Zoek.exe Version 5.0.0.0 Updated 31-December-2015 Tool run by Marivoet on ma 30/05/2016 at 14:02:34,73. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marivoet\Downloads\zoek (5).exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 30/05/2016 14:05:47 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\McAfee deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\HiSuiteOuc deleted successfully C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\Marivoet\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Marivoet\AppData\Local\EmieSiteList deleted successfully C:\Users\Marivoet\AppData\Local\EmieUserList deleted successfully C:\Users\Marivoet\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7AB21143-F975-4C46-A7E7-5360D6ECC34D} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C041AB8B-8618-4A3A-B33B-A38317DE1543} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully ==== Installed Programs ====================== Acer Arcade Deluxe Acer Arcade Instant On Acer Backup Manager Acer Bio Protection Acer Crystal Eye Webcam Acer eRecovery Management Acer GridVista Acer PowerSmart Manager Acer Registration Acer ScreenSaver Acer Updater Acer VCM Acrobat.com Adobe AIR Adobe Community Help Adobe Flash Player 21 ActiveX Adobe Photoshop Elements 9 Adobe Reader 9.5.5 MUI Advanced SystemCare 8 Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Ask Toolbar Backup Manager Basic Basissoftware voor HP Deskjet 3050 J610 series Belgium e-ID middleware 4.0.7 (build 7453) Bing Bar Bonjour Broadcom Gigabit NetLink Controller Browser Extensions CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB3114412) 32-Bit Edition Driver Booster Elements 9 Organizer Elements STI Installer eSobi v2 Fingerprint Solution G DATA INTERNET SECURITY Google Chrome Google Drive Google Photos Backup Google Toolbar for Internet Explorer Google Update Helper HiSuite HP Deskjet 3050 J610 series Haelp HP Photo Creations HP Update Identity Card Intel© Matrix Storage Manager IObit Malware Fighter IObit Uninstaller iTunes Java 8 Update 91 Java Auto Updater Junk Mail filter update LastPass (alleen de‹nstalleren) Launch Manager Lexar_Echo_Backup_Manager.exe LSI HDA Modem Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft Outlook 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_CRT_x86 Movie Maker Mozilla Firefox 35.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker NetPanel NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Nuvoton EC Generic HID Driver NVIDIA-configuratiescherm 340.52 NVIDIA Drivers NVIDIA Install Application NVIDIA PhysX Photo Common Photo Gallery Productverbeteringonderzoek HP Deskjet 3050 J610 series QuickTime 7 Reader for PC Realtek High Definition Audio Driver Registry Reviver Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114982) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114983) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114993) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Skype Click to Call Skype Web Plugin SkypeT 7.22 Slick Savings Smart Defrag 3 Sonos Controller Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Surfing Protection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TomTom HOME TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) VideoDownloadConverter Internet Explorer Toolbar Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe c:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe c:\Program Files (x86)\Acer Bio Protection\BASVC.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\NetPanel\NetPanel.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Users\Marivoet\Downloads\zoek (5).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default ---- Lines surfing removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"adremoveext@adremoveext.net\":{\"d\":\"C:\\\\Users\\\\Marivoet\\\\AppData\\\\Roaming\\\\Mozilla\ ---- Lines akamaihd.net removed from prefs.js ---- user_pref("coupons.url", "[\"http://savingsslider-a.akamaihd.net/loaders/1036/l.js?aoi=1311798366&pid=1036&zoneid=157104&ext=Slick%20Savings\"]"); user_pref("coupons.urls", "[\"https://savingsslider-a.akamaihd.net/loaders/1036/l.js?aoi=1311798366&pid=1036&zoneid=157104&ext=Slick%20Savings\"]"); ---- FireFox user.js and prefs.js backups ---- user_20163005_1516_.backup prefs_20163005_1516_.backup ProfilePath: C:\Users\Marivoet\AppData\Roaming\TomTom\HOME\Profiles\n57wyaa0.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163005_1516_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\McAfee not found C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\Users\Marivoet\AppData\Local\VideoDownloadConverter_4z deleted C:\Users\Marivoet\.android deleted C:\PROGRA~2\VideoDownloadConverter deleted C:\PROGRA~2\VideoDownloadConverter_4z deleted C:\PROGRA~2\COMMON~1\Spigot deleted C:\Users\Marivoet\AppData\Roaming\Slick Savings deleted C:\Users\Marivoet\AppData\Roaming\ProductData deleted C:\Users\Marivoet\AppData\Roaming\systweak deleted C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Avkwctl.log deleted C:\Windows\SysNative\config\systemprofile\AppData\Roaming\gdfw.log deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\gdscan.log deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted C:\PROGRA~3\AskPartnerNetwork deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\ReviverSoft deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\Marivoet\AppData\Local\Slick Savings deleted C:\Users\Marivoet\AppData\Local\AskPartnerNetwork deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\LaunchApp deleted C:\Users\Marivoet\Downloads\rcp_dcomnew_util_728.exe deleted C:\Users\Marivoet\AppData\LocalLow\ADSRemoval deleted C:\Users\Marivoet\AppData\LocalLow\VideoDownloadConverter_4z deleted C:\Users\Marivoet\AppData\LocalLow\IAC deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\tasks\ASC8_PerformanceMonitor deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\Registry Reviver.lnk deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\adremoveext@adremoveext.net deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\iobitascsurfingprotection@iobit.com deleted "C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\searchplugins\yahoo_ff.xml" deleted "C:\PROGRA~2\Acer Bio Protection\ACERWMI.dll" deleted "C:\PROGRA~2\Acer Bio Protection\BASVC.exe" deleted "C:\PROGRA~2\Acer Bio Protection\CompPtcVUI.exe" deleted "C:\PROGRA~2\Acer Bio Protection\CustomRes_Acer.dll" deleted "C:\PROGRA~2\Acer Bio Protection\FPLaunchCache64.dll" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\PROGRA~2\Acer Bio Protection" not deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4091 MB CPU Info: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz CPU Speed: 2214,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 240M | NVIDIA GeForce GT 240M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel(R) WiFi Link 5100 AGN | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 450,4GB | D: 465,8GB | F: 698,6GB Hard Disks - Free: C: 263,5GB | D: 245,5GB | F: 474,6GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 08/18/09 | ACRSYS - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer JM70 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: G DATA INTERNET SECURITY *Disabled/Outdated* {545C8713-0744-B079-87F8-349A6D5C8CF0} SP: G DATA INTERNET SECURITY *Disabled/Outdated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} Default Browser: Google Chrome 50.0.2661.102 Internet Explorer Version: 11.0.9600.18282 Mozilla Firefox version: 35.0 (x86 nl) Google Chrome version: 50.0.2661.102 Adobe Reader version: 9.5.5.316 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Marivoet\AppData\Local\Temp ==== 2016-05-29 18:51:05 28F169A082AD94C13F7D245287A5FB90 23484296 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\tmpegy_dl\googledrivesync.exe ====== Java Cache ===== 2016-05-18 06:45:15 40886BB4527A72D2B579C9FB01E869E7 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5f3eb88c-3374ccf7b3cc810f31a7baf018ba95c8f16e1c170786c6d362f5ad57f4f8287a-6.0.lap 2016-05-18 06:44:14 AFB1E0D9449634EB7D8A371AFD1D838C 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4794db11-90ce70a5fe0a29bcfd8ba0896e1f434485bed51b5c1a9a4984ced9abd43c61ae-6.0.lap 2016-05-18 06:42:20 BC11AF4826C1E5F86EAFB8CE434A501F 33194 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5e12f555-755b98ab 2016-05-18 06:42:13 14EE041A3C5FE369F863D79C8456E7DE 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7614f984-a13fbe4c6c94f204a411231d1a46fc135d556ac148b0d9ea53ab13f861fc0ce0-6.0.lap 2016-05-18 06:45:16 55B17908D68CF1F175133DFC734CED88 48147 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\298746be-1f3a768b 2016-05-18 06:45:16 D7D20FF01D111CDEEAD3D883FCE1E549 233143 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\429a42ff-6830331f ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2016-05-11 19:01:16 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-05-11 19:01:16 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-05-11 19:01:16 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-05-11 19:01:16 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-05-11 19:01:16 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-05-11 19:01:16 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-05-11 19:01:05 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys 2016-05-11 18:59:23 47B2D0B31BDC3EBE6090228E2BA3764D 1684416 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-05-11 18:59:22 D029DD09E22EB24318A8FC3D8138BA43 91648 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2016-05-11 18:59:16 D7ADC2B83CA0B0381F75A98351F72CEE 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-05-29 18:39:19 -------- d-----w- C:\Program Files\trend micro 2016-05-21 18:30:47 -------- d-----w- C:\Program Files\NetPanel ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Marivoet\AppData\Roaming ====== ====== C:\Users\Marivoet ====== 2016-05-29 18:49:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-05-21 18:31:20 -------- d-----w- C:\ProgramData\NetPanel 2016-05-21 18:31:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetPanel 2016-05-21 18:30:04 4F53FE532E358893D2BBCF40E4058A93 2697712 ----a-w- C:\Users\Marivoet\Downloads\npinstall.exe ====== C: exe-files == 2016-05-29 18:51:05 28F169A082AD94C13F7D245287A5FB90 23484296 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\tmpegy_dl\googledrivesync.exe 2016-05-29 18:49:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-05-29 18:39:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marivoet.exe 2016-05-29 