Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by luc on zo 21/06/2015 at 11:18:35.47. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\luc\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\WINDOWS\system32\wininit.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\dwm.exe C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\WINDOWS\system32\svchost.exe -k NetworkService c:\program files (x86)\cmcm\Clean Master\cmcore.exe C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\system32\svchost.exe -k apphost C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\WINDOWS\System32\svchost.exe -k utcsvc C:\WINDOWS\system32\dashost.exe C:\Program Files (x86)\GlassWire\GWCtlSrv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\SearchIndexer.exe C:\Windows\System32\skydrive.exe c:\program files (x86)\cmcm\Clean Master\cmtray.exe C:\Program Files (x86)\GlassWire\GWIdlMon.exe C:\WINDOWS\system32\conhost.exe C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files (x86)\RAMRush\RAMRush.exe C:\Program Files (x86)\GlassWire\GlassWire.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Connection Keeper\conkeepm.exe C:\Users\luc\AppData\Local\Degoo\Degoo.exe C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\Program Files\CCleaner\CCleaner64.exe C:\Windows\System32\SettingSyncHost.exe C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe C:\Users\luc\AppData\Local\Degoo\DegooHealthCheck.exe C:\WINDOWS\System32\Taskmgr.exe C:\Users\luc\Downloads\zoek.exe C:\WINDOWS\system32\conhost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 21/06/2015 11:24:21 Zoek.exe System Restore Point Created Successfully. ==== Windows Installer Info ====================== 7-Zip 9.20 (x64 edition) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\96F071321C0420729002000010000000]C:\windows\Installer\f6c79.msi Alcor Micro USB Card Reader Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B56182F7D8412764AA1264D9E9E6C36B]c:\windows\Installer\f6c31.msi AMD Catalyst Control Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2885765707EFF85E547D4525890449CD]c:\WINDOWS\Installer\803d4b.msi AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4D88270E0930B2340DB06B4D945677]c:\WINDOWS\Installer\803af7.msi Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED365428DA576614D90C6B84F2024766]C:\WINDOWS\Installer\7a913.msi Box Sync [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA32BC4E8D16B7A4C9D750FC04310FF1]C:\WINDOWS\Installer\519fc277.msi Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CE3FE9E9CB22C5448A388DBD928096D8]c:\WINDOWS\Installer\803cc8.msi Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22D8B64681D51A1B48E44CC31F968579]c:\WINDOWS\Installer\803ccd.msi Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\48BD59CF5E4054D5951B34B5569D19FC]c:\WINDOWS\Installer\803af1.msi Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E5774E0F4179C8827B8ADBABA11D7C1D]c:\WINDOWS\Installer\803d40.msi ccc-utility64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5F5798D7518A4BD4A1A492F412E08A84]c:\WINDOWS\Installer\803d45.msi CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D88A0998761B3B63944806B5EF336A9D]c:\WINDOWS\Installer\803d36.msi CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8FF5B57D51EE72B954A08766BDB8BCFE]c:\WINDOWS\Installer\803d3b.msi CCC Help Czech [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00C975668C99EE44905BB374FD9C0C05]c:\WINDOWS\Installer\803cd2.msi CCC Help Danish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5154DA2430B38A531D4FE1DD45F257A8]c:\WINDOWS\Installer\803cd7.msi CCC Help Dutch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF6A5871B550652754A0DBD31426EA41]c:\WINDOWS\Installer\803d0e.msi CCC Help English [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A30BE5D1CDD38F255D3FA16F974DBF9]c:\WINDOWS\Installer\803ce6.msi CCC Help Finnish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DEC321DED47089AF524AA5DED3DC6713]c:\WINDOWS\Installer\803cf0.msi CCC Help French [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E55175E4330C5806C3121F98167A6FC2]c:\WINDOWS\Installer\803cf5.msi CCC Help German [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2120F9BA1553EA954644C93FB84845EA]c:\WINDOWS\Installer\803cdc.msi CCC Help Greek [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\519ECCC189F98EF6E8EB03BE021520A8]c:\WINDOWS\Installer\803ce1.msi CCC Help Hungarian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4BA9AC9907051EB38EE9EFF29575C04]c:\WINDOWS\Installer\803cfa.msi CCC Help Italian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\88FBDF0435777BD7DE8F1AECF1F7644E]c:\WINDOWS\Installer\803cff.msi CCC Help Japanese [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ECBEA7EC8EB915B51D56DBE91D21758C]c:\WINDOWS\Installer\803d04.msi CCC Help Korean [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EB620F5F56B139870265913152722B8]c:\WINDOWS\Installer\803d09.msi CCC Help Norwegian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53EA17134C6AD262CD847AE087181DBA]c:\WINDOWS\Installer\803d13.msi CCC Help Polish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69B8B1C0C76E900FBF4AB1DE64C01AB0]c:\WINDOWS\Installer\803d18.msi CCC Help Portuguese [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\577C177A68A60815AA5E3E20DAE7DA37]c:\WINDOWS\Installer\803d1d.msi CCC Help Russian [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\149259656518148ECB015BFB45C4D2AA]c:\WINDOWS\Installer\803d22.msi CCC Help Spanish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\10CC90B8EFF906EC10794E0415F17B72]c:\WINDOWS\Installer\803ceb.msi CCC Help Swedish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\13B09CDD2F2DF27FFA57982AA89C7781]c:\WINDOWS\Installer\803d27.msi CCC Help Thai [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69E37C60DA080079AE1250F41A81A0FA]c:\WINDOWS\Installer\803d2c.msi CCC Help Turkish [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8DC8108EE87A363AC4318EC8E910F538]c:\WINDOWS\Installer\803d31.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\windows\Installer\f6cb1.msi Dropbox Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A812990327ACD34D85B163756A6E149]C:\WINDOWS\Installer\37daa91b.msi Energy Star [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D4ADA0CF5AF82544A8FF0F0AAB9CE77F]c:\windows\Installer\f6c44.msi Evernote v. 5.8.4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6A14851CA02C4E1179D70061E3897E6D]C:\WINDOWS\Installer\153af35e.msi Fotogalerie [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6C66DF0320447C4FAE8B9B8023568E8]C:\windows\Installer\f6ccc.msi Galerie de photos [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31A99D4FA36F1CF47899FCDF7BD8FD3B]C:\windows\Installer\f6cdb.msi GoGear SA4VBE Device Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EF2AC7EBDB1D554383AB0D04166AE9F]C:\WINDOWS\Installer\6a33b.msi Google Drive [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF5F9CBCAFC533A418DC63E9BA773E6A]C:\WINDOWS\Installer\5d194000.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\WINDOWS\Installer\2dc53d.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\WINDOWS\Installer\e1b172b.msi HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0694AF70830BBE9498B1F95939A05A44]C:\windows\Installer\f6b81.msi HP Documentation [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49E0066043C12E04BA903DA0CE7F1827]c:\windows\Installer\f6c93.msi HP PC Hardware Diagnostics UEFI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\76AE34DD3FAD9784FB7F5E4376B5ED5A]C:\WINDOWS\Installer\8f3dd4.msi HP Postscript Converter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D6E41E65713A1E49B43AC5B8A3676DC]C:\windows\Installer\f6c61.msi HP Registration Service [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7D2F8E1D497754242B6878DE681C98C3]c:\windows\Installer\f6b86.msi HP SimplePass [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21DAF413587F1744CB8EBA0566249B1A]C:\windows\Installer\f6c7d.msi HP Support Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31B3A53EDC877694A88CAAF9AD96E3ED]C:\WINDOWS\Installer\7b9d13.msi HP Support Information [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C1B7B2BB8C7C674EBC24079135C9529]C:\windows\Installer\f6d01.msi Inst5675 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7426ED27707B154B87AFF1D2ABABB74]C:\windows\Installer\f6c88.msi Inst5676 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3196F87812473174797FA037E62E1A88]C:\windows\Installer\f6c8e.msi Java 7 Update 79 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF260140797FF]C:\WINDOWS\Installer\e88fe7b.msi Java 8 Update 31 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2681408130F]C:\WINDOWS\Installer\acfe7d1.msi Java 8 Update 31 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208130F]C:\WINDOWS\Installer\595314.msi Java 8 Update 40 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2681408040F]C:\WINDOWS\Installer\1a0d5bcb.msi Java 8 Update 40 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208040F]C:\WINDOWS\Installer\1a158f85.msi Java SE Development Kit 7 Update 79 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4F4A3A46297B6D117AA8000B0D717009]C:\WINDOWS\Installer\e88fe78.msi LabelPrint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C971C95CD8669A946BAE1012CCCF2134]c:\windows\Installer\f6c65.msi LibreOffice 4.4.3.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\295A156AC6F266D4EA8AB9EFB416CB3B]C:\WINDOWS\Installer\4f1f65f.msi Media Suite [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42C6FBF1Df1C10144AB2C065F4E9E897]c:\windows\Installer\f6c73.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\windows\Installer\f6ca2.msi Microsoft Network Monitor 3.4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11A5B5C88FBCB1542B1077AF0B0D7BD7]C:\WINDOWS\Installer\5a36bc.msi Microsoft Network Monitor: NetworkMonitor Parsers 3.4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BEF5E36976319B6458D19A751F3A47F7]C:\WINDOWS\Installer\5a36c1.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\windows\Installer\f6cba.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\WINDOWS\Installer\1268d4a.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\84b9c17023c712640acaf308593282f8]C:\Windows\Installer\17ff6d.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\WINDOWS\Installer\15d5bf.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\windows\Installer\f6c6f.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]C:\Windows\Installer\17ff72.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\WINDOWS\Installer\2c4526.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\Windows\Installer\177ae6.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\windows\Installer\f6c53.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\WINDOWS\Installer\24f8fc.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\17ff78.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\177aec.msi Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B8CF35CA81EEC9F3B9950639D7B081C2]C:\windows\Installer\f6b9a.msi Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4DFB82C37C09831378FE14D81CE65989]C:\Windows\Installer\18865b.msi Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BCA1BC2A2A49AB231AE5D70813F95798]C:\windows\Installer\f6b95.msi Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F90E4FA5B9C5FAA37B1345D4D38C12DD]C:\Windows\Installer\188656.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\39103BDF0ADFAAD3CAAC7AE5FE5E6370]C:\windows\Installer\f6b90.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\699277C63FFBC8C368B03B4DF80FD556]C:\Windows\Installer\17ff68.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B7A37F2E05E6A93A9CBFE984E6CE263]C:\windows\Installer\f6b8b.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C18E428E4A08FFD35B9F84249AFFF5F7]C:\Windows\Installer\17ff63.msi Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\62DBF9290209B993A9A757D1160F9B24]C:\WINDOWS\Installer\5350c1b.msi Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8D947A316B3EB3F8F540C548BE2AB9]C:\WINDOWS\Installer\5350c16.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\07189854C86E20F4AA532C81B63F743A]C:\windows\Installer\f6cc0.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6C9B2DF019BDAE845981BAB586ACE182]C:\windows\Installer\f6cde.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E634961E8D94B9145A0C2D54AE9F6911]C:\windows\Installer\f6ced.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EF3D6606296394443A8C1DAE2A0C9E7E]C:\windows\Installer\f6ccf.msi Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FE19F5C3B0C531D4CBEBF06CCFE37D9F]C:\windows\Installer\f6cfc.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\windows\Installer\f6c96.msi MSVCRT110 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8CDD41E806AE81E43B3E917301D4B5AD]C:\windows\Installer\f6c99.msi MSVCRT110_amd64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F187AF9E08E3993428A5DAE3112CC877]C:\windows\Installer\f6c9c.msi Nitro Reader 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E189AE976EE2664681F8539D713EF70]C:\WINDOWS\Installer\3a2cb8.msi Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\WINDOWS\Installer\7992d7.msi Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\WINDOWS\Installer\7992d2.msi Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\WINDOWS\Installer\7992dc.msi Oracle VM VirtualBox 4.3.28 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CB18BB8EC76E057448EE21D85A7ADA5A]C:\WINDOWS\Installer\40dc409.msi Ozibox Application Synchronization [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3742A83E6C7FE54C968A6161C2D15FC]C:\WINDOWS\Installer\80d239.msi Philips Media Convertor v1.2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA2589B80B0B7B74B95C989AD5776B9C]C:\WINDOWS\Installer\15d5ba.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\080BD25A544DBE94092D309BDC975411]C:\windows\Installer\f6cd8.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\81ABF741BB6A5DA4F8A07383A0AADB67]C:\windows\Installer\f6cf6.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8569CD94A62DBAA48AA362558B300365]C:\windows\Installer\f6cc9.msi Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8AE106C5915D0104C80DDBB3496ADD85]C:\windows\Installer\f6ce7.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\156929F0615F6594092FFFDBC25D3DE0]C:\windows\Installer\f6cbd.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\36D8100CC33C5154C98EB38C38F0971A]C:\windows\Installer\f6cea.msi Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E80C02025F47F9E4DBA2148FBCE6AB01]C:\windows\Installer\f6cf9.msi Power2Go [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E]c:\windows\Installer\f6c3e.msi PowerDVD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\63AEB64B17B0E4A4EA1478426134AFA0]c:\windows\Installer\f6c57.msi PowerRecover [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA0A2B44E214C8F40B851D8EEACCFD5F]c:\windows\Installer\f6c35.msi SlimPublisher [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D4AFE5E382601F499B74AE5CCC0F6CD]C:\WINDOWS\Installer\15296d.msi VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5104B339816461748A822598CF3061F5]C:\WINDOWS\Installer\6284c7.msi Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC8D7ED25C90EB43B0E4D1F615C428A]C:\windows\Installer\f6cd5.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B265D302E4C64849A0233717888EB00]C:\windows\Installer\f6cab.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1BD608AA288E438418205B2F65EBA9F2]C:\windows\Installer\f6ce4.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4704D63975A6DE54FAA57FFCA565EDF6]C:\windows\Installer\f6cf3.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\92939B324DAF5E04696CE079B78B2740]C:\windows\Installer\f6cc6.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0F0EE0A5909EB3F44B73AA9D524272BC]C:\windows\Installer\f6c9f.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9EE0B6C821284447BEAE5B2640E0F7E]C:\windows\Installer\f6cb7.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8955443E42442EE47BC12C33527FBF17]C:\windows\Installer\f6cae.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9B3296B69178B52419C6DC92803FA1FA]C:\windows\Installer\f6ca8.