-04-01 21:25:01 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll 2016-04-01 21:24:58 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll ====== C:\Windows\Sysnative\drivers ===== 2016-04-13 10:01:42 8C17F3795DAE9A0ECDE4B3A3B0740E5F 79064 ----a-w- C:\Windows\Sysnative\drivers\quhgj.sys 2016-04-12 20:37:34 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2016-04-12 20:37:07 898415AC0B5F1D2A9A48ABCB68A6DC4B 65408 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2016-04-12 20:37:07 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2016-04-12 20:37:06 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2016-03-21 11:48:15 9980B262DBE439AE6BDC91AA985F19EE 2017624 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-03-21 11:48:10 8003E034E3EA0E29DA54215A770FC27C 416768 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2016-03-21 11:47:56 C996CBEF922B5653A01E3F50DDCE2F86 91992 -c--a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2016-03-21 11:36:38 871A3546D5B85B5B92B74B1B9B3CD424 378712 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2016-03-21 11:36:37 7E1F0553BE9539F333F0CB20217A371D 331608 ----a-w- C:\Windows\Sysnative\drivers\Classpnp.sys 2016-03-21 11:36:35 B45AE0970B2D66CCE756DE6989E23EEC 419160 -c--a-w- C:\Windows\Sysnative\drivers\spaceport.sys 2016-03-21 11:22:05 CECD84D511DEF9759D834FA0AF010400 470360 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2016-03-21 11:21:36 9D168BFA334D47BE404367EB58D4E130 148832 -c--a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-04-13 10:55:23 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Deborah\AppData\Roaming ====== 2016-04-10 13:08:58 -------- d-----w- C:\Users\Deborah\AppData\Locallow\uTorrent 2016-04-02 20:48:46 45EDBDC09B8819E7F74C74E47FFF71BF 316 ----a-w- C:\Users\Deborah\AppData\Roaming\redirect2.dat 2016-04-01 19:18:02 9C7F6931EBDC35F4750AE27B9FE382AC 240397312 ----a-w- C:\Users\Deborah\AppData\Roaming\Launcher.dat 2016-04-01 19:17:57 58A8615C8C639859B35F414D01405679 9 ----a-w- C:\Users\Deborah\AppData\Roaming\update.dat 2016-03-30 19:24:48 -------- d-----w- C:\Users\Deborah\AppData\Local\CEF 2016-03-15 16:14:15 -------- d-----w- C:\Users\Deborah\AppData\Local\Mozilla ====== C:\Users\Deborah ====== 2016-04-13 10:12:11 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Deborah\Desktop\RSITx64.exe 2016-04-12 20:30:13 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Deborah\Downloads\mbam-setup-2.0.0.1000.exe 2016-04-12 20:28:01 D5C30BF699B209FA0DDAD8F21B93BCEE 3465280 ----a-w- C:\Users\Deborah\Downloads\adwcleaner_5.110.exe 2016-04-01 21:20:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 Deluxe Edition 2016-03-21 10:38:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C: exe-files == 2016-04-13 10:55:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Deborah.exe 2016-04-12 10:02:01 55BEEABD97E0D556E08A463A58FC17FF 2547800 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.112\49.0.2623.112_49.0.2623.110_chrome_updater.exe === C: other files == 2016-04-12 20:35:58 8FAEED87C8B2AC5CC9C063491DBC3D3D 1656045 ----a-w- C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\77fklm91.default\features\{958a8f4b-50c6-4bd3-b0ba-14256b3c4274}\loop@mozilla.org.xpi ==== Orphaned Tasks deleted from Registry ====================== ESET Windows 10 upgrade - Refresh settings deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-1173026733-721704400-2366032540-1001\Software\Microsoft\Windows\CurrentVersion\Run] "AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h" "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "Octoshape Streaming Services"="C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun" "Spotify Web Helper"="C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_07362C87AD547772D6A805B506DE3AA6"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" [HKEY_USERS\S-1-5-21-1173026733-721704400-2366032540-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"="C:\Users\Deborah\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Deborah\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" "Application Restart #1"="C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h" "EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent" "Octoshape Streaming Services"="C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun" "Spotify Web Helper"="C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_07362C87AD547772D6A805B506DE3AA6"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"="C:\Users\Deborah\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Deborah\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" "Application Restart #1"="C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [22-01-2016 13:09] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [22-01-2016 13:09] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d04058851f5bbb.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e1c4301bec4.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0405885c3e04b.job --a-------- [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d08fae94042f45.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0bfa6df38ee5c.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0efc0587a1173.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA1d12f6e3ae0758d.