18:39:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2RQJULR\RSITx64.exe 2016-05-25 08:31:20 8E1CC0517DE17DF83CF80BFCE9F0C000 1687680 ----a-w- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 2016-05-25 08:30:36 C8D931D734FC0097478CE2583A75C4DF 1364096 ----a-w- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe === C: other files == 2016-05-30 11:38:21 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI47362\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-05-30 11:38:21 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI47362\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2016-05-28 20:14:42 DC4352DFBBCF1C1326BACEAD88F968E5 1598774 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\lptmp\lp_languages.zip 2016-05-25 08:31:28 60DF4A4D028540DF26D2F627E0401BB5 99184 ----a-w- C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx 2016-05-25 07:37:40 F995B486D75846DB437E7157E918037A 102155 ----a-w- C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Orphaned Tasks deleted from Registry ====================== ASC8_PerformanceMonitor deleted LaunchApp deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "G Data ASM"="C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe /autostart" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "NetPanel"="C:\Program Files\NetPanel\Starter.exe /path=C:\Program Files\NetPanel" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "VideoDownloadConverter Home Page Guard 64 bit"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Startup Folders ====================== 2013-10-30 08:12:33 1318 ----a-w- C:\Users\Marivoet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-10-25 17:46:11 1786 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk 2015-11-15 10:31:13 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk 2015-11-15 10:31:12 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2016 13:21] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 08:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Marivoet-PC-Marivoet" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Marivoet" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Marivoet)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Marivoet" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2E7FB05F-95D7-4D02-A0AA-2220EBEBAEBB}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{01F89386-34B4-418D-A19E-0CFD456C3577}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{0D78C887-6977-4066-9504-DBAFCA0E1682}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{15560341-B25D-4B9B-A997-51A6F41FD25D}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{19451FCE-8E77-4AC0-BD6B-7E183BC08547}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2B6A3909-8C4F-40D2-9434-FEC662E258E6}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2D94BBAA-B379-4B01-81E1-CBE545D2FAFA}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{3EC935FE-2821-4245-B201-99AB4C32673E}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{490A3B78-9E79-4561-BC39-4306270E9D87}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{4AF8E424-CB90-4F54-B1ED-9D827565B22C}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{57CD478D-16E1-43DD-A2B9-E8AA2303D6C4}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{67ADB8F9-F912-4685-9D3A-21787265EFA2}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B418BEF6-FC55-4896-847F-04F8DDE31AE8}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B6BA070C-BB65-437C-8653-2FD61E54BAB9}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{CF26B49D-8931-47A2-BE8C-A9C9E14D3C74}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{D4A258E2-780C-478C-BCBC-E48AC06FECF1}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EE731FFF-CF38-4056-A282-124A0EB37EFF}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EF73FE72-1038-4979-83A2-5C4B53CA2984}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default user_pref("browser.startup.homepage", "http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=nl-be"); user_pref("browser.search.selectedEngine", "Bing "); user_pref("keyword.URL", "http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default - LastPass - %ProfilePath%\extensions\support@lastpass.com - Bing Search - %ProfilePath%\extensions\bingsearch.full@microsoft.com.xpi - Slick Savings - %ProfilePath%\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi - Start Page - %ProfilePath%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi ProfilePath: C:\Users\Marivoet\AppData\Roaming\TomTom\HOME\Profiles\n57wyaa0.