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49CC9FF032FEE104DBDB7304D3A1B283]C:\windows\Installer\f6ca5.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93785E0FC4B2F894B9D0FFF0F25DB216]C:\windows\Installer\f6cb4.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11C86AB636B029148B08B0E5F397949F]C:\windows\Installer\f6ce1.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B44A911732665D44842D5EA07DEF3E4]C:\windows\Installer\f6cd2.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D6F046010BA6E104F96C9AD4915C08CB]C:\windows\Installer\f6cf0.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E81C7CCCAEB1F9047B9AC679049B1991]C:\windows\Installer\f6cc3.msi ==== Empty Folders Check ====================== C:\PROGRA~3\Isolated Storage deleted successfully C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully C:\Users\Administrator\AppData\Roaming\hpqLog deleted successfully C:\Users\luc\AppData\Roaming\hpqLog deleted successfully C:\Users\luc\AppData\Roaming\VideoCapture deleted successfully C:\Users\luc\AppData\Roaming\VideoEditor deleted successfully C:\Users\luc\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\luc\AppData\Local\EmieSiteList deleted successfully C:\Users\luc\AppData\Local\EmieUserList deleted successfully C:\Users\luc\AppData\Local\MediaShow deleted successfully C:\Users\luc\AppData\Local\Wisdom-soft deleted successfully ==== Checking Systemdrive for Symlinks ====================== Volume in drive C is Windows Volume Serial Number is B474-04ED Directory of C:\ 22/08/2013 16:45 Documents and Settings [C:\$WINDOWS.~BT\NewOS\Users] 0 File(s) 0 bytes Directory of C:\Program Files\Windows NT 04/01/2015 15:23 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 File(s) 0 bytes Directory of C:\ProgramData 22/08/2013 16:45 Application Data [C:\$WINDOWS.~BT\NewOS\ProgramData] 04/01/2015 15:23 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 16:45 Desktop [C:\$WINDOWS.~BT\NewOS\Users\Public\Desktop] 04/01/2015 15:23 Documenten [C:\Users\Public\Documents] 22/08/2013 16:45 Documents [C:\$WINDOWS.~BT\NewOS\Users\Public\Documents] 04/01/2015 15:23 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 04/01/2015 15:23 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\$WINDOWS.~BT\NewOS\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\$WINDOWS.~BT\NewOS\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\ProgramData\Microsoft\Windows\Start Menu 04/01/2015 15:23 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\ProgramData\Oracle\Java\javapath 05/03/2015 12:04 java.exe [C:\Program Files\Java\jre1.8.0_40\bin\java.exe] 05/03/2015 12:04 javaw.exe [C:\Program Files\Java\jre1.8.0_40\bin\javaw.exe] 05/03/2015 12:04 javaws.exe [C:\Program Files\Java\jre1.8.0_40\bin\javaws.exe] 3 File(s) 0 bytes Directory of C:\Users 22/08/2013 16:45 All Users [C:\$WINDOWS.~BT\NewOS\ProgramData] 22/08/2013 16:45 Default User [C:\$WINDOWS.~BT\NewOS\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\Administrator 24/08/2013 23:35 Application Data [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming] 24/08/2013 23:35 Cookies [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCookies] 24/08/2013 23:35 Local Settings [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local] 24/08/2013 23:35 My Documents [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Documents] 24/08/2013 23:35 NetHood [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 24/08/2013 23:35 PrintHood [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 24/08/2013 23:35 Recent [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent] 24/08/2013 23:35 SendTo [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\SendTo] 24/08/2013 23:35 Start Menu [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu] 24/08/2013 23:35 Templates [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Administrator\AppData\Local 24/08/2013 23:35 Application Data [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local] 24/08/2013 23:35 History [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\History] 24/08/2013 23:35 Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Administrator\AppData\Local\Microsoft\Windows 24/08/2013 23:35 Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Administrator\Documents 24/08/2013 23:35 My Music [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Music] 24/08/2013 23:35 My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Pictures] 24/08/2013 23:35 My Videos [C:\$WINDOWS.~BT\NewOS\Users\Administrator\Videos] 0 File(s) 0 bytes Directory of C:\Users\Default 22/08/2013 16:45 Application Data [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming] 22/08/2013 16:45 Cookies [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 22/08/2013 16:45 Local Settings [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local] 04/01/2015 15:23 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 04/01/2015 15:23 Mijn documenten [C:\Users\Default\Documents] 22/08/2013 16:45 My Documents [C:\$WINDOWS.~BT\NewOS\Users\Default\Documents] 22/08/2013 16:45 NetHood [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 04/01/2015 15:23 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 PrintHood [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 Recent [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 22/08/2013 16:45 SendTo [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 04/01/2015 15:23 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 22/08/2013 16:45 Application Data [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local] 04/01/2015 15:23 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 History [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local\Microsoft\Windows 22/08/2013 16:45 Temporary Internet Files [C:\$WINDOWS.~BT\NewOS\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 04/01/2015 15:23 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 04/01/2015 15:23 Mijn afbeeldingen [C:\Users\Default\Pictures] 04/01/2015 15:23 Mijn muziek [C:\Users\Default\Music] 04/01/2015 15:23 Mijn video's [C:\Users\Default\Videos] 22/08/2013 16:45 My Music [C:\$WINDOWS.~BT\NewOS\Users\Default\Music] 22/08/2013 16:45 My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Default\Pictures] 22/08/2013 16:45 My Videos [C:\$WINDOWS.~BT\NewOS\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\ingrid 04/01/2015 15:21 Application Data [C:\Users\ingrid\AppData\Roaming] 04/01/2015 15:21 Cookies [C:\Users\ingrid\AppData\Local\Microsoft\Windows\INetCookies] 04/01/2015 15:21 Local Settings [C:\Users\ingrid\AppData\Local] 04/01/2015 15:21 Menu Start [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Start Menu] 04/01/2015 15:21 Mijn documenten [C:\Users\ingrid\Documents] 04/01/2015 15:21 NetHood [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 04/01/2015 15:21 Netwerkprinteromgeving [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 04/01/2015 15:21 Recent [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Recent] 04/01/2015 15:21 SendTo [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\SendTo] 04/01/2015 15:21 Sjablonen [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\ingrid\AppData\Local 04/01/2015 15:21 Application Data [C:\Users\ingrid\AppData\Local] 04/01/2015 15:21 Geschiedenis [C:\Users\ingrid\AppData\Local\Microsoft\Windows\History] 04/01/2015 15:21 Temporary Internet Files [C:\Users\ingrid\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\ingrid\AppData\Local\Microsoft\Windows 04/01/2015 15:21 Temporary Internet Files [C:\Users\ingrid\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Start Menu 04/01/2015 15:21 Programma's [C:\Users\ingrid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\ingrid\Documents 04/01/2015 15:21 Mijn afbeeldingen [C:\Users\ingrid\Pictures] 04/01/2015 15:21 Mijn muziek [C:\Users\ingrid\Music] 04/01/2015 15:21 Mijn video's [C:\Users\ingrid\Videos] 0 File(s) 0 bytes Directory of C:\Users\luc 04/01/2015 15:21 Application Data [C:\Users\luc\AppData\Roaming] 04/01/2015 15:21 Cookies [C:\Users\luc\AppData\Local\Microsoft\Windows\INetCookies] 04/01/2015 15:21 Local Settings [C:\Users\luc\AppData\Local] 04/01/2015 15:21 Menu Start [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu] 04/01/2015 15:21 Mijn documenten [C:\Users\luc\Documents] 04/01/2015 15:21 NetHood [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 04/01/2015 15:21 Netwerkprinteromgeving [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 04/01/2015 15:21 Recent [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Recent] 04/01/2015 15:21 SendTo [C:\Users\luc\AppData\Roaming\Microsoft\Windows\SendTo] 04/01/2015 15:21 Sjablonen [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\luc\AppData\Local 04/01/2015 15:21 Application Data [C:\Users\luc\AppData\Local] 04/01/2015 15:21 Geschiedenis [C:\Users\luc\AppData\Local\Microsoft\Windows\History] 04/01/2015 15:21 Temporary Internet Files [C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\luc\AppData\Local\Microsoft\Windows 04/01/2015 15:21 Temporary Internet Files [C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache 08/06/2015 09:26 Content.IE5 [C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Directory of C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low 08/06/2015 09:28 Content.IE5 [C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low\IE\] 0 File(s) 0 bytes Directory of C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu 04/01/2015 15:21 Programma's [C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\luc\Documents 04/01/2015 15:21 Mijn afbeeldingen [C:\Users\luc\Pictures] 04/01/2015 15:21 Mijn muziek [C:\Users\luc\Music] 04/01/2015 15:21 Mijn video's [C:\Users\luc\Videos] 0 File(s) 0 bytes Directory of C:\Users\luc\OneDrive\An A-Z Index of the Bash command line _ SS64.com_files 19/05/2015 08:16 (972,713) stu-w02b-beginners-guide-to-reverse-engineering-android-apps.pdf 1 File(s) 972,713 bytes Directory of C:\Users\luc\OneDrive\BLP1 15/05/2015 22:04 (1,165,365) petazzoni-device-tree-dummies.pdf 15/05/2015 22:04 (320,204) PythonPlottingBeginnersGuide.pdf 15/05/2015 22:04 (7,743,068) Reverse_Engineering_for_Beginners-en.pdf 09/05/2015 10:01 (1,457,154) sanity_1.PdF 15/05/2015 22:04 (127,239) ShellIntro.pdf 5 File(s) 10,813,030 bytes Directory of C:\Users\luc\OneDrive\paarden 26/05/2015 14:46 (3,876,061) lotto.pdf 26/05/2015 14:46 (179,731) MDSI - Using SVM Regression to Predict Harness Races.pdf 26/05/2015 14:46 (702,504) NNECFS-21.pdf 26/05/2015 14:46 (3,046,503) parimutual betting markets.pdf 26/05/2015 14:47 (160,363) section34.pdf 26/05/2015 14:47 (507,428) Victor_Lo.pdf 26/05/2015 14:47 (500,896) werkstuk-niesten.pdf 7 File(s) 8,973,486 bytes Directory of C:\Users\Public\Documents 23/12/2014 18:54 Mijn afbeeldingen [C:\Users\Public\Pictures] 23/12/2014 18:54 Mijn muziek [C:\Users\Public\Music] 23/12/2014 18:54 Mijn video's [C:\Users\Public\Videos] 22/08/2013 16:45 My Music [C:\$WINDOWS.~BT\NewOS\Users\Public\Music] 22/08/2013 16:45 My Pictures [C:\$WINDOWS.~BT\NewOS\Users\Public\Pictures] 22/08/2013 16:45 My Videos [C:\$WINDOWS.~BT\NewOS\Users\Public\Videos] 0 File(s) 0 bytes Total Files Listed: 16 File(s) 20,759,229 bytes 101 Dir(s) 887,434,137,600 bytes free ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 7-Zip 9.20 (x64 edition) Alcor Micro USB Card Reader Driver AMD Catalyst Control Center AMD Catalyst Install Manager AML Free Registry Cleaner 4.25 Android Studio Audacity 2.0.6 Belfius Smart Card Reader Chrome-App Belgium e-ID middleware 4.0.7 (build 7466) BitTorrent Box Sync Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner CDBurnerXP Clean Master Connection Keeper D3DX10 Degoo DivX Setup Dropbox Dropbox Update Helper Energy Star Evernote v. 5.8.4 Everyday Auto Backup 3.5 f.lux File Shredder 2.5 FormatFactory 3.6.0.0 Fotogalerie Free Folder Hider 12.03 Free YouTube to MP3 Converter version 3.12.59.525 Freemake Video Downloader Galerie de photos GlassWire 1.1 (remove only) GoGear SA4VBE Device Manager Google Chrome Google Drive Google Update Helper HP Connected Music (Meridian - installer) HP Customer Experience Enhancements HP Documentation HP PC Hardware Diagnostics UEFI HP Postscript Converter HP Registration Service HP SimplePass HP Support Assistant HP Support Information Icecream Ebook Reader version 1.58 Inst5675 Inst5676 IObit Uninstaller Java 7 Update 79 (64-bit) Java 8 Update 31 Java 8 Update 31 (64-bit) Java 8 Update 40 Java 8 Update 40 (64-bit) Java Auto Updater Java SE Development Kit 7 Update 79 (64-bit) Jeta Logo Designer FREE EDITION 1.30 LanTopolog 1.22 LibreOffice 4.4.3.2 LinuxLive USB Creator Malwarebytes Anti-Malware versie 2.1.6.1022 ManyCam 4.1.1 MEGAsync Memory Improve Ultimate Free Version v5.2.1.340 Mendeley Desktop 1.12.4 Microsoft Network Monitor 3.4 Microsoft Network Monitor: NetworkMonitor Parsers 3.4 Microsoft OneDrive Microsoft OneNote 2013 - nl-nl Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Movie Maker MSVCRT MSVCRT110 MSVCRT110_amd64 Nitro Reader 3 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component OpenVPN 2.3.4-I002 Oracle VM VirtualBox 4.3.28 Ozibox Application Synchronization Philips Media Convertor v1.2 Photo Common Photo Gallery PrivaZer RAMRush 1.0.6.917 Realtek Card Reader Realtek High Definition Audio Driver Recovery Manager SafeHouse Explorer 3.01 SlimPublisher SpeedFan (remove only) Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Surfing Protection TAP-Windows 9.9.2 The Staking Machine V5.0 TrackView version 2.2.0.0 Tweaking.com - Advanced System Tweaker VASCO Card Reader Plug-In (64-Bit) VASCO Smart Card Reader Plug-In (User) VC80CRTRedist - 8.0.50727.6195 VLC media player VSDC Free Video Editor version 3.1.0.354 Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinHTTrack Website Copier 3.48-21 (x64) WinPcap 4.1.2 Wisdom-soft ScreenHunter 6.0 Free Wise Care 365 3.63 Wise Memory Optimizer 3.35 Wise Program Uninstaller 1.68 WPS Office (9.1.0.4759) XMind 6 (v3.5.2) XQDC X-Setup Pro 9.2.100 yEd Graph Editor 3.14.2 ==== Deleting Services ====================== ==== Batch Command(s) Run By Tool====================== Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found C:\Users\luc\.android deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\luc\AppData\Roaming\ProductData deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\Users\luc\Downloads\android-studio-bundle-141.1903250-windows.exe deleted C:\Users\luc\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted "C:\Users\luc\AppData\Local\Tempdivx2c00" deleted "C:\Users\luc\AppData\Local\Tempdivx38a4" deleted "C:\Users\luc\AppData\Local\Tempdivx614c" deleted "C:\Users\luc\AppData\Local\Tempdivx6e7a" deleted "C:\Users\luc\AppData\Local\Tempdivx721d" deleted "C:\Users\luc\AppData\Local\Tempdivxefea" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3533 MB CPU Info: AMD E1-2500 APU with Radeon(TM) HD Graphics CPU Speed: 1434.7 MHz Sound Card: Oortelefoon van hoofdtelefoon ( | Display Adapters: AMD Radeon HD 8240 | AMD Radeon HD 8240 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: TAP-Windows Adapter V9 | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (E: | ) E: hp CDDVDW SH-216DB Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 919.8GB | D: 10.2GB Hard Disks - Free: C: 826.5GB | D: 1.2GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | | HPQOEM - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 2AFE Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 43.0.2357.124 Internet Explorer Version: 11.0.9600.17842 Google Chrome version: 43.0.2357.124 Sun Java version: 1.8.0_40 (32-bit) Sun Java version: 1.8.0_40 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\luc\AppData\Local\Temp ==== 2015-06-21 06:45:46 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna4420010484078399530.dll 2015-06-21 06:45:15 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna7870169520117306718.dll 2015-06-21 06:45:00 D9348DB92AB4E5B94F005F0F651DE2B1 43008 ----a-w- C:\Users\luc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoj3afb.dll 2015-06-21 06:08:28 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna3410873450548913861.dll 2015-06-21 06:07:43 05A72ADA9247AEB114A9EF01A394B6C4 227897 ------w- C:\Users\luc\AppData\Local\Temp\jna-107514\jna6808661994371933743.