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28-08-2015 21:01] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\abDocsDllLoader" [C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe] "C:\Windows\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe] "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\AutoKMSCustom" [C:\Windows\AutoKMS\AutoKMS.exe] "C:\Windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"] "C:\Windows\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d04058851f5bbb" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1d0e1c4301bec4" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0405885c3e04b" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d08fae94042f45" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0bfa6df38ee5c" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0efc0587a1173" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d12f6e3ae0758d" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d" ["C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\Windows\SysNative\tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon" ["C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe"] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"] "C:\Windows\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\Windows\SysNative\tasks\Quick Access Quick Launcher" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\Windows\SysNative\tasks\SweetLabs App Platform" [%LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe] "C:\Windows\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"] "C:\Windows\SysNative\tasks\UMonitor Task" [C:\Windows\SysWOW64\UMonit64.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{581B1F0D-A6E8-4576-8F73-4CB0FB33DF79}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Intel\Intel Telemetry 2" [C:\Program Files\Intel\Telemetry 2.0\lrio.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\77fklm91.default user_pref("browser.startup.homepage", "http://www.viceice.com"); user_pref("browser.search.selectedEngine", "viceice"); ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [30-11-2014 17:28] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi - DVDVideoSoft YouTube MP3 and Video Download - %AppDir%\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\77fklm91.default DDC4B753983AF90EEDA7360C16D4D39A - C:\Users\Deborah\AppData\Roaming\Mozilla\plugins\npoctoshape.dll - Octoshape Streaming Services ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 Chrome Web Store Payments - Deborah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage-journal deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage deleted successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{588B7E6A-EB87-4A76-9E8A-DB1B6D4A6113}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\SearchScopes\{588B7E6A-EB87-4A76-9E8A-DB1B6D4A6113} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{588B7E6A-EB87-4A76-9E8A-DB1B6D4A6113}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{588B7E6A-EB87-4A76-9E8A-DB1B6D4A6113} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKCU\SearchScopes "DefaultScope"="{2039DD3E-4E72-4C20-90E7-9FD959AA7D06}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{2039DD3E-4E72-4C20-90E7-9FD959AA7D06} - http://www.google.com/cse?cx=partner-pub-0900663996874144:4435833467&ie=UTF-8&q={searchTerms}&sa=Search&ref=#gsc.tab=0&gsc.q={searchTerms}&gsc.page=1 HKCU\SearchScopes\{588B7E6A-EB87-4A76-9E8A-DB1B6D4A6113} - No_Url_Value ==== Reset Google Chrome ====================== C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Web Data.tmp was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1173026733-721704400-2366032540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_USERS\S-1-5-21-1173026733-721704400-2366032540-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02F6486B12843E11F869800002C0A966 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6846F20-4821-11E3-8F96-0800200C9A66} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\02F6486B12843E11F869800002C0A966 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [Adobe ARM] "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" O4 - HKCU\..\Run: [AppEx Accelerator UI] "C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Deborah\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Deborah\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_07362C87AD547772D6A805B506DE3AA6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Users\Deborah\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Deborah\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Deborah\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Windows Connectiviteit voor Gramblr. (gramblrclient) - Unknown owner - C:\Program Files\Gramblr\gramblr.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Intel Corporation - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe O23 - Service: Intel(R) Technology Access Legacy CS Loader (Intel(R) TechnologyAccessLegacyCSLoader) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Quick Access Service (QASvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\QASvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Quick Access RadioMgr Service (RMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Quick Access\RMSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\Windows\SysWOW64\tbaseprovisioning.exe O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Deborah\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Deborah\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Deborah\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Deborah\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Deborah\AppData\Local\Mozilla\Firefox\Profiles\77fklm91.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Deborah\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=6042 folders=213 483853031 bytes) ==== Empty Temp Folders ====================== C:\Users\Deborah\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Deborah\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 13-04-2016 at 14:18:02,84 ======================