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default 270FE7AE3A525AD41EFE5EA9B48E95C9 - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll - Skype Web Plugin CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin BA2559713540A6389A8B7A5618153BFD - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll - Skype Web Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Deleted Firefox Extensions ====================== C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hdokiejnpimakedhajhdlcegeplioahd - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\Marivoet\AppData\Local\Slick Savings\coupons.crx[] pljcgbedjplidkdjahbaalanadmjfgop - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] kegdldmohomdaelnepdpbkdhfemobdgl - No path found[] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Advanced SystemCare Surfing Protection - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi New Tab Assistant - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Skype - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Slick Savings - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Chrome Web Store Payments - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Slick Savings - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Google Wallet - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Ask Toolbar - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop ==== Chromium Fix ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=aspire_7738&r=27361013z916l0368z105t5711w81o" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKCU\SearchScopes\{569FE14D-4163-4A94-9F41-E27CC7F5BCB2} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{678D9AB6-B71D-466F-A127-A796F20C2491} - http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlBE559 HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_nlBE559 HKCU\SearchScopes\{9675F15C-6A24-439B-888B-D89CBBF7EA5E} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{D7918979-D870-420E-827B-46640A996CE9} - https://www.google.com/search?q={searchTerms} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Registry Reviver deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Internet Explorer deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetPanel\IEHelper.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NetPanel] "C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Lexar_Echo_Backup_Manager.exe] C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart O4 - HKCU\..\Run: [BingSvc] C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: LastPass - file://C:\Users\Marivoet\AppData\LocalLow\LastPass\context.html?cmd=lastpass O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Marivoet\AppData\LocalLow\LastPass\context.html?cmd=fillforms O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: EgisTec Service (IGBASVC) - Unknown owner - c:\Program Files (x86)\Acer Bio Protection\BASVC.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVDLSOVC will be deleted at reboot C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSY9WWW7 will be deleted at reboot C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z693ZYJY will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=970 folders=326 156590005 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marivoet\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== Zoek.exe Version 5.0.0.0 Updated 31-December-2015 Tool run by Marivoet on ma 30/05/2016 at 14:02:34,73. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Marivoet\Downloads\zoek (5).exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 30/05/2016 14:05:47 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\McAfee deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\HiSuiteOuc deleted successfully C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully C:\Users\Marivoet\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Marivoet\AppData\Local\EmieSiteList deleted successfully C:\Users\Marivoet\AppData\Local\EmieUserList deleted successfully C:\Users\Marivoet\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7AB21143-F975-4C46-A7E7-5360D6ECC34D} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C041AB8B-8618-4A3A-B33B-A38317DE1543} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9} deleted successfully HKEY_CLASSES_ROOT\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{48586425-6BB7-4F51-8DC6-38C88E3EBB58} deleted successfully HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{93a3111f-4f74-4ed8-895e-d9708497629e} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5637-4300-76A7-7A786E7484D7} deleted successfully ==== Installed Programs ====================== Acer Arcade Deluxe Acer Arcade Instant On Acer Backup Manager Acer Bio Protection Acer Crystal Eye Webcam Acer eRecovery Management Acer GridVista Acer PowerSmart Manager Acer Registration Acer ScreenSaver Acer Updater Acer VCM Acrobat.com Adobe AIR Adobe Community Help Adobe Flash Player 21 ActiveX Adobe Photoshop Elements 9 Adobe Reader 9.5.5 MUI Advanced SystemCare 8 Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Ask Toolbar Backup Manager Basic Basissoftware voor HP Deskjet 3050 J610 series Belgium e-ID middleware 4.0.7 (build 7453) Bing Bar Bonjour Broadcom Gigabit NetLink Controller Browser Extensions CCleaner D3DX10 Definition Update for Microsoft Office 2010 (KB3114412) 32-Bit Edition Driver Booster Elements 9 Organizer Elements STI Installer eSobi v2 Fingerprint Solution G DATA INTERNET SECURITY Google Chrome Google Drive Google Photos Backup Google Toolbar for Internet Explorer Google Update Helper HiSuite HP Deskjet 3050 J610 series Haelp HP Photo Creations HP Update Identity Card Intel© Matrix Storage Manager IObit Malware Fighter IObit Uninstaller iTunes Java 8 Update 91 Java Auto Updater Junk Mail filter update LastPass (alleen de‹nstalleren) Launch Manager Lexar_Echo_Backup_Manager.exe LSI HDA Modem Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.5.2 (Nederlands) Microsoft .NET Framework 4.5.2 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2007 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2007 Microsoft OneDrive Microsoft Outlook 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_CRT_x86 Movie Maker Mozilla Firefox 35.