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-06-18 06:59:50 CFF867572B44212B01B711C1FA009537 101888 ----a-w- C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2015-06-18 06:59:50 4C6F2D2CE86330335801F2982B26223E 89360 ----a-w- C:\WINDOWS\SysWOW64\VB5DB.DLL 2015-06-18 06:59:49 A975D60B223E683C987162BEB291B748 415504 ----a-w- C:\WINDOWS\SysWOW64\MSREPL35.DLL 2015-06-18 06:59:49 9F6FAF209BEC2362523A0E9509F78964 1046288 ----a-w- C:\WINDOWS\SysWOW64\MSJET35.DLL 2015-06-18 06:59:49 954CEB4D7C7DC5E94EA237CF96D387A3 252176 ----a-w- C:\WINDOWS\SysWOW64\MSRD2X35.DLL 2015-06-18 06:59:49 72F160302EE06A2CB12FA2FFA10BA3F0 24848 ----a-w- C:\WINDOWS\SysWOW64\MSJTER35.DLL 2015-06-18 06:59:49 719E0F4D1114F700F564E9AE47F0E3EE 119808 ----a-w- C:\WINDOWS\SysWOW64\MSSTDFMT.DLL 2015-06-18 06:59:49 4FB4A9FBB17ED82EDC6AC5C3C6E71C6D 123664 ----a-w- C:\WINDOWS\SysWOW64\MSJINT35.DLL 2015-06-18 06:59:48 EC751A9D4C9BCA0488A0875C7802F5E5 440352 ----a-w- C:\WINDOWS\SysWOW64\MSHFLXGD.OCX 2015-06-18 06:59:48 AB412429F1E5FB9708A8CDEA07479099 152848 ----a-w- C:\WINDOWS\SysWOW64\COMDLG32.OCX 2015-06-10 08:21:36 9B3EE3F42109B4115FFE053C225FC1C6 792568 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-06-10 08:21:36 38D724C261738F1C3FD90D21B130E06A 178168 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-06-10 06:38:40 BD7E7AC5639FFE7CDDAA5A3F7A05D4A7 2483712 ----a-w- C:\WINDOWS\SysWOW64\msftedit.dll 2015-06-10 06:37:01 7F78583D91D0FCA9678778F45328C99F 367104 ----a-w- C:\WINDOWS\SysWOW64\puiobj.dll 2015-06-10 06:35:24 02BE9F037101364A565D224194337B0C 207872 ----a-w- C:\WINDOWS\SysWOW64\rastapi.dll 2015-06-10 06:35:01 33BC1A74FA72C3B0EE04A23FDE1045FC 158720 ----a-w- C:\WINDOWS\SysWOW64\rgb9rast.dll 2015-06-10 06:34:07 5027CAF4BFB31E4CD2918B2C2DFFC4CB 1920000 ----a-w- C:\WINDOWS\SysWOW64\mssrch.dll 2015-06-10 06:34:04 E9A91A0A589AED5328E30D8C7E59E5AE 2749952 ----a-w- C:\WINDOWS\SysWOW64\tquery.dll 2015-06-10 06:34:03 8D4CEAEE747097A70342B80EA32E018D 710144 ----a-w- C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-06-10 06:34:02 B95D112E19CFEC74692F7791ABBB03BE 391680 ----a-w- C:\WINDOWS\SysWOW64\mssph.dll 2015-06-10 06:34:01 14B5D6506A366585F8D6B6097530F7F2 272896 ----a-w- C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-06-10 06:34:00 50B6B1D4EFCB81298DE7F9415879C51B 699392 ----a-w- C:\WINDOWS\SysWOW64\mssvp.dll 2015-06-10 06:33:54 00ED6F8562702A00D8AEC9F70CA7DDFE 1018880 ----a-w- C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-06-10 06:33:47 CF6502529F3819C984A26BBD83ED3C8E 180224 ----a-w- C:\WINDOWS\SysWOW64\authz.dll 2015-06-10 06:33:41 B0EDCA1168C874812A180EBCD1A43EB5 549888 ----a-w- C:\WINDOWS\SysWOW64\comctl32.dll 2015-06-10 06:33:29 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-06-10 06:33:19 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-06-10 06:33:17 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-06-10 06:33:12 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-06-10 06:33:10 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-06-10 06:33:10 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-06-10 06:33:09 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\WINDOWS\SysWOW64\jscript9diag.dll 2015-06-10 06:33:08 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-06-10 06:33:06 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\WINDOWS\SysWOW64\html.iec 2015-06-10 06:33:06 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-06-10 06:33:05 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-06-10 06:33:02 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-06-10 06:32:59 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-06-10 06:32:58 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\WINDOWS\SysWOW64\dxtrans.dll 2015-06-10 06:32:56 AE8F02C9B1DC7364A94ABEB6E396611C 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-06-10 06:32:53 3B850134010B7CCC546C29D51405C9DA 1042944 ----a-w- C:\WINDOWS\SysWOW64\actxprxy.dll 2015-06-10 06:32:50 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\WINDOWS\SysWOW64\mshtmled.dll 2015-06-10 06:32:42 7467B0605897898F8F32B4B9B9041F51 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll 2015-06-10 06:32:38 8AE1E22527BC203BAD89212F6D09F038 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-06-21 06:43:16 CA3E4595439C8B4C7F732DE37382CBF4 445248 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT 2015-06-16 08:10:51 F449319A87FAC25D53BF2BECD703D46B 4375072 ----a-w- C:\WINDOWS\Sysnative\MetaViewer64.dll 2015-06-10 06:38:37 3F8C7B8A4C345D0378AC79746E927158 3097600 ----a-w- C:\WINDOWS\Sysnative\msftedit.dll 2015-06-10 06:37:28 574F2184043FAF24B588BA12B3CC99CC 410336 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-06-10 06:37:02 4DC765353D890B9813AC809C0EFF488A 477184 ----a-w- C:\WINDOWS\Sysnative\puiobj.dll 2015-06-10 06:37:02 4A5D524C19BEB337797D6448020025B4 1091072 ----a-w- C:\WINDOWS\Sysnative\localspl.dll 2015-06-10 06:37:01 9DF4C369F556A4FBAE7E1D86F1AA5593 309760 ----a-w- C:\WINDOWS\Sysnative\compstui.dll 2015-06-10 06:35:24 D044FD35EEC3BF683B963DE10A5E00C3 222208 ----a-w- C:\WINDOWS\Sysnative\rastapi.dll 2015-06-10 06:35:05 B0B46D29B9F34D19B819B48E208871A5 36864 ----a-w- C:\WINDOWS\Sysnative\UtcResources.dll 2015-06-10 06:35:05 3ECB752A6963B1CBC9AD65ED89C8ACED 1430528 ----a-w- C:\WINDOWS\Sysnative\diagtrack.dll 2015-06-10 06:34:08 F2CBC74E403A4251279D0BA9D0ECFBDB 2551808 ----a-w- C:\WINDOWS\Sysnative\mssrch.dll 2015-06-10 06:34:05 3B8D14C7D33E3991090C726DD4CF7088 468480 ----a-w- C:\WINDOWS\Sysnative\mssph.dll 2015-06-10 06:34:05 279C2DB5C56A3674DCB98165E85237CF 3633664 ----a-w- C:\WINDOWS\Sysnative\tquery.dll 2015-06-10 06:34:04 F52C9F18BE8899CF503D7D40E62C47C3 903168 ----a-w- C:\WINDOWS\Sysnative\SearchIndexer.exe 2015-06-10 06:34:03 42FFA34D6A1ABBC6064E0D8A452039D3 774144 ----a-w- C:\WINDOWS\Sysnative\mssvp.dll 2015-06-10 06:34:02 98D0A8C3BF81774D76EAAB5977B69AB3 337408 ----a-w- C:\WINDOWS\Sysnative\SearchProtocolHost.exe 2015-06-10 06:34:01 62B3D51F60859F595317D7C3AEC5E5F2 248832 ----a-w- C:\WINDOWS\Sysnative\mssphtb.dll 2015-06-10 06:33:55 3C03E08CBB76B7081173924C52D329EE 1249280 ----a-w- C:\WINDOWS\Sysnative\UIAutomationCore.dll 2015-06-10 06:33:47 CD7DC91A7F84B4C81A06B511545DE867 275968 ----a-w- C:\WINDOWS\Sysnative\authz.dll 2015-06-10 06:33:41 0341BF7622E0D547446DB254868EF965 653824 ----a-w- C:\WINDOWS\Sysnative\comctl32.dll 2015-06-10 06:33:31 A29BAFC1543F9D2234AFFFEA9BCE76C8 24917504 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-06-10 06:33:21 CFA52E2FE8E623042A1EEF96EB1B9481 6026240 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-06-10 06:33:20 417F80E4AFBA1AA9EBBD618F1C6D9165 2426880 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-06-10 06:33:14 AE5A2843B4A2E1E558B9EE13EF62CCE5 14404096 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-06-10 06:33:11 6E295C7364DAEB151CC0E98434B6AC92 2885632 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-06-10 06:33:11 6ABFC5736EC920C4436F32111F5CBCEE 1545728 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-06-10 06:33:09 7B4A7D55E905ED9A0A4B1263BA7C6944 2865152 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2015-06-10 06:33:08 33B5F1A727FACDEA7CDA0E35FFAADDCF 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-06-10 06:33:07 FF84182188CA8F0DC28CFED06C9B7816 2125824 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-06-10 06:33:07 2BC2D3A41BB755487FD55C09938F00BC 417792 ----a-w- C:\WINDOWS\Sysnative\html.iec 2015-06-10 06:33:06 083BCA14FCE290D682D8DAC9372CBF23 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-06-10 06:33:04 83781DF625A4448B39410D7FA2BDC48D 816640 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-06-10 06:33:02 7F8F9AE03D1BA4354671E05F07A40F1A 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-06-10 06:33:01 3854BFE1C0F14872C94501421CC40813 814080 ----a-w- C:\WINDOWS\Sysnative\jscript9diag.dll 2015-06-10 06:32:57 86FDFEA67833DB261EC01A777594EDCF 316928 ----a-w- C:\WINDOWS\Sysnative\dxtrans.dll 2015-06-10 06:32:56 614604C8D322D0779E426917CAFE4F3E 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-06-10 06:32:52 ACD6FE6C82B93813F023FC01A51CB940 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-06-10 06:32:49 9EFAF10AF9BFA6CDBDDE3D8C5EDC3453 145408 ----a-w- C:\WINDOWS\Sysnative\iepeers.dll 2015-06-10 06:32:47 35622F5A652C4E16774234DCA0026E74 633856 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-06-10 06:32:45 1E31F06BE53F11CF5E660284E68587AC 374272 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-06-10 06:32:41 11E5CD954CC38080471E7CC2CA1558AE 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-06-10 06:32:02 6CCC851608DD076C13E37737BB75A9DC 4177920 ----a-w- C:\WINDOWS\Sysnative\win32k.sys ====== C:\WINDOWS\Sysnative\drivers ===== 2015-06-10 06:33:51 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2015-06-09 08:04:57 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-06-09 08:04:56 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-06-09 08:04:56 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-06-04 08:24:09 77621A3DF170D246DC744CD0767BFAB3 33152 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.sys 2015-06-04 08:24:09 61F60C794F0B40A68BAC6B61A5145311 3102 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.inf 2015-06-04 08:24:09 0D457235E0448235A27706E5F1ED8D8D 8392 ----a-w- C:\WINDOWS\Sysnative\drivers\gwdrv.cat ====== C:\WINDOWS\Tasks ====== 2015-06-10 08:07:35 58B2F60C8C89A31141A09330D33C3FE7 2686 ----a-w- C:\WINDOWS\Sysnative\Tasks\Wise Memory Optimizer Task 2015-06-10 08:07:33 AF7223FA85A4DDA78B250F910743B7CF 438 ----a-w- C:\WINDOWS\Tasks\Wise Memory Optimizer Task.job 2015-05-24 07:16:52 F468F5CE42A73CC7696002CDE8D9ED8B 3090 ----a-w- C:\WINDOWS\Sysnative\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2322693781-2597380507-2506105236-1001 ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-06-07 08:19:13 -------- d-----w- C:\Program Files\TAP-Windows ======= C:\PROGRA~2 ===== 2015-06-18 08:43:41 -------- d-----w- C:\PROGRA~2\TSMV5 2015-06-18 06:59:48 -------- d-----w- C:\PROGRA~2\FreeFolderHider 2015-06-11 07:24:55 -------- d-----w- C:\PROGRA~2\LibreOffice 4 2015-06-09 15:01:14 -------- d-----w- C:\PROGRA~2\FreeCodecPack 2015-06-07 08:19:07 -------- d-----w- C:\PROGRA~2\OpenVPN 2015-06-06 09:26:19 -------- d-----w- C:\PROGRA~2\TrackView 2015-06-04 08:23:55 -------- d-----w- C:\PROGRA~2\GlassWire 2015-05-30 08:06:34 -------- d-----w- C:\PROGRA~2\Dropbox 2015-05-25 09:31:33 -------- d-----w- C:\PROGRA~2\Jeta Logo Designer 2015-05-23 11:06:00 -------- d-----w- C:\PROGRA~2\XMind ======= C: ===== ====== C:\Users\luc\AppData\Roaming ====== 2015-06-18 08:44:12 -------- d-----w- C:\Users\luc\AppData\Local\1Million_Ltd 2015-06-18 08:43:46 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0 2015-06-16 08:10:05 -------- d-----w- C:\Users\luc\AppData\Roaming\MetaQuotes 2015-06-11 10:28:24 -------- d-----w- C:\Users\luc\AppData\Local\ElevatedDiagnostics 2015-06-11 07:28:42 -------- d-----w- C:\Users\luc\AppData\Roaming\LibreOffice 2015-06-11 07:04:37 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Dropbox 2015-06-11 07:03:52 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Dropbox 2015-06-09 08:00:59 -------- d-----w- C:\Users\luc\AppData\Local\GWX 2015-06-04 08:24:19 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire 2015-05-30 08:07:17 -------- d-----w- C:\Users\luc\AppData\Roaming\Dropbox 2015-05-30 08:06:31 -------- d-----w- C:\Users\luc\AppData\Local\Dropbox 2015-05-24 12:34:00 224EB0166477F3ECD2FE88B6B8D4BE13 3865 ----a-w- C:\Users\luc\AppData\Locallow\lpm.dat 2015-05-24 07:58:59 -------- d-----w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2015-05-24 07:58:56 -------- d-----w- C:\Users\luc\AppData\Local\FluxSoftware 2015-05-23 10:43:27 -------- d-----w- C:\Users\luc\AppData\Local\GlassWire ====== C:\Users\luc ====== 2015-06-21 06:44:30 -------- d-----w- C:\ProgramData\Kingsoft 2015-06-18 09:17:10 9FF3C7F736B3F1FE01EF13B2A97BDD93 307200 ----a-w- C:\Users\luc\Downloads\Mozan.exe 2015-06-18 08:42:49 9E5161A683304F01E3E7901D4CABB047 12540872 ----a-w- C:\Users\luc\Downloads\TSMsetup.exe 2015-06-18 06:59:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Folder Hider 2015-06-18 06:59:15 3BCCE4794A3C5246D450322DD08174D8 2803347 ----a-w- C:\Users\luc\Downloads\FreeFolderHider.exe 2015-06-16 08:09:47 1D8161C95549169FE8EF61A374AC40A6 527936 ----a-w- C:\Users\luc\Downloads\mt5setup (1).exe 2015-06-14 09:11:17 8611C95230B655AE661AAEDC17BAA152 6549184 ----a-w- C:\Users\luc\Downloads\ccsetup506 (1).exe 2015-06-12 09:53:08 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.IEPerformance.FISC.146357533226380896.1.3.Run.exe 2015-06-12 09:49:31 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.Codec.FISC.146357533226380896.1.2.Run.exe 2015-06-12 09:48:27 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Users\luc\Downloads\MicrosoftFixit.malware.FISC.146357533226380896.1.1.Run.exe 2015-06-11 07:28:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4 2015-06-11 07:05:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-11 07:04:35 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Documents 2015-06-11 07:04:35 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Desktop 2015-06-09 08:04:11 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\luc\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-07 08:19:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows 2015-06-07 08:19:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN 2015-06-06 09:26:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackView 2015-05-30 08:10:03 -------- d-----r- C:\Users\luc\Dropbox 2015-05-30 08:06:31 -------- d-----w- C:\ProgramData\Dropbox 2015-05-25 09:31:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeta Logo Designer 2015-05-23 11:07:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind 2015-05-23 10:43:06 -------- d-----w- C:\ProgramData\GlassWire ====== C: exe-files == 2015-06-18 09:17:10 9FF3C7F736B3F1FE01EF13B2A97BDD93 307200 ----a-w- C:\Users\luc\Downloads\Mozan.exe 2015-06-18 08:43:42 95E9972B33E4920024AA42BCFDC18A7C 572448 ----a-w- C:\Program Files (x86)\TSMV5\TSMsetup_35117.exe 2015-06-18 08:43:14 AB9F9F3A4AB87C0A496ECB8F512A8985 3128320 ----a-w- C:\Program Files (x86)\TSMV5\TheStakingMachine.exe 2015-06-18 08:42:49 9E5161A683304F01E3E7901D4CABB047 12540872 ----a-w- C:\Users\luc\Downloads\TSMsetup.exe 2015-06-18 06:59:48 4B0B619FF5E40BB4EF7062D6DD9A83A5 685937 ----a-w- C:\Program Files (x86)\FreeFolderHider\unins000.exe 2015-06-18 06:59:48 22088E61E1DD1B6843F6DAD4F5FC3B39 892928 ----a-w- C:\Program Files (x86)\FreeFolderHider\FolderHider.exe 2015-06-18 06:59:15 3BCCE4794A3C5246D450322DD08174D8 2803347 ----a-w- C:\Users\luc\Downloads\FreeFolderHider.exe 2015-06-16 08:09:47 1D8161C95549169FE8EF61A374AC40A6 527936 ----a-w- C:\Users\luc\Downloads\mt5setup (1).exe === C: other files == 2015-06-21 06:45:06 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\luc\AppData\Local\Temp\_MEI32162\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-06-21 06:45:05 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\luc\AppData\Local\Temp\_MEI32162\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx 2015-06-16 09:42:27 BC9563FF4AEFE350BFDDD4C1C5BB278C 74591813 ----a-w- C:\Users\luc\OneDrive\Muziek\AsatruInVinland.zip ======== System Restore Points ======== RP50: 4/06/2015 10:09:36 - Windows Update RP51: 10/06/2015 10:07:48 - Windows Update RP52: 11/06/2015 9:21:53 - Installed LibreOffice 4.4.3.2 RP53: 14/06/2015 10:09:38 - Windows Update RP54: 18/06/2015 10:50:53 - Windows Update RP55: 21/06/2015 11:23:43 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2322693781-2597380507-2506105236-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "ftweak_RAMRush"="C:\Program Files (x86)\RAMRush\RAMRush.exe" "f.lux"="-C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "GlassWire"="C:\Program Files (x86)\GlassWire\glasswire.exe -hide" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cmsc"="c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun" "DivXMediaServer"="-C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" "DivXUpdate"="-C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "ftweak_RAMRush"="C:\Program Files (x86)\RAMRush\RAMRush.exe" "f.lux"="-C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe /noshow" "GlassWire"="C:\Program Files (x86)\GlassWire\glasswire.exe -hide" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui" "OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe" "RTHDVCPL"="-C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BoxSync"="-C:\Program Files\Box\Box Sync\BoxSync.exe -m" ==== Startup Folders ====================== 2015-01-05 14:51:08 1943 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Connection Keeper.lnk 2015-05-07 13:54:51 1095 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk 2015-01-04 13:49:07 795 ----a-w- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk 2015-04-12 11:57:28 1465 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Philips GoGear SA4VBE Device Manager.