Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by P‹erre on