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWinLocker NetPanel NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 Nuvoton EC Generic HID Driver NVIDIA-configuratiescherm 340.52 NVIDIA Drivers NVIDIA Install Application NVIDIA PhysX Photo Common Photo Gallery Productverbeteringonderzoek HP Deskjet 3050 J610 series QuickTime 7 Reader for PC Realtek High Definition Audio Driver Registry Reviver Security Update for Microsoft .NET Framework 4.5.2 (KB3122656) Security Update for Microsoft .NET Framework 4.5.2 (KB3127229) Security Update for Microsoft .NET Framework 4.5.2 (KB3135996) Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2956110) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114542) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114895) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114982) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114892) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2889915) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114983) 32-Bit Edition Security Update for Microsoft Outlook 2010 (KB3114883) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3114993) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Skype Click to Call Skype Web Plugin SkypeT 7.22 Slick Savings Smart Defrag 3 Sonos Controller Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) Surfing Protection Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TomTom HOME TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) VideoDownloadConverter Internet Explorer Toolbar Welcome Center Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe c:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe c:\Program Files (x86)\Acer Bio Protection\BASVC.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\NetPanel\NetPanel.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe C:\Users\Marivoet\Downloads\zoek (5).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default ---- Lines surfing removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"adremoveext@adremoveext.net\":{\"d\":\"C:\\\\Users\\\\Marivoet\\\\AppData\\\\Roaming\\\\Mozilla\ ---- Lines akamaihd.net removed from prefs.js ---- user_pref("coupons.url", "[\"http://savingsslider-a.akamaihd.net/loaders/1036/l.js?aoi=1311798366&pid=1036&zoneid=157104&ext=Slick%20Savings\"]"); user_pref("coupons.urls", "[\"https://savingsslider-a.akamaihd.net/loaders/1036/l.js?aoi=1311798366&pid=1036&zoneid=157104&ext=Slick%20Savings\"]"); ---- FireFox user.js and prefs.js backups ---- user_20163005_1516_.backup prefs_20163005_1516_.backup ProfilePath: C:\Users\Marivoet\AppData\Roaming\TomTom\HOME\Profiles\n57wyaa0.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20163005_1516_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}] Objects\{4F524A2D-5637-4300-76A7-7A786E7484D7}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\McAfee not found C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found C:\Users\Marivoet\AppData\Local\VideoDownloadConverter_4z deleted C:\Users\Marivoet\.android deleted C:\PROGRA~2\VideoDownloadConverter deleted C:\PROGRA~2\VideoDownloadConverter_4z deleted C:\PROGRA~2\COMMON~1\Spigot deleted C:\Users\Marivoet\AppData\Roaming\Slick Savings deleted C:\Users\Marivoet\AppData\Roaming\ProductData deleted C:\Users\Marivoet\AppData\Roaming\systweak deleted C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Avkwctl.log deleted C:\Windows\SysNative\config\systemprofile\AppData\Roaming\gdfw.log deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\gdscan.log deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted C:\PROGRA~3\AskPartnerNetwork deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Partner deleted C:\PROGRA~3\ReviverSoft deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\Marivoet\AppData\Local\Slick Savings deleted C:\Users\Marivoet\AppData\Local\AskPartnerNetwork deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft deleted C:\Windows\SysNative\roboot64.exe deleted C:\windows\SysNative\Tasks\LaunchApp deleted C:\Users\Marivoet\Downloads\rcp_dcomnew_util_728.exe deleted C:\Users\Marivoet\AppData\LocalLow\ADSRemoval deleted C:\Users\Marivoet\AppData\LocalLow\VideoDownloadConverter_4z deleted C:\Users\Marivoet\AppData\LocalLow\IAC deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\wininit.ini deleted C:\windows\SysNative\tasks\ASC8_PerformanceMonitor deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\Registry Reviver.lnk deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\adremoveext@adremoveext.net deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\iobitascsurfingprotection@iobit.com deleted "C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\searchplugins\yahoo_ff.xml" deleted "C:\PROGRA~2\Acer Bio Protection\ACERWMI.dll" deleted "C:\PROGRA~2\Acer Bio Protection\BASVC.exe" deleted "C:\PROGRA~2\Acer Bio Protection\CompPtcVUI.exe" deleted "C:\PROGRA~2\Acer Bio Protection\CustomRes_Acer.dll" deleted "C:\PROGRA~2\Acer Bio Protection\FPLaunchCache64.dll" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\PROGRA~2\Acer Bio Protection" not deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 4091 MB CPU