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Wise Memory Optimizer Task.job --a-------- C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe [10/06/2015 14:34] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\Wise Memory Optimizer Task" [C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe] "C:\WINDOWS\SysNative\tasks\Badosoft\Connectivity Fixer" ["C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe"] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN45U71561" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\luc\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx[03/04/2015 11:15] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Belfius Smart Card Reader Chrome Extension - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Google Drive - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf MEGA - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod selector is not a valid CSS selector - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Hide My Ass Web Proxy - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd HTTP Captive Portal Test - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc PanicButton - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm Bookmarks Menu - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi AdBlock - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Hola Better Internet - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio Pin It Button - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic The Great Suspender - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg Google Drive App Launcher - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh AdRemover for Google Chromeâ„¢ - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcefmojpghnaceadnghednjhbmphipkb Chrome Speak - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgpmlgbbboameedkldbfbhoigbabcbhk Ghostery - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij Google Wallet - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Evernote Web Clipper - luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc Google Slides - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Drive App Launcher - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - luc\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Preferences ls.html","content/clip_result/clip_result.html","content/clip_result/iframe.css","content/feedback_form/feedback_form.html","content/filing_tools/filing_tools.html","content/global_tools/global_tools.html","content/pdf_tooltip/pdf_tooltip.html","content/release_notes/shortcuts.html","content/salesforce/promo.html","content/share_tools/email_sharing.html","content/share_tools/share_tools.html","content/sim_search_results.html","content/tooltips/screenshot_toast.html","content/tooltips/tooltip.html","content/tooltips/tooltip2.html","content/HtmlSerializer.js","content/frame.js","options.html","skitch/sounds/snap.wav","content/fle/fle.html","content/fle/flemarkup.css","content/fle/flemarkup.html","fonts/GothamSSm-Medium.otf","fonts/GothamSSm-Bold.otf","logs.html"]},"path":"pioclpoplcdbaefihamjohnefbikjilc\\6.4_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"bedrijfsconsult@gmail.com","username":"bedrijfsconsult@gmail.com"}},"homepage":"https://startpage.com/ned/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"8D78CB0636C5A39A39DB364C4433BD6F4001835D98770DDEDFF31EE974A4904C"},"default_search_provider":{"keyword":"BC896F1C5AA0850394AAA3ED4204BC834799169B3DD32B734F851C4D01D548C1","name":"13B6052351AEAA9940AD714DD295AD201695840E3DFD89E2D81FBB8F7BB204E9","search_url":"9CC4DA5827878FEBE2A07B906E6EE635158C0CC7310DBC5FFCB413549D0ADDDA"},"default_search_provider_data":{"template_url_data":"D0C256AB78145561A9D28F37A82467CB672406B16C6354A6F4F24192EEDA291D"},"extensions":{"settings":{"agicnfmechmlphpjmeefookfjhifbmhi":"7A5C1CB595719B95997E612BC3FDBD31210DCBAEF13E793BF92ECDAAC7F81C5C","ahfgeienlihckogmohjhadlkjgocpleb":"AC363DB7761503FF28988F4D9EECA3CF905FFAF8DC49C9906896A56DF267F3E9","apdfllckaahabafndbhieahigkjlhalf":"5A77C98016AE0DEE7F771D65A546E52B952ECAD5735A6BD402609FB5DAAE12D9","bdglbbcbmgnimogcmcdenggkpdmihlga":"6C109572CEAA3A8897EF81FF9B8BC0C95C2E2B319162FA4E2CC773AE5CF5F44A","bepbmhgboaologfdajaanbcjmnhjmhfn":"34D25232F457B2174B6A0577ECDE80F1251266A8A7019738CAD57211D0CF4AB5","bigefpfhnfcobdlfbedofhhaibnlghod":"F4A8F07C0DAC732A8B435526BBFD54158C7E0C6C29FD03A71F5466816801D7A3","cfhdojbkjhnklbpkdaibdccddilifddb":"5D9FB3FD790CC914711AFC180983056A4193945B876439DE577D44886DF71AE8","cmgnmcnlncejehjlnhaglpnoolgbflbd":"57C21679095D57563322B98240075C8BEA2A7A47DDF821F7531F940096DB6F99","dcpfhaghaadpjpgocojgnlhjcieeooel":"33D0B4619D044FC56B81A965B27AE94E41D2719E61DF015E96198E61B4BA0C91","eachfleknamlcepmplpdghagngjfjkin":"449350F6304E85A2D92D74353F29A9B8C151E55C8D2620454EF97CD420866575","eemcgdkfndhakfknompkggombfjjjeno":"73B164A23FA663F4E0C88D81911BCD29DCBBF1D3ECD6CDA164BA3B953B02F95C","eemlkeanncmjljgehlbplemhmdmalhdc":"176C641004C8895CA2AB3135A797355BEF40C17C1F2118BF1C00AA5F8BE1D800","ennkphjdgehloodpbhlhldgbnhmacadg":"6FF90FB19378223B755DC6F6AFCF9E013E4D85D535A36B30C51C36A5B642726F","faminaibgiklngmfpfbhmokfmnglamcm":"087663B413D11B5B50D65D450269817833CDE7782961E47F1997B5D118788AE8","ffmdedmghpoipeldijkdlcckdpempkdi":"0B804A459EE11C513C7ACF78658D2386C883D20478E629A1AC2836FEE9D0BAA6","gfdkimpbcpahaombhbimeihdjnejgicl":"B35B9FC438C6867CF5D9F501FFDB4C02A0BC8E4B9C36EE718E04F566BBF454EF","gighmmpiobklfepjocnamgkkbiglidom":"C40DE4C7C7C5600D0B3C8972F3467F2ACE5531CB9116398EBA934028242E177B","gkojfkhlekighikafcpjkiklfbnlmeio":"D261F1A5DB5F560719BDC778AEF935D60118EA6D1799058D5164E88996527925","gpdjojdkbbmdfjfahjcgigfpmkopogic":"644189A127ADB4812272B2EED1E99B93321AB1890B3AF16F352FA9ADF5624AF8","klbibkeccnjlkjkiokjodocebajanakg":"564BCC8D96FE20F6417E73836211DF411CBC9C4C5E4523CE2E69E1A712291970","kmendfapggjehodndflmmgagdbamhnfd":"44ED0333774DA72126005480945EBDB1E58FDBE79D7F1ADC55D263D22EA532E3","lmjegmlicamnimmfhcmpkclmigmmcbeh":"D4EEED85D98A9E1985C61C70A6034A63F2068C85F15EA2CAF5217406A79ED749","mcefmojpghnaceadnghednjhbmphipkb":"8554BB5E1DBED7102229F062F543764C0150AA7C01C52F695FA4858AD1E051E0","mfehgcgbbipciphmccgaenjidiccnmng":"AB86B1E222396920CB7DD3FCFF4B0912E24978DDCBEA630F5ACFB3E1398E0DC5","mfffpogegjflfpflabcdkioaeobkgjik":"03ECCD756A97FD085C42813FCF143B297BC2298404FB4877F5738557ED086BE8","mgndgikekgjfcpckkfioiadnlibdjbkf":"C353981E45C7198C0C2374585AAB636F7317EAE733104E766CAD6AF3EBAE6815","mgpmlgbbboameedkldbfbhoigbabcbhk":"A2AF0BA74E4AA66B51B32123CA77D8D0AD51631B6929F8E7F4C48B83C5C85793","mhjfbmdgcfjbbpaeojofohoefgiehjai":"3DA728C302E4D8864BC3CC2F26E7A4B8E1C05ABE7C5AA051EBC42BE3DEBE9D3B","mlomiejdfkolichcflejclcbmpeaniij":"59A8FCBE7B770F3B4A67A1392730A859AC22784C3DB52E3D300DC900B2B78919","neajdppkdcdipfabeoofebfddakdcjhd":"8C7F620BFF98E540D139940C3A4EB8F0B694F3E2578D6F037DA1F28B46BB7F94","nkeimhogjdpnpccoofpliimaahmaaome":"99D85F06DF638ADE823A871DC217CB9CAD1AE2AC6D75ACC795B8B55CA762C8BC","nmmhkkegccagdldgiimedpiccmgmieda":"2293DDAC3F0361DEFA1127B88470D5683D09E1EC8AA537D700ED094780062AAF","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"551647AE1EEF2E42BEFD43AC2EBBAB06A5A6685DA7761F235785987C49573715","pioclpoplcdbaefihamjohnefbikjilc":"991EBC815B556ACECBF22AF5935C2158E88A20966080C0627586BC7294B5A839"}},"google":{"services":{"last_username":"8057BB038789860B8D3131979DE012B04C7D44EA168B16BD4A7C8037BF564D9D","username":"89437F8D3D5C297B914749E3E2062DD7CED09B87137089D46892CD48D1A12E2F"}},"homepage":"4039689BD33D96EAB1444584329779B3B6876EFFA0AE8516334E635C2A110603","homepage_is_newtabpage":"A2DBAC7972E4D0AF910691573C62E83DB290465625451D187CB39BE25A5AA93C","pinned_tabs":"E7FAEEE11C3ACA9BEF05A1D5E3886E4FE81EAE21834FC839F6229617C13286AB","prefs":{"preference_reset_time":"35F06C3730FC1CC4F7AD85A83CEFA701206C93EEC99B3B169CF0404E74C0857A"},"profile":{"reset_prompt_memento":"3B356D5F5D6C7C3E75E1280616FA453818C15C626FABE29B113AEA0FCC399BD4"},"safebrowsing":{"incidents_sent":"A6AC3502D2A0D00D36044D817FD108FE79E7607A8E7E4EF4D534B817A260B9B4"},"search_provider_overrides":"A13A2233B23E27B3715D756D1E40974B1293D957F1BDA92A98AFEA07871BA9A9","session":{"restore_on_startup":"6F1688A2972CD7DFBDCFD0D74FB49674E90500E558E57D04AA72FB7B968C6876","startup_urls":"398E0D5F45C4F5A6E724C6C916C4064373DFD84D8E263D4125D42269E9149996"},"software_reporter":{"prompt_reason":"5FDEC35CFF0EDD5BCADE23CB1389C78015A5FA65C687C2510889CC83AA927ADE","prompt_seed":"1A940D772EE34DE1653F91ECEEA24FFABB97546FB1E230B8D8E99EAE8D8D3D38","prompt_version":"22ACA23F01309C04664ABE73112C2E71F46E2A009FD1676224A8FAD0CBEEC3E4"},"sync":{"remaining_rollback_tries":"4C5CD9323722674E720367161BF5D0C4F47918FC6BA5832F84059F722F9E9D6B"}},"super_mac":"A1636B508A90E72199D999F6725C4B83891EE05E1A9492ED9EB91132FA4620A5"},"session":{"restore_on_startup":4,"startup_urls":["https://startpage.com/ned/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Reset Google Chrome ====================== C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\ingrid\Desktop\FBReader.lnk - C:\Program Files (x86)\FBReader\FBReader.exe C:\Users\ingrid\Desktop\LanTopolog.lnk - C:\Program Files (x86)\LanTopolog\lantopolog.exe C:\Users\ingrid\Desktop\Memory Improve Ultimate.lnk - C:\Program Files (x86)\Memory Improve Ultimate\MemoryImproveUltimate.exe C:\Users\ingrid\Desktop\Private Folder 1.1.LNK - C:\Program Files (x86)\PrivateFolder\PrivateFolder.exe C:\Users\ingrid\Desktop\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe C:\Users\ingrid\Desktop\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe C:\Users\luc\Desktop\Box Sync.lnk - C:\Users\luc\Box Sync C:\Users\luc\Desktop\Dropbox.lnk - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /home C:\Users\luc\Desktop\Google Drive.lnk - C:\Users\luc\Google Drive C:\Users\luc\Desktop\SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe C:\Users\luc\Desktop\The Staking Machine V5.0.lnk - C:\Program Files (x86)\TSMV5\TheStakingMachine.exe C:\Users\luc\Desktop\VSDC Free Video Editor.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe C:\Users\luc\Desktop\WPS Writer.lnk - C:\Users\luc\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\office6\wps.exe /w C:\Users\luc\Desktop\XMind 6.lnk - C:\Program Files (x86)\XMind\XMind.exe C:\Users\luc\Desktop\BLP20152\Private Folder 1.1.LNK - C:\Program Files (x86)\PrivateFolder\PrivateFolder.exe C:\Users\luc\Desktop\EPUB1\Folder Hider.lnk - C:\Program Files (x86)\FreeFolderHider\FolderHider.exe C:\Users\luc\Desktop\FILES1\amvtransform.lnk - C:\Program Files (x86)\Philips Media Convertor v1.2\AMVConverter\amvtransform.exe C:\Users\luc\Desktop\FILES1\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list C:\Users\luc\Desktop\FILES1\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe C:\Users\luc\Desktop\FILES1\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cndt&locale=nl_be&bd=all&c=134 C:\Users\luc\Desktop\FILES1\BitTorrent.lnk - C:\Users\luc\AppData\Roaming\BitTorrent\BitTorrent.exe C:\Users\luc\Desktop\FILES1\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\luc\Desktop\FILES1\CDBurnerXP.lnk - C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe C:\Users\luc\Desktop\FILES1\Clean Master.lnk - C:\Program Files (x86)\cmcm\Clean Master\kcleaner.exe -src:2 C:\Users\luc\Desktop\FILES1\Connection Keeper.LNK - C:\Program Files (x86)\Connection Keeper\conkeepm.exe C:\Users\luc\Desktop\FILES1\DivX Converter.lnk - C:\Program Files (x86)\DivX\DivX Converter\DivXConverterLauncher.exe C:\Users\luc\Desktop\FILES1\DivX Movies.lnk - C:\Users\luc\Videos\DivX Movies C:\Users\luc\Desktop\FILES1\DivX Player.lnk - C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe C:\Users\luc\Desktop\FILES1\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\Users\luc\Desktop\FILES1\Evernote.lnk - C:\WINDOWS\Installer\{C15841A6-C20A-11E4-977D-00163E98E7D6}\Evernote.ico C:\Users\luc\Desktop\FILES1\Everyday Auto Backup.lnk - C:\Program Files (x86)\Everyday Auto Backup\AutoBackup.exe C:\Users\luc\Desktop\FILES1\File Shredder.lnk - C:\Program Files\File Shredder\Shredder.exe C:\Users\luc\Desktop\FILES1\Format Factory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\luc\Desktop\FILES1\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\Users\luc\Desktop\FILES1\Freemake Video Downloader.lnk - C:\Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe C:\Users\luc\Desktop\FILES1\GlassWire.lnk - C:\Program Files (x86)\GlassWire\GlassWire.exe C:\Users\luc\Desktop\FILES1\HP Connected Music.lnk - C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe C:\Users\luc\Desktop\FILES1\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\Users\luc\Desktop\FILES1\HTTrack Website Copier.lnk - C:\Program Files (x86)\WinHTTrack\WinHTTrack.exe C:\Users\luc\Desktop\FILES1\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\Users\luc\Desktop\FILES1\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\luc\Desktop\FILES1\ManyCam.lnk - C:\Program Files (x86)\ManyCam\ManyCam.exe C:\Users\luc\Desktop\FILES1\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe C:\Users\luc\Desktop\FILES1\Mendeley Desktop.lnk - C:\Program Files (x86)\Mendeley Desktop\MendeleyDesktop.exe C:\Users\luc\Desktop\FILES1\Microsoft Network Monitor 3.4.lnk - C:\Program Files (x86)\Microsoft Network Monitor 3\netmon.exe C:\Users\luc\Desktop\FILES1\Nitro Reader.lnk - C:\Program Files (x86)\Nitro\Reader 3\NitroPDFReader.exe C:\Users\luc\Desktop\FILES1\OziBoxSync.lnk - C:\Users\luc\AppData\Roaming\OziboxSync\OziBoxSync.exe C:\Users\luc\Desktop\FILES1\Philips SA4VBE Device Manager.lnk - C:\Program Files (x86)\Philips\GoGear SA4VBE Device Manager\GoGear_SA4VBE_DeviceManager.exe C:\Users\luc\Desktop\FILES1\PrivaZer.lnk - C:\Program Files (x86)\PrivaZer\PrivaZer.exe C:\Users\luc\Desktop\FILES1\SafeHouse Explorer.lnk - C:\Program Files (x86)\SafeHouse Explorer\SafeHouseExplorer.exe C:\Users\luc\Desktop\FILES1\ScreenHunter 6.0 Free.lnk - C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe C:\Users\luc\Desktop\FILES1\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\luc\Desktop\FILES1\Wise Care 365.lnk - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe C:\Users\luc\Desktop\FILES1\Wise Program Uninstaller.lnk - C:\Program Files (x86)\Wise\Wise Program Uninstaller\WiseProgramUninstaller.exe C:\Users\luc\Desktop\FILES1\X-Setup Pro Welcome.lnk - C:\Program Files (x86)\X-Setup Pro\bin\xqdcXSPStart.exe C:\Users\luc\Desktop\FILES1\yEd Graph Editor.lnk - C:\Program Files (x86)\yWorks\yEd\yEd.exe C:\Users\luc\Desktop\FILES1\files2\AML Free Registry Cleaner.lnk - C:\Program Files (x86)\AML Products\Registry Cleaner\regclean.exe C:\Users\luc\Desktop\FILES1\files2\Argente - Registry Cleaner.lnk - C:\Program Files (x86)\Argente - Registry Cleaner\ArgenteRC.exe C:\Users\luc\Desktop\FILES1\files2\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\luc\Desktop\FILES1\files2\Degoo.lnk - C:\Users\luc\AppData\Local\Degoo\Degoo.exe C:\Users\luc\Desktop\FILES1\files2\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\luc\Desktop\FILES1\files2\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\luc\Desktop\FILES1\files2\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\Users\luc\Desktop\FILES1\files2\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\Users\luc\Desktop\FILES1\files2\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\Users\luc\Desktop\FILES1\files2\Icecream Ebook Reader.lnk - C:\Program Files (x86)\Icecream Ebook Reader\ebookreader.exe C:\Users\luc\Desktop\FILES1\files2\LanTopolog.lnk - C:\Program Files (x86)\LanTopolog\lantopolog.exe C:\Users\luc\Desktop\FILES1\files2\ManyCam.lnk - C:\Program Files (x86)\ManyCam\ManyCam.exe C:\Users\luc\Desktop\FILES1\files2\Memory Improve Ultimate.lnk - C:\Program Files (x86)\Memory Improve Ultimate\MemoryImproveUltimate.exe C:\Users\luc\Desktop\FILES1\files2\netscan.exe - Snelkoppeling.lnk - C:\Users\luc\Downloads\netscan.exe C:\Users\luc\Desktop\FILES1\files2\RAMRush.lnk - C:\Program Files (x86)\RAMRush\RAMRush.exe C:\Users\luc\Desktop\FILES1\files2\SlimPublisher.lnk - C:\WINDOWS\Installer\{E5EFA4D1-6283-4F10-997B-A45ECC0C6FDC}\_897A28BF768732EC9C2846.exe C:\Users\luc\Desktop\FILES1\files2\VSDC Free Video Editor.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe C:\Users\luc\Desktop\FILES1\files2\WPS Presentation.lnk - C:\Users\luc\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\office6\wpp.exe /w C:\Users\luc\Desktop\FILES1\files2\WPS Spreadsheets.lnk - C:\Users\luc\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\office6\et.exe C:\Users\luc\Desktop\programmas\Jeta Logo Designer.lnk - C:\Program Files (x86)\Jeta Logo Designer\jeta.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\LibreOffice 4.4.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe C:\Users\Public\Desktop\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe C:\Users\Public\Desktop\OpenVPN GUI.lnk - C:\Program Files (x86)\OpenVPN\bin\openvpn-gui.exe C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe C:\Users\Public\Desktop\TrackView.lnk - C:\Program Files (x86)\TrackView\trackview.exe C:\Users\Public\Desktop\Tweaking.com - Advanced System Tweaker.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\AdvSysTweak.exe C:\Users\Public\Desktop\TweakMe.lnk - C:\Users\Public\Desktop\Wise Memory Optimizer.lnk - C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe C:\Users\Public\Desktop\yEd Graph Editor.lnk - C:\Program Files (x86)\yWorks\yEd\yEd.exe ==== shortcuts in Users Start Menu ====================== C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\The Staking Machine V5.0.lnk - C:\Program Files (x86)\TSMV5\TheStakingMachine.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Degoo\Degoo.lnk - C:\Users\luc\AppData\Local\Degoo\Degoo.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Flux.lnk - C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux\Uninstall.lnk - C:\Users\luc\AppData\Local\FluxSoftware\Flux\uninstall.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Help.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe /help C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\Uninstall.lnk - C:\Program Files (x86)\FreeTime\FormatFactory\uninst.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire\GlassWire.lnk - C:\Program Files (x86)\GlassWire\GlassWire.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GlassWire\Uninstall.lnk - C:\Program Files (x86)\GlassWire\uninstall.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator\LiLi USB Creator.lnk - C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator\Uninstall LinuxLive USB Creator.lnk - C:\Program Files (x86)\LinuxLive USB Creator\Uninstall.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\Privazer desinstalleren.lnk - C:\Program Files (x86)\PrivaZer\privazer_remover.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer\PrivaZer.lnk - C:\Program Files (x86)\PrivaZer\PrivaZer.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Degoo .lnk - C:\Users\luc\AppData\Local\Degoo\Degoo.exe StartMinimized C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0\The Staking Machine V5.0.lnk - C:\Program Files (x86)\TSMV5\TheStakingMachine.exe C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Staking Machine V5.0\Uninstall The Staking Machine V5.0.lnk - C:\Program Files (x86)\TSMV5\TSMsetup_35117.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk - C:\Program Files (x86)\PrivaZer\PrivaZer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Setup Pro.lnk - C:\Program Files (x86)\X-Setup Pro\bin\xqdcXSPStart.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio\Android Studio.lnk - C:\Program Files\Android\Android Studio\bin\studio64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync\Box Sync.lnk - C:\WINDOWS\Installer\{E4CB23AD-61D8-4A7B-9C7D-05CF4013F01F}\BoxSync.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\Check for Updates.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\DivX Converter.lnk - C:\Program Files (x86)\DivX\DivX Converter\DivXConverterLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\DivX Player.lnk - C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX\Register.lnk - C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=registration C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /home C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\Product Updater.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\Uninstall VSDC Free Video Editor.lnk - C:\Program Files (x86)\FlashIntegro\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\VSDC Free Screen Recorder.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\Tools\ScreenRecorder.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\VSDC Free Video Capture.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\Tools\VideoCapture.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\VSDC Free Video Editor.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\Help\License Agreement.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\License Agreement.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\Help\Readme.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\Readme.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro\VSDC Free Video Editor\Help\VSDC Free Video Editor Help.lnk - C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoConverter.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Folder Hider\Folder Hider.lnk - C:\Program Files (x86)\FreeFolderHider\FolderHider.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Folder Hider\Uninstall .lnk - C:\Program Files (x86)\FreeFolderHider\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_document C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_spreadsheet C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk - C:\Program Files (x86)\Google\Drive\googledrivesync.exe --new_presentation C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Ebook Reader\Icecream Ebook Reader.lnk - C:\Program Files (x86)\Icecream Ebook Reader\ebookreader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe uninstall_start C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Java Mission Control.lnk - C:\Program Files (x86)\Java\jdk1.7.0_79\bin\jmc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeta Logo Designer\Jeta Logo Designer.lnk - C:\Program Files (x86)\Jeta Logo Designer\jeta.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jeta Logo Designer\Uninstall Jeta Logo Designer.lnk - C:\Program Files (x86)\Jeta Logo Designer\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LanTopolog\LanTopolog.lnk - C:\Program Files (x86)\LanTopolog\lantopolog.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LanTopolog\Uninstall LanTopolog.lnk - C:\Program Files (x86)\LanTopolog\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Base.lnk - C:\Program Files (x86)\LibreOffice 4\program\sbase.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Calc.lnk - C:\Program Files (x86)\LibreOffice 4\program\scalc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Draw.lnk - C:\Program Files (x86)\LibreOffice 4\program\sdraw.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Impress.lnk - C:\Program Files (x86)\LibreOffice 4\program\simpress.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Math.lnk - C:\Program Files (x86)\LibreOffice 4\program\smath.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice Writer.lnk - C:\Program Files (x86)\LibreOffice 4\program\swriter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4\LibreOffice.lnk - C:\Program Files (x86)\LibreOffice 4\program\soffice.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\ManyCam.lnk - C:\Program Files (x86)\ManyCam\ManyCam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Reset settings.lnk - C:\Program Files (x86)\ManyCam\ManyCam.exe --remove-settings C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam\Uninstall ManyCam.lnk - C:\Program Files (x86)\ManyCam\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk - C:\ProgramData\MEGAsync\MEGA Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk - C:\ProgramData\MEGAsync\MEGAsync.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk - C:\ProgramData\MEGAsync\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\OpenVPN GUI.lnk - C:\Program Files (x86)\OpenVPN\bin\openvpn-gui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Uninstall OpenVPN.lnk - C:\Program Files (x86)\OpenVPN\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Manual Page.lnk - C:\Program Files (x86)\OpenVPN\doc\openvpn.8.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Documentation\OpenVPN Windows Notes.lnk - C:\Program Files (x86)\OpenVPN\doc\INSTALL-win32.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN configuration file directory.lnk - C:\Program Files (x86)\OpenVPN\config C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN log file directory.lnk - C:\Program Files (x86)\OpenVPN\log C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Shortcuts\OpenVPN Sample Configuration Files.lnk - C:\Program Files (x86)\OpenVPN\sample-config C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Generate a static OpenVPN key.lnk - C:\Program Files (x86)\OpenVPN\bin\openvpn.exe --pause-exit --verb 3 --genkey --secret "C:\Program Files (x86)\OpenVPN\config\key.txt" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\License (English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\License_en_US.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\Oracle VM VirtualBox.lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (CHM, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox\User manual (PDF, English).lnk - C:\Program Files (x86)\Oracle\VirtualBox\doc\UserManual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMRush\RAMRush on the Web.lnk - C:\Program Files (x86)\RAMRush\RAMRush.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMRush\RAMRush.lnk - C:\Program Files (x86)\RAMRush\RAMRush.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAMRush\Uninstall RAMRush.lnk - C:\Program Files (x86)\RAMRush\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Philips GoGear SA4VBE Device Manager.lnk - C:\Program Files (x86)\Philips\GoGear SA4VBE Device Manager\GoGear_SA4VBE_DeviceManager.exe -silent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Add a new TAP virtual ethernet adapter.lnk - C:\Program Files\TAP-Windows\bin\addtap.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows\Utilities\Delete ALL TAP virtual ethernet adapters.lnk - C:\Program Files\TAP-Windows\bin\deltapall.bat C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackView\TrackView.lnk - C:\Program Files (x86)\TrackView\trackview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackView\Uninstall TrackView.lnk - C:\Program Files (x86)\TrackView\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com - Add On Creator.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\AdvSysTweak_Creator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com - Advanced System Tweaker.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\AdvSysTweak.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com - Registry Backup.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\files\registry_backup_tool\TweakingRegistryBackup.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com - Registry Compressor.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\files\registry_compressor\RegistryCompressor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com - System Information.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\System_Information\System_Information.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Tweaking.com Website.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\Tweaking.com.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Advanced System Tweaker\Uninstall Tweaking.com - Advanced System Tweaker.lnk - C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\uninstall.exe "/U:C:\Program Files (x86)\Tweaking.com\Advanced System Tweaker\Uninstall\uninstall.xml" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakMe.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365\Wise Care 365.lnk - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer\Wise Memory Optimizer.lnk - C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Program Uninstaller\Wise Program Uninstaller.lnk - C:\Program Files (x86)\Wise\Wise Program Uninstaller\WiseProgramUninstaller.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\XMind 6.lnk - C:\Program Files (x86)\XMind\XMind.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Readme.lnk - C:\Program Files (x86)\XMind\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind\Support\Uninstall XMind.lnk - C:\Program Files (x86)\XMind\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor\yEd Graph Editor Uninstaller.lnk - C:\Program Files (x86)\yWorks\yEd\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor\yEd Graph Editor.lnk - C:\Program Files (x86)\yWorks\yEd\yEd.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\ingrid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\ingrid\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Folder Hider.lnk - C:\Program Files (x86)\FreeFolderHider\FolderHider.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GlassWire 1.1.lnk - C:\Program Files (x86)\GlassWire\GlassWire.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk - C:\Program Files (x86)\ManyCam\ManyCam.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\App-opstartprogramma van Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --show-app-list C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\luc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe ==== shortcuts After Repair ====================== C:\Users\luc\Desktop\FILES1\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe ==== Uninstall List x64 ====================== 7-Zip 9.20 (x64 edition) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0920-000001000000}] Alcor Micro USB Card Reader Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F28165B-148D-4672-AA21-469D9E6E3CB6}] Alcor Micro USB Card Reader Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AmUStor] AMD Catalyst Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75675882-FE70-E58F-45D7-5452984094DC}] AMD Catalyst Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7288D4D9-90E0-2B03-43D0-0BB6D4496577}] AML Free Registry Cleaner 4.25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1] Android Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Android Studio] Audacity 2.0.