Info: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz CPU Speed: 2214,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GT 240M | NVIDIA GeForce GT 240M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Intel(R) WiFi Link 5100 AGN | Broadcom NetLink (TM) Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GT30N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 450,4GB | D: 465,8GB | F: 698,6GB Hard Disks - Free: C: 263,5GB | D: 245,5GB | F: 474,6GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 08/18/09 | ACRSYS - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer JM70 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: G DATA INTERNET SECURITY *Disabled/Outdated* {545C8713-0744-B079-87F8-349A6D5C8CF0} SP: G DATA INTERNET SECURITY *Disabled/Outdated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G DATA Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} Default Browser: Google Chrome 50.0.2661.102 Internet Explorer Version: 11.0.9600.18282 Mozilla Firefox version: 35.0 (x86 nl) Google Chrome version: 50.0.2661.102 Adobe Reader version: 9.5.5.316 Sun Java version: 1.8.0_91 (32-bit) Sun Java version: 1.8.0_91 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Marivoet\AppData\Local\Temp ==== 2016-05-29 18:51:05 28F169A082AD94C13F7D245287A5FB90 23484296 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\tmpegy_dl\googledrivesync.exe ====== Java Cache ===== 2016-05-18 06:45:15 40886BB4527A72D2B579C9FB01E869E7 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\5f3eb88c-3374ccf7b3cc810f31a7baf018ba95c8f16e1c170786c6d362f5ad57f4f8287a-6.0.lap 2016-05-18 06:44:14 AFB1E0D9449634EB7D8A371AFD1D838C 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\4794db11-90ce70a5fe0a29bcfd8ba0896e1f434485bed51b5c1a9a4984ced9abd43c61ae-6.0.lap 2016-05-18 06:42:20 BC11AF4826C1E5F86EAFB8CE434A501F 33194 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5e12f555-755b98ab 2016-05-18 06:42:13 14EE041A3C5FE369F863D79C8456E7DE 99 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7614f984-a13fbe4c6c94f204a411231d1a46fc135d556ac148b0d9ea53ab13f861fc0ce0-6.0.lap 2016-05-18 06:45:16 55B17908D68CF1F175133DFC734CED88 48147 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\298746be-1f3a768b 2016-05-18 06:45:16 D7D20FF01D111CDEEAD3D883FCE1E549 233143 ----a-w- C:\Users\Marivoet\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\429a42ff-6830331f ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2016-05-11 19:01:16 FB4397DDCC732DB6A7B33B747C7EB708 154344 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-05-11 19:01:16 B6C2FA7F5E5BC1A488A57C6344D29D64 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-05-11 19:01:16 ACEC16415275E1AD6F7983EF472810E3 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-05-11 19:01:16 A9FB80B0BBA6F765F4E691B7AD4963A7 62464 ----a-w- C:\Windows\Sysnative\drivers\appid.sys 2016-05-11 19:01:16 1D4B7972375052F5B7877A6FD9BE33A0 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-05-11 19:01:16 0F276F2F2018296FABC7BD2BCCAAB40B 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-05-11 19:01:05 616387BBD83372220B09DE95F4E67BBC 73664 ----a-w- C:\Windows\Sysnative\drivers\disk.sys 2016-05-11 18:59:23 47B2D0B31BDC3EBE6090228E2BA3764D 1684416 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2016-05-11 18:59:22 D029DD09E22EB24318A8FC3D8138BA43 91648 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2016-05-11 18:59:16 D7ADC2B83CA0B0381F75A98351F72CEE 141312 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-05-29 18:39:19 -------- d-----w- C:\Program Files\trend micro 2016-05-21 18:30:47 -------- d-----w- C:\Program Files\NetPanel ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Marivoet\AppData\Roaming ====== ====== C:\Users\Marivoet ====== 2016-05-29 18:49:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-05-21 18:31:20 -------- d-----w- C:\ProgramData\NetPanel 2016-05-21 18:31:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetPanel 2016-05-21 18:30:04 4F53FE532E358893D2BBCF40E4058A93 2697712 ----a-w- C:\Users\Marivoet\Downloads\npinstall.exe ====== C: exe-files == 2016-05-29 18:51:05 28F169A082AD94C13F7D245287A5FB90 23484296 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\tmpegy_dl\googledrivesync.exe 2016-05-29 18:49:52 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\Downloads\RSITx64.exe 2016-05-29 18:39:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Marivoet.exe 2016-05-29 18:39:01 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2RQJULR\RSITx64.exe 2016-05-25 08:31:20 8E1CC0517DE17DF83CF80BFCE9F0C000 1687680 ----a-w- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe 2016-05-25 08:30:36 C8D931D734FC0097478CE2583A75C4DF 1364096 ----a-w- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe === C: other files == 2016-05-30 11:38:21 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI47362\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2016-05-30 11:38:21 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-r- C:\Users\Marivoet\AppData\Local\Temp\_MEI47362\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2016-05-28 20:14:42 DC4352DFBBCF1C1326BACEAD88F968E5 1598774 ----a-w- C:\Users\Marivoet\AppData\Local\Temp\lptmp\lp_languages.zip 2016-05-25 08:31:28 60DF4A4D028540DF26D2F627E0401BB5 99184 ----a-w- C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx 2016-05-25 07:37:40 F995B486D75846DB437E7157E918037A 102155 ----a-w- C:\Program Files (x86)\Skype\Toolbars\FirefoxAddOn\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Orphaned Tasks deleted from Registry ====================== ASC8_PerformanceMonitor deleted LaunchApp deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2433263994-3265978591-3698099872-1000\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "G Data ASM"="C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe /autostart" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "NetPanel"="C:\Program Files\NetPanel\Starter.exe /path=C:\Program Files\NetPanel" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" "Lexar_Echo_Backup_Manager.exe"="C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe" "GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Google Update"="C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe /c" "Google Photos Backup"="C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe /autostart" "BingSvc"="C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "VideoDownloadConverter Home Page Guard 64 bit"="C:\PROGRA~2\VIDEOD~2\bar\1.bin\AppIntegrator64.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" ==== Startup Folders ====================== 2013-10-30 08:12:33 1318 ----a-w- C:\Users\Marivoet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk 2013-10-25 17:46:11 1786 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk 2015-11-15 10:31:13 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk 2015-11-15 10:31:12 2118 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/05/2016 13:21] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 08:37] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA.job --a------ C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe [08/03/2016 15:39] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Marivoet-PC-Marivoet" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ASC8_SkipUac_Marivoet" ["C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Marivoet)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe] "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000Core" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2433263994-3265978591-3698099872-1000UA" [C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Administrator" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_Marivoet" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2E7FB05F-95D7-4D02-A0AA-2220EBEBAEBB}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{01F89386-34B4-418D-A19E-0CFD456C3577}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{0D78C887-6977-4066-9504-DBAFCA0E1682}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{15560341-B25D-4B9B-A997-51A6F41FD25D}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{19451FCE-8E77-4AC0-BD6B-7E183BC08547}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2B6A3909-8C4F-40D2-9434-FEC662E258E6}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{2D94BBAA-B379-4B01-81E1-CBE545D2FAFA}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{3EC935FE-2821-4245-B201-99AB4C32673E}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{490A3B78-9E79-4561-BC39-4306270E9D87}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{4AF8E424-CB90-4F54-B1ED-9D827565B22C}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{57CD478D-16E1-43DD-A2B9-E8AA2303D6C4}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{67ADB8F9-F912-4685-9D3A-21787265EFA2}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B418BEF6-FC55-4896-847F-04F8DDE31AE8}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{B6BA070C-BB65-437C-8653-2FD61E54BAB9}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{CF26B49D-8931-47A2-BE8C-A9C9E14D3C74}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{D4A258E2-780C-478C-BCBC-E48AC06FECF1}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EE731FFF-CF38-4056-A282-124A0EB37EFF}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\{EF73FE72-1038-4979-83A2-5C4B53CA2984}" [C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default user_pref("browser.startup.homepage", "http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=nl-be"); user_pref("browser.search.selectedEngine", "Bing "); user_pref("keyword.URL", "http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default - LastPass - %ProfilePath%\extensions\support@lastpass.com - Bing Search - %ProfilePath%\extensions\bingsearch.full@microsoft.com.xpi - Slick Savings - %ProfilePath%\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi - Start Page - %ProfilePath%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi ProfilePath: C:\Users\Marivoet\AppData\Roaming\TomTom\HOME\Profiles\n57wyaa0.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default 270FE7AE3A525AD41EFE5EA9B48E95C9 - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll - Skype Web Plugin CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin BA2559713540A6389A8B7A5618153BFD - C:\Users\Marivoet\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll - Skype Web Plugin 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Marivoet\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Deleted Firefox Extensions ====================== C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC}.xpi deleted C:\Users\Marivoet\AppData\Roaming\Mozilla\Firefox\Profiles\l4yyq8f8.