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1] Belfius Smart Card Reader Chrome-App [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22723509-aab9-4276-8b57-734560faf359}] Belfius Smart Card Reader Chrome-App [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A2575B9-5F74-4357-9B96-3EB102030200}] Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F207466}] BitTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent] Box Sync [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E4CB23AD-61D8-4A7B-9C7D-05CF4013F01F}] Box Sync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{a00eed11-435a-495b-8261-97b2628972f3}] Catalyst Control Center - Branding [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9E9EF3EC-22BC-445C-A883-D8DB2908698D}] Catalyst Control Center Graphics Previews Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{646B8D22-5D18-B1A1-844E-C43CF1695897}] Catalyst Control Center InstallProxy [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC95DB84-04E5-5D45-59B1-435B65D991CF}] Catalyst Control Center Localization All [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E4775E-9714-288C-B7A8-BDBA1AD1C7D1}] ccc-utility64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7D8975F5-A815-4DB4-1A4A-294F210EA848}] CCC Help Chinese Standard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8990A88D-B167-36B3-4984-605BFE33A6D9}] CCC Help Chinese Traditional [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D75B5FF8-EE15-9B27-450A-7866DB8BCBEF}] CCC Help Czech [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{66579C00-99C8-44EE-09B5-3B47DFC9C050}] CCC Help Danish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{42AD4515-3B03-35A8-D1F4-1EDD542F758A}] CCC Help Dutch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1785A6FD-055B-7256-450A-BD3D4162AE14}] CCC Help English [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D5EB03A7-DDC1-2F83-553D-AF619F47BD9F}] CCC Help Finnish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED123CED-074D-FA98-25A4-5AED3DCD7631}] CCC Help French [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4E57155E-C033-6085-3C21-F18961A7F62C}] CCC Help German [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB9F0212-3551-59AE-6444-9CF38B8454AE}] CCC Help Greek [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1CCCE915-9F98-6FE8-8EBE-30EB2051028A}] CCC Help Hungarian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CA9AB4F-0709-BE15-83EE-E9FF9275C540}] CCC Help Italian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40FDBF88-7753-7DB7-EDF8-A1CE1F7F46E4}] CCC Help Japanese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE7AEBCE-9BE8-5B51-D165-BD9ED11257C8}] CCC Help Korean [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F026BE1-B65F-8931-0762-95315172228B}] CCC Help Norwegian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3171AE35-A6C4-262D-DC48-A70E7881D1AB}] CCC Help Polish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C1B8B96-E67C-F009-FBA4-1BED460CA10B}] CCC Help Portuguese [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A771C775-6A86-5180-AAE5-E302AD7EAD73}] CCC Help Russian [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56952941-8156-E841-BC10-B5BF544C2DAA}] CCC Help Spanish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8B09CC01-9FFE-CE60-0197-E440511FB727}] CCC Help Swedish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDC90B31-D2F2-F72F-AF75-89A28AC97718}] CCC Help Thai [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06C73E96-80AD-9700-EA21-054FA1180AAF}] CCC Help Turkish [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E8018CD8-A78E-A363-4C13-E88C9E015F83}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CDBurnerXP [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1] Clean Master [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Clean Master] Connection Keeper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Connection Keeper] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] Degoo [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0792C4F4-3279-4164-BF21-F15741513D83}] DivX Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup] Dropbox [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] Dropbox Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] Energy Star [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}] Evernote v. 5.8.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C15841A6-C20A-11E4-977D-00163E98E7D6}] Everyday Auto Backup 3.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Everyday Auto Backup_is1] f.lux [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Flux] File Shredder 2.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Shredder_is1] FormatFactory 3.6.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FormatFactory] Fotogalerie [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}] Free Folder Hider 12.03 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free Folder Hider_is1] Free YouTube to MP3 Converter version 3.12.59.525 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Free YouTube to MP3 Converter_is1] Freemake Video Downloader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Freemake Video Downloader_is1] Galerie de photos [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}] GlassWire 1.1 (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GlassWire 1.1] GoGear SA4VBE Device Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E7CA2FE9-1BDB-455D-83A3-0B0D1466EAF9}] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Drive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] HP Connected Music (Meridian - installer) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartHPConnectedMusic] HP Customer Experience Enhancements [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] HP Documentation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06600E94-1C34-40E2-AB09-D30AECF78172}] HP PC Hardware Diagnostics UEFI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}] HP Postscript Converter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}] HP Registration Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}] HP SimplePass [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{314FAD12-F785-4471-BCE8-AB506642B9A1}] HP SimplePass [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}] HP Support Assistant [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}] HP Support Information [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}] Icecream Ebook Reader version 1.58 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1] Inst5675 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}] Inst5676 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{878F6913-7421-4713-97F7-0A736EE2A188}] IObit Uninstaller [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObitUninstall] Java 7 Update 79 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F06417079FF}] Java 8 Update 31 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418031F0}] Java 8 Update 31 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218031F0}] Java 8 Update 40 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418040F0}] Java 8 Update 40 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218040F0}] Java SE Development Kit 7 Update 79 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64A3A4F4-B792-11D6-A78A-00B0D0170790}] Jeta Logo Designer FREE EDITION 1.30 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B9552944-5DB8-48C1-890A-9D4419F4984B}_is1] LanTopolog 1.22 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LanTopolog_is1] LibreOffice 4.4.3.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}] LinuxLive USB Creator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LinuxLive USB Creator] Malwarebytes Anti-Malware versie 2.1.6.1022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] ManyCam 4.1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ManyCam] MEGAsync [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MEGAsync] Memory Improve Ultimate Free Version v5.2.1.340 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Memory Improve Ultimate Free Version_is1] Mendeley Desktop 1.12.4 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mendeley Desktop] Microsoft Network Monitor 3.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}] Microsoft Network Monitor: NetworkMonitor Parsers 3.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{963E5FEB-1367-46B9-851D-A957F1A3747F}] Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe] Microsoft OneNote 2013 - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneNoteFreeRetail - nl-nl] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{071c9b48-7c32-4621-a0ac-3f809523288f}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C28BFD4-90C7-3138-87EF-418DC16E9598}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}] Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{929FBD26-9020-399B-9A7A-751D61F0B942}] Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{45898170-E68C-4F02-AA35-C2186BF347A3}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}] Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E169436E-49D8-419B-A5C0-D245EAF99611}] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSVCRT110 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}] MSVCRT110_amd64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9FA781F-3E80-4399-825A-AD3E11C28C77}] Nitro Reader 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9EA981E5-EE67-4662-86F1-58937D31FE07}] OpenVPN 2.3.4-I002 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenVPN] Oracle VM VirtualBox 4.3.28 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}] Ozibox Application Synchronization [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{38A2473B-7C6E-45EF-9C86-6A61C1D251CF}] Ozibox Application Synchronization [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ozibox Application Synchronization] Philips Media Convertor v1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{49DC9658-D26A-4AAB-A83A-2655B8033056}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}] Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A52DB080-D445-49EB-90D2-03B9CD794511}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F929651-F516-4956-90F2-FFBD2CD5D30E}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}] Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C0018D63-C33C-4515-9CE8-3BC8830F79A1}] PrivaZer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PrivaZer] RAMRush 1.0.6.917 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RAMRush_is1] Realtek Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Recovery Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}] SafeHouse Explorer 3.01 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SafeHouseExplorer] SlimPublisher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E5EFA4D1-6283-4F10-997B-A45ECC0C6FDC}] SpeedFan (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpeedFan] Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7] Surfing Protection [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IObit Surfing Protection_is1] TAP-Windows 9.9.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TAP-Windows] The Staking Machine V5.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Staking Machine V5.0] TrackView version 2.2.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{11E6957D-B2E1-4F70-BED8-1B288F1B1574}_is1] Tweaking.com - Advanced System Tweaker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Tweaking.com - Advanced System Tweaker] VASCO Card Reader Plug-In (64-Bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{47659F12-27AE-6400-9B8A-2BD803020304}] VASCO Smart Card Reader Plug-In (User) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c77cb28d-ddd3-46f7-b51a-14a599127ba7}] VC80CRTRedist - 8.0.50727.6195 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] VLC media player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] VSDC Free Video Editor version 3.1.0.354 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VSDC Free Video Editor_is1] Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{03D562B5-C4E2-4846-A920-33178788BE00}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23B93929-FAD4-40E5-96C6-0E977BB87204}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AA806DB1-E882-4834-8102-B5F256BE9A2F}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E3445598-4424-4EE2-B71C-C23325F7FB71}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6B6923B9-8719-425B-916C-CD2908F31AAF}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10640F6D-6AB0-401E-9FC6-A94D19C580BC}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{119A44B5-6237-4D56-8424-5DAE70ED3F4E}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BA68C11-0B63-4192-B880-0B5E3F7949F9}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}] WinHTTrack Website Copier 3.48-21 (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinHTTrack Website Copier_is1] WinPcap 4.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinPcapInst] Wisdom-soft ScreenHunter 6.0 Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wisdom-soft ScreenHunter 6.0 Free] Wise Care 365 3.63 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wise Care 365_is1] Wise Memory Optimizer 3.35 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] Wise Program Uninstaller 1.68 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wise Program Uninstaller_is1] WPS Office (9.1.0.4759) [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPS Office] XMind 6 (v3.5.2) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\XMind_is1] XQDC X-Setup Pro 9.2.100 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\xqdcXSP_is1] yEd Graph Editor 3.14.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\3309-7404-0599-8908] ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll O4 - HKLM\..\Run: [cmsc] "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun O4 - HKLM\..\Run: [DivXMediaServer] -C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] -"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart O4 - HKCU\..\Run: [ftweak_RAMRush] C:\Program Files (x86)\RAMRush\RAMRush.exe O4 - HKCU\..\Run: [f.lux] -"C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow O4 - HKCU\..\Run: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide O4 - Startup: Connection Keeper.lnk = C:\Program Files (x86)\Connection Keeper\conkeepm.exe O4 - Startup: Degoo .lnk = C:\Users\luc\AppData\Local\Degoo\Degoo.exe O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe O4 - Global Startup: Philips GoGear SA4VBE Device Manager.lnk = C:\Program Files (x86)\Philips\GoGear SA4VBE Device Manager\GoGear_SA4VBE_DeviceManager.exe O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Nieuwe notitie - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://www.forgottenbooks.com O17 - HKLM\System\CCS\Services\Tcpip\..\{7CD65A2D-FEF8-499C-AD1E-56FB63F40F72}: NameServer = 192.168.1.1,8.8.8.8 O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: Box Sync Update Service (BoxSyncUpdateService) - Box, Inc. - C:\Program Files\Box\Box Sync\SyncUpdaterService.exe O23 - Service: HP SimplePass Cachedrv Service (Cachedrv server) - Unknown owner - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe O23 - Service: Clean Master Core Service (cmcore) - Kingsoft Corporation - c:\program files (x86)\cmcm\Clean Master\cmcore.exe O23 - Service: Dropbox-update-service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: Dropbox-update-service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [Piriform Ltd] GoogleDriveSync = "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [Google] ftweak_RAMRush = C:\Program Files (x86)\RAMRush\RAMRush.exe [FTweak] f.lux = -"C:\Users\luc\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow [file not found] GlassWire = "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide [SecureMix LLC] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} SimplePass = C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui [Hewlett-Packard] OPBHOBroker = C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [Hewlett-Packard] RTHDVCPL = -"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [file not found] BoxSync = -"C:\Program Files\Box\Box Sync\BoxSync.exe" -m [file not found] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} cmsc = "c:\program files (x86)\cmcm\Clean Master\cmtray.exe" -autorun [Kingsoft Corporation] DivXMediaServer = -C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [file not found] DivXUpdate = -"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [file not found] Dropbox = "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {10921475-03CE-4E04-90CE-E2E7EF20C814}\(Default) = ExplorerWnd Helper -> {HKLM...CLSID} = ExplorerWnd Helper \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [IObit] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [Oracle Corporation] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [Oracle Corporation] {92EF2EAD-A7CE-4424-B0DB-499CF856608E}\(Default) = (no title provided) -> {HKLM...CLSID} = Evernote extension \InProcServer32\(Default) = C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll [Evernote Corp., 305 Walnut Street, Redwood City, CA 94063] -> {HKLM...Wow...CLSID} = Evernote extension \InProcServer32\(Default) = C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [Evernote Corp., 305 Walnut Street, Redwood City, CA 94063] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ BoxSyncFileLocked\(Default) = {2a607da5-abe8-358e-a881-c0f5faf2d3a5} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] BoxSyncFileLockedByOther\(Default) = {f7d2951f-0b6b-346c-99ec-69cffc30a364} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] BoxSyncNotSynced\(Default) = {5ea95e3d-3e46-3812-b03c-49785fa67d41} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] BoxSyncProblem\(Default) = {a88b7184-bfa1-3d14-8efb-2225df9699bc} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] BoxSyncSynced\(Default) = {c89f9943-8f58-3eca-bd55-a658f53b2f48} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] ###MegaShellExtPending\(Default) = {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -> {HKLM...CLSID} = ###MegaShellExtPending \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] ###MegaShellExtSynced\(Default) = {05B38830-F4E9-4329-978B-1DD28605D202} -> {HKLM...CLSID} = ###MegaShellExtSynced \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] ###MegaShellExtSyncing\(Default) = {0596C850-7BDD-4C9D-AFDF-873BE6890637} -> {HKLM...CLSID} = ###MegaShellExtSyncing \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] GDriveBlacklistedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedEditOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSharedViewOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncedOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] GDriveSyncingOverlay\(Default) = {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -> {HKLM...CLSID} = Google Drive Shell extension \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [Google] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt1 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt2 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt5 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt6 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt5\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt3 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt6\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt7 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt7\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt4 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] DropboxExt8\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKLM...Wow...CLSID} = DropboxExt8 Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] ###MegaShellExtPending\(Default) = {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -> {HKLM...Wow...CLSID} = ###MegaShellExtPending \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] ###MegaShellExtSynced\(Default) = {05B38830-F4E9-4329-978B-1DD28605D202} -> {HKLM...Wow...CLSID} = ###MegaShellExtSynced \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] ###MegaShellExtSyncing\(Default) = {0596C850-7BDD-4C9D-AFDF-873BE6890637} -> {HKLM...Wow...CLSID} = ###MegaShellExtSyncing \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} = PrivaZer -> {HKLM...CLSID} = PrivaZer Context Menu \InProcServer32\(Default) = C:\PROGRA~2\PrivaZer\PrivaMenu5.dll [null data] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {5E2121EE-0300-11D4-8D3B-444553540000} = Catalyst Context Menu extension -> {HKLM...CLSID} = SimpleShlExt Class \InProcServer32\(Default) = c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [Advanced Micro Devices, Inc.] {5FCD4425-CA3A-48F4-A57C-B8A75C32ACB1} = NSE_WithSubFld -> {HKLM...CLSID} = NSE_WithSubFld \InProcServer32\(Default) = C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll [null data] {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] {05B38830-F4E9-4329-978B-1DD28605D202} = ###MegaShellExtSynced -> {HKLM...CLSID} = ###MegaShellExtSynced \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] {056D528D-CE28-4194-9BA3-BA2E9197FF8C} = ###MegaShellExtPending -> {HKLM...CLSID} = ###MegaShellExtPending \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] {0596C850-7BDD-4C9D-AFDF-873BE6890637} = ###MegaShellExtSyncing -> {HKLM...CLSID} = ###MegaShellExtSyncing \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] {736AF091-C361-49B4-A928-87C586130D33} = DeleteFiles -> {HKLM...CLSID} = Delete Files \InProcServer32\(Default) = C:\PROGRA~1\FILESH~1\fsshell.dll [null data] {872A9397-E0D6-4e28-B64D-52B8D0A7EA35} = Display CPL Extension -> {HKLM...CLSID} = DisplayCplExt Class \InProcServer32\(Default) = c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiama64.dll [Advanced Micro Devices, Inc.] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {B19ED566-D419-470b-B111-3C89040BC027} = IObitUnstaler -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] {40CC864B-947A-4e5d-A2E5-DB6777B55D8F} = DivX MKV Icon Handler Shell Extension -> {HKLM...CLSID} = DivX MKV Icon Handler Class \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler.dll [null data] {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = LibreOffice Infotip Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation] {3B092F0C-7696-40E3-A80F-68D74DA84210} = LibreOffice Thumbnail Viewer -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation] {63542C48-9552-494A-84F7-73AA6A7C99C1} = LibreOffice Property Sheet Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation] {AE424E85-F6DF-4910-A6A9-438797986431} = LibreOffice Property Handler -> {HKLM...CLSID} = LibreOffice Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\propertyhdl_x64.dll [The Document Foundation] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = LibreOffice Column Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {05B38830-F4E9-4329-978B-1DD28605D202} = ###MegaShellExtSynced -> {HKLM...Wow...CLSID} = ###MegaShellExtSynced \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] {056D528D-CE28-4194-9BA3-BA2E9197FF8C} = ###MegaShellExtPending -> {HKLM...Wow...CLSID} = ###MegaShellExtPending \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] {0596C850-7BDD-4C9D-AFDF-873BE6890637} = ###MegaShellExtSyncing -> {HKLM...Wow...CLSID} = ###MegaShellExtSyncing \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] {40CC864B-947A-4e5d-A2E5-DB6777B55D8F} = DivX MKV Icon Handler Shell Extension -> {HKLM...Wow...CLSID} = DivX MKV Icon Handler Class \InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Player\DPXIconHandler32.dll [null data] {087B3AE3-E237-4467-B8DB-5A38AB959AC9} = LibreOffice Infotip Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl.dll [The Document Foundation] {3B092F0C-7696-40E3-A80F-68D74DA84210} = LibreOffice Thumbnail Viewer -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl.dll [The Document Foundation] {63542C48-9552-494A-84F7-73AA6A7C99C1} = LibreOffice Property Sheet Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl.dll [The Document Foundation] {AE424E85-F6DF-4910-A6A9-438797986431} = LibreOffice Property Handler -> {HKLM...Wow...CLSID} = LibreOffice Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\propertyhdl.dll [The Document Foundation] {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = LibreOffice Column Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl.dll [The Document Foundation] HKLM\SYSTEM\CurrentControlSet\Control\Lsa\ <> ("" [file not found]) Security Packages = "" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters\ {F3F1B0FA-4775-41d8-8578-436772D93FB4}\(Default) = OmniPassCredProv -> {HKLM...CLSID} = OmniPassCredProv \InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [Softex Inc..] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {1ee7337f-85ac-45e2-a23c-37c753209769}\(Default) = Smartcard WinRT Provider -> {HKLM...CLSID} = Smartcard WinRT Provider \InProcServer32\(Default) = C:\WINDOWS\system32\SmartcardCredentialProvider.dll [MS] {F3F1B0FA-4775-41d8-8578-436772D93FB4}\(Default) = OmniPassCredProv -> {HKLM...CLSID} = OmniPassCredProv \InProcServer32\(Default) = C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [Softex Inc..] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ ###MegaContextMenuExt\(Default) = {0229E5E7-09E9-45CF-9228-0228EC7D5F17} -> {HKLM...CLSID} = ###MegaContextMenuExt \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] -> {HKLM...Wow...CLSID} = ###MegaContextMenuExt \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] BoxContextMenuClient\(Default) = {87768833-3c5c-30fb-af03-ba34bc95d084} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKLM...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] PrivaZer\(Default) = {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} -> {HKLM...CLSID} = PrivaZer Context Menu \InProcServer32\(Default) = C:\PROGRA~2\PrivaZer\PrivaMenu5.dll [null data] VIDEOTRANS\(Default) = {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} -> {HKLM...Wow...CLSID} = AmvTransform Class \InProcServer32\(Default) = C:\Program Files (x86)\Philips Media Convertor v1.2\AMVConverter\AmvTransform.dll [empty string] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ DeleteFiles\(Default) = {736AF091-C361-49B4-A928-87C586130D33} -> {HKLM...CLSID} = Delete Files \InProcServer32\(Default) = C:\PROGRA~1\FILESH~1\fsshell.dll [null data] PrivaZer\(Default) = {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} -> {HKLM...CLSID} = PrivaZer Context Menu \InProcServer32\(Default) = C:\PROGRA~2\PrivaZer\PrivaMenu5.dll [null data] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ ###MegaContextMenuExt\(Default) = {0229E5E7-09E9-45CF-9228-0228EC7D5F17} -> {HKLM...CLSID} = ###MegaContextMenuExt \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX64.dll [null data] -> {HKLM...Wow...CLSID} = ###MegaContextMenuExt \InProcServer32\(Default) = C:\ProgramData\MEGAsync\ShellExtX32.dll [null data] 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] BoxContextMenuClient\(Default) = {87768833-3c5c-30fb-af03-ba34bc95d084} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKLM...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] GDContextMenu\(Default) = {BB02B294-8425-42E5-983F-41A1FA970CD6} -> {HKLM...CLSID} = GDContextMenu Class \InProcServer32\(Default) = C:\Program Files (x86)\Google\Drive\contextmenu64.dll [Google] IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] PrivaZer\(Default) = {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} -> {HKLM...CLSID} = PrivaZer Context Menu \InProcServer32\(Default) = C:\PROGRA~2\PrivaZer\PrivaMenu5.dll [null data] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ ACE\(Default) = {5E2121EE-0300-11D4-8D3B-444553540000} -> {HKLM...CLSID} = SimpleShlExt Class \InProcServer32\(Default) = c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [Advanced Micro Devices, Inc.] DropboxExt\(Default) = {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [Dropbox, Inc.] -> {HKLM...Wow...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [Dropbox, Inc.] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\(Default) = LibreOffice Column Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl_x64.dll [The Document Foundation] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\LibreOffice 4\program\shlxthdl\shlxthdl.dll [The Document Foundation] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ IObitUnstaler\(Default) = {B19ED566-D419-470b-B111-3C89040BC027} -> {HKLM...CLSID} = IObitUnstaler Class \InProcServer32\(Default) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight64.dll [IObit] PrivaZer\(Default) = {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} -> {HKLM...CLSID} = PrivaZer Context Menu \InProcServer32\(Default) = C:\PROGRA~2\PrivaZer\PrivaMenu5.dll [null data] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\ NoChangingWallpaper = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Control Panel|Display| Disable changing wallpaper} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoLowDiskSpaceChecks = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoPreviewPane = (REG_DWORD) dword:0x00000000 {unrecognized setting} StartMenuLogOff = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoClose = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands} NoTrayContextMenu = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoSetTaskbar = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Prevent changes to Taskbar and Start Menu Settings} NoFolderOptions = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Windows Components|Windows Explorer| Removes the Folder Options menu item from the Tools menu} NoViewContextMenu = (REG_DWORD) dword:0x00000000 {unrecognized setting} TaskbarNoNotification = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoWinkeys = (REG_DWORD) dword:0x00000000 {Disable Windows+X hotkeys} NoTrayItemsDisplay = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|Start Menu and Taskbar| Hide the notification area} HideClock = (REG_DWORD) dword:0x00000000 {unrecognized setting} HideSCANetwork = (REG_DWORD) dword:0x00000000 {unrecognized setting} HideSCAVolume = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoRecentDocsNetHood = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoChangeStartMenu = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoControlPanel = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\ DisableRegistryTools = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to registry editing tools} DisableTaskMgr = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoDispAppearancePage = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKCU\Software\Policies\Microsoft\Windows\System\ DisableCMD = (REG_DWORD) dword:0x00000000 {User Configuration|Administrative Templates|System| Prevent access to the command prompt} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ PromptOnSecureDesktop = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Switch to the secure desktop when prompting for elevation} EnableCursorSuppression = (REG_DWORD) dword:0x00000001 {unrecognized setting} FilterAdministratorToken = (REG_DWORD) dword:0x00000001 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Admin Approval Mode for the Built-in Administrator Account} VerboseStatus = (REG_DWORD) dword:0x00000001 {unrecognized setting} EnableFirstLogonAnimation = (REG_DWORD) dword:0x00000000 {unrecognized setting} NoDispCPL = (REG_DWORD) dword:0x00000000 {unrecognized setting} SynchronousUserGroupPolicy = (REG_DWORD) dword:0x00000001 {unrecognized setting} DisplayLastLogonInfo = (REG_DWORD) dword:0x00000000 {unrecognized setting} HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\ DisableConfig = (REG_DWORD) dword:0x00000000 {Computer Configuration|Administrative Templates|System|System Restore| Turn off Configuration} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\luc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ CDBurnerXP\ Provider = CDBurnerXP InvokeProgID = CDBurnerXPOpen InvokeVerb = open HKLM\SOFTWARE\Classes\CDBurnerXPOpen\shell\open\command\(Default) = "C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe" /od "%1" [null data] DropboxAutoplay\ Provider = Dropbox InvokeProgID = Dropbox.AutoplayEventHandler InvokeVerb = import HKLM\SOFTWARE\Classes\Dropbox.AutoplayEventHandler\shell\import\DropTarget\CLSID = {005A3A96-BAC4-4B0A-94EA-C0CE100EA736} -> {HKLM...CLSID} = Dropbox Autoplay COM Server \LocalServer32\(Default) = "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /autoplay [Dropbox, Inc.] MSFhConfigBackup\ Provider = @C:\WINDOWS\system32\fhautoplay.dll,-100 InvokeProgID = FHConfig.AutoPlayHandler InvokeVerb = config HKLM\SOFTWARE\Classes\FHConfig.AutoPlayHandler\shell\config\command\(Default) = fhmanagew -autoplay [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPromptEachTime\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTime HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSPromptEachTimeNoContent\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTimeNoContent HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] Startup items in "luc" & "All Users" startup folders: ----------------------------------------------------- C:\Users\luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Connection Keeper -> shortcut to: C:\Program Files (x86)\Connection Keeper\conkeepm.exe [Gammadyne Corporation] Degoo -> shortcut to: C:\Users\luc\AppData\Local\Degoo\Degoo.exe StartMinimized [Degoo Backup AB] MEGAsync -> shortcut to: C:\ProgramData\MEGAsync\MEGAsync.exe [Mega Limited] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp {++} Philips GoGear SA4VBE Device Manager -> shortcut to: C:\Program Files (x86)\Philips\GoGear SA4VBE Device Manager\GoGear_SA4VBE_DeviceManager.exe -silent [Philips] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] Microsoft OneDrive Auto Update Task-S-1-5-21-2322693781-2597380507-2506105236-1001 -> launches: %localappdata%\Microsoft\OneDrive\OneDrive.exe [MS] Optimize Start Menu Cache Files-S-1-5-21-1042574177-205660189-2733560804-500 -> launches: {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\twinapi.dll [MS] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\SysWOW64\twinapi.dll [MS] Optimize Start Menu Cache Files-S-1-5-21-2322693781-2597380507-2506105236-500 -> launches: {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\twinapi.dll [MS] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\SysWOW64\twinapi.dll [MS] Optimize Start Menu Cache Files-S-1-5-21-3605641489-1874772759-1519610130-500 -> launches: {2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\twinapi.dll [MS] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\SysWOW64\twinapi.dll [MS] Wise Memory Optimizer Task -> launches: C:\Program Files (x86)\Wise\Wise Memory Optimizer\WiseMemoryOptimzer.exe -a [WiseCleaner.com] C:\Windows\System32\Tasks\Badosoft Connectivity Fixer -> launches: "C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe" -m [file not found] C:\Windows\System32\Tasks\GenericSettingsHandler\Windows-Credentials RetrySyncTask_for_S-1-5-21-2322693781-2597380507-2506105236-1001 -> launches: {F063A606-6748-4B89-82A0-3D19D94CE8D3} -> {HKLM...CLSID} = SyncTaskHandler Class \InProcServer32\(Default) = C:\Windows\System32\VaultRoaming.dll [Microsoft] C:\Windows\System32\Tasks\Hewlett-Packard\HP Support Assistant WarrantyChecker -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [null data] WarrantyChecker_CN45U71561 -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /ForDevice:CN45U71561 [null data] WarrantyChecker_DeviceScan -> launches: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 [null data] C:\Windows\System32\Tasks\Microsoft\Office Office Automatic Updates -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False [file not found] Office ClickToRun Service Monitor -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService [file not found] C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework .NET Framework NGEN v4.0.30319 -> (HIDDEN!) launches: {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] .NET Framework NGEN v4.0.30319 64 -> (HIDDEN!) launches: {429BC048-379E-45E0-80E4-EB1977941B5C} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\AppID SmartScreenSpecific -> launches: {9f2b0085-9218-42a1-88b0-9f0e65851666} -> {HKLM...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] -> {HKLM...Wow...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent /increment [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] StartupAppTask -> launches: %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\ApplicationData CleanupTemporaryState -> launches: %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk ProactiveScan -> launches: {cf4270f5-2e43-4468-83b3-a8c45bb33ea1} -> {HKLM...CLSID} = Proactive Scan \InProcServer32\(Default) = C:\Windows\System32\pstask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program BthSQM -> (HIDDEN!) launches: {c8367320-6f85-11e0-a1f0-0800200c9a66} -> {HKLM...CLSID} = BthSQM \InProcServer32\(Default) = C:\WINDOWS\System32\BthSQM.dll [MS] Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\kernelceip.dll [MS] Uploader -> launches: %windir%\system32\WSqmCons.exe -u [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan Data Integrity Scan for Crash Recovery -> (HIDDEN!) launches: {DCFD3EA8-D960-4719-8206-490AE315F94F} -> {HKLM...CLSID} = Data Integrity Scan \InProcServer32\(Default) = C:\Windows\System32\discan.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -h -o -$ [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup Metadata Refresh -> (HIDDEN!) launches: {23C1F3CF-C110-4512-ACA9-7B6174ECE888} -> {HKLM...CLSID} = DsmRefreshTask Class \InProcServer32\(Default) = C:\WINDOWS\System32\DeviceSetupManagerAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup SilentCleanup -> launches: %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive% [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint Diagnostics -> launches: {5b6b6834-34f0-49b9-ad4e-81d4994c7a74} -> {HKLM...CLSID} = Disk Footprint Diagnostics Task \InProcServer32\(Default) = C:\WINDOWS\system32\DfpCommon.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory File History (maintenance mode) -> launches: {89917B7C-A1A6-11DF-8BF6-18A90531A85A} -> {HKLM...CLSID} = FhTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\fhtask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: A9A33436-678B-4c9c-A211-7CC38785E79D -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic ProcessMemoryDiagnosticEvents -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] RunFullMemoryDiagnostic -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts MNO Metadata Parser -> launches: %SystemRoot%\System32\MbaeParserTask.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\WINDOWS\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\WINDOWS\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetCfg BindingWorkItemQueueHandler -> launches: {5AA199A0-1CED-43A5-9B85-3226086738A3} -> {HKLM...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\System32\netcfgx.dll [MS] -> {HKLM...Wow...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\SysWOW64\netcfgx.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\PerfTrack BackgroundConfigSurveyor -> (HIDDEN!) launches: {EA9155A3-8A39-40B4-8963-D3C761B18371} -> {HKLM...CLSID} = PerfTrack TaskHandler class \InProcServer32\(Default) = C:\Windows\System32\perftrack.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PI Secure-Boot-Update -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] Sqm-Tasks -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play Device Install Group Policy -> (HIDDEN!) launches: {60400283-b242-4fa8-8c25-caf695b88209} -> {HKLM...CLSID} = Device Installation Group Policy Task Handler \InProcServer32\(Default) = C:\Windows\System32\pnppolicy.dll [MS] Device Install Reboot Required -> (HIDDEN!) launches: {48794782-6a1f-47b9-bd52-1d5f95d49c1b} -> {HKLM...CLSID} = Device Installation Reboot Dialog Task \InProcServer32\(Default) = C:\Windows\System32\pnpui.dll [MS] Plug and Play Cleanup -> launches: {DEF03232-9688-11E2-BE7F-B4B52FD966FF} -> {HKLM...CLSID} = Plug and Play Maintenance Task \InProcServer32\(Default) = C:\Windows\System32\pnpclean.dll [MS] Sysprep Generalize Drivers -> launches: %SystemRoot%\System32\drvinst.exe 6 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: {927ea2af-1c54-43d5-825e-0074ce028eee} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\energytask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\WINDOWS\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\WINDOWS\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools MRT_HB -> launches: C:\WINDOWS\system32\MRT.exe /EHB /Q [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Servicing StartComponentCleanup -> launches: 752073A1-23F2-4396-85F0-8FDB879ED0ED [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync BackgroundUploadTask -> (HIDDEN!) launches: {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} -> {HKLM...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] BackupTask -> (HIDDEN!) launches: {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} -> {HKLM...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] NetworkStateChangeTask -> (HIDDEN!) launches: {A4173A49-F373-4475-9A0F-2D615204DC20} -> {HKLM...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx launchtrayprocess -> launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS] refreshgwxconfig -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers Logon -> launches: %windir%\system32\GWX\GWX.exe /event:2 [MS] OutOfIdle -> launches: %windir%\system32\GWX\GWX.exe /event:1 [MS] refreshgwxconfig-B -> launches: schtasks /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CreateObjectTask -> (HIDDEN!) launches: {990a9f8f-301f-45f7-8d0e-68c5952dba43} -> {HKLM...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] -> {HKLM...Wow...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] FamilySafetyMonitor -> launches: %windir%\System32\wpcmon.exe [MS] FamilySafetyRefresh -> launches: {EBF00FCB-0769-4b81-9BEC-6C05514111AA} -> {HKLM...CLSID} = FamilySafety.WebSync \InProcServer32\(Default) = C:\Windows\System32\WpcWebSync.dll [MS] IndexerAutomaticMaintenance -> launches: {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} -> {HKLM...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive Idle Sync Maintenance Task -> launches: {bf6c1e47-86ec-4194-9ce5-13c15dcb2001} [InProcServer32 entry not found] Routine Maintenance Task -> launches: {1b1f472e-3221-4826-97db-2c2324d389ae} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform SvcRestartTask -> (HIDDEN!) launches: {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] SvcRestartTaskLogon -> (HIDDEN!) launches: {b1aebb5d-ead9-4476-b375-9c3ed9f32afc} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] SvcRestartTaskNetwork -> (HIDDEN!) launches: {b1aebb5d-ead9-4476-b375-9c3ed9f32afc} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort SpaceAgentTask -> launches: %windir%\system32\SpaceAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain WsSwapAssessmentTask -> launches: %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TaskScheduler Idle Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Maintenance Configurator -> launches: {645E29EA-4B0A-464C-8B7D-1A6B9F9D92A8} -> {HKLM...CLSID} = Maintenance Configurator \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Manual Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Regular Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization ForceSynchronizeTime -> launches: {A31AD6C2-FF4C-43D4-8E90-7101023096F9} -> {HKLM...CLSID} = Time Synchronization Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TimeSyncTask.dll [MS] SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone SynchronizeTimeZone -> launches: %windir%\system32\tzsync.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TPM Tpm-Maintenance -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender Windows Defender Cache Maintenance -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance [MS] Windows Defender Cleanup -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup [MS] Windows Defender Scheduled Scan -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob [MS] Windows Defender Verification -> launches: C:\Program Files\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate AUScheduledInstall -> launches: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} [InProcServer32 entry not found] Scheduled Start -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] Scheduled Start With Network -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WOF WIM-Hash-Management -> launches: {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} -> {HKLM...CLSID} = WOF Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\WofTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders Work Folders Logon Synchronization -> launches: {97d47d56-3777-49fb-8e8f-90d7e30e1a1e} -> {HKLM...CLSID} = Work Folder Logon Trigger Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] Work Folders Maintenance Work -> launches: {63260bce-a3fb-4a34-aa51-d4d8e877b62b} -> {HKLM...CLSID} = Work Folder Maintenance Task Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WS Badge Update -> launches: {00CCDDF6-5107-424D-853D-3907AE5502DC} -> {HKLM...CLSID} = WinStore Tile Badge Updater \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] License Validation -> (HIDDEN!) launches: rundll32.exe WSClient.dll,WSpTLR licensing [MS] Sync Licenses -> launches: {10F591BE-3C84-418A-86DD-BAA002E2F36E} -> {HKLM...CLSID} = WinStore License Sync task \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] WSRefreshBannedAppsListTask -> (HIDDEN!) launches: rundll32.exe WSClient.dll,RefreshBannedAppsList [MS] WSTask -> launches: {E52C9A25-F3E8-49E4-BAA7-FAD0EF620129} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\WSService.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-2322693781-2597380507-2506105236-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {A95FE080-8F5D-11D2-A20B-00AA003C157A}\ ButtonText = @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 MenuText = @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 Script = C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html [null data] {EE932B49-D5C0-4D19-A3DA-CE0849258DE6}\ ButtonText = Free YouTube Download MenuText = Free YouTube Download CLSIDExtension = {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {A95FE080-8F5D-11D2-A20B-00AA003C157A}\ ButtonText = @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 MenuText = @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 Script = C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html [null data] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ HP SimplePass Cachedrv Service, Cachedrv server, "C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe" [Softex Inc.] HP SimplePass Service, omniserv, C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [Softex Inc.] AMD External Events Utility, AMD External Events Utility, C:\WINDOWS\system32\atiesrxx.exe [AMD] Clean Master Core Service, cmcore, "c:\program files (x86)\cmcm\Clean Master\cmcore.exe" /service cmcore [Kingsoft Corporation] Diagnostics Tracking Service, DiagTrack, C:\WINDOWS\System32\svchost.exe -k utcsvc {C:\WINDOWS\system32\diagtrack.dll [MS]} GlassWire Control Service, GlassWire, "C:\Program Files (x86)\GlassWire\GWCtlSrv.exe" [SecureMix LLC] HP Support Assistant Service, HP Support Assistant Service, "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [null data] Hulpservice voor toepassingshost, AppHostSvc, C:\WINDOWS\system32\svchost.exe -k apphost {C:\WINDOWS\system32\inetsrv\apphostsvc.dll [MS]} Microsoft Office ClickToRun Service, ClickToRunSvc, "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [MS] Network Connection Broker, NcbService, C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted {C:\WINDOWS\System32\ncbservice.dll [MS]} Realtek Audio Service, RtkAudioService, C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [Realtek Semiconductor] Windows Defender Network Inspection Service, WdNisSvc, "C:\Program Files\Windows Defender\NisSrv.exe" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> MCODS, <> mcpltsvc, (title not found) <> SystemEventsBroker, Service <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> MCODS, <> mcpltsvc, (title not found) <> SystemEventsBroker, Service <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ HP B111 Status Monitor\Driver = hpinkstsB111LM.dll [Hewlett-Packard Co.] HP Universal Port Monitor\Driver = hpbprtmon.dll [Hewlett-Packard] Nitro PDF Port Monitor\Driver = nitrolocalmon2.dll [Nitro PDF Software] ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\luc\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\luc\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\luc\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=228 folders=87 1864849949 bytes) ==== Empty Temp Folders ====================== C:\Users\Administrator\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\ingrid\AppData\Local\Temp emptied successfully C:\Users\luc\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\luc\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 21/06/2015 at 12:14:45.55 ======================