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi deleted ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hdokiejnpimakedhajhdlcegeplioahd - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\Marivoet\AppData\Local\Slick Savings\coupons.crx[] pljcgbedjplidkdjahbaalanadmjfgop - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions fcfenmboojpjinhpgggodefccipikbpd - No path found[] kegdldmohomdaelnepdpbkdhfemobdgl - No path found[] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Advanced SystemCare Surfing Protection - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Docs Offline - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi New Tab Assistant - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Skype - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Slick Savings - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Chrome Web Store Payments - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap LastPass - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd Google Drive App Launcher - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Slick Savings - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Google Wallet - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Ask Toolbar - Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop ==== Chromium Fix ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof deleted successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0813&m=aspire_7738&r=27361013z916l0368z105t5711w81o" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKCU\SearchScopes\{569FE14D-4163-4A94-9F41-E27CC7F5BCB2} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{678D9AB6-B71D-466F-A127-A796F20C2491} - http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox HKCU\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlBE559 HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_nlBE559 HKCU\SearchScopes\{9675F15C-6A24-439B-888B-D89CBBF7EA5E} - https://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{D7918979-D870-420E-827B-46640A996CE9} - https://www.google.com/search?q={searchTerms} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Policies\Chromium deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Registry Reviver deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Internet Explorer deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Microsoft-account - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: InternetPanelBHO - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetPanel\IEHelper.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NetPanel] "C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel" O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Lexar_Echo_Backup_Manager.exe] C:\Users\Marivoet\AppData\Roaming\Lexar\Lexar_Echo_Backup_Manager.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EA92E28C63C6FF5613066AFD640156F] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [Google Update] "C:\Users\Marivoet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Marivoet\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart O4 - HKCU\..\Run: [BingSvc] C:\Users\Marivoet\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Acer VCM.lnk = ? O4 - Global Startup: Install LastPass FF RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\lpuninstall.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: LastPass - file://C:\Users\Marivoet\AppData\LocalLow\LastPass\context.html?cmd=lastpass O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Marivoet\AppData\LocalLow\LastPass\context.html?cmd=fillforms O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe O23 - Service: G DATA Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: EgisTec Service (IGBASVC) - Unknown owner - c:\Program Files (x86)\Acer Bio Protection\BASVC.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVDLSOVC will be deleted at reboot C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSY9WWW7 will be deleted at reboot C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z693ZYJY will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=970 folders=326 156590005 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Marivoet\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Marivoet\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Acer Bio Protection" not found "C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVDLSOVC" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSY9WWW7" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z693ZYJY" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 30/05/2016 at 15:53:20,37 ====================== C:\Windows\Temp successfully emptied C:\Users\Marivoet\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\Acer Bio Protection" not found "C:\Users\Marivoet\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pljcgbedjplidkdjahbaalanadmjfgop" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EVDLSOVC" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KSY9WWW7" not found "C:\Users\Marivoet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z693ZYJY" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 30/05/2016 at 15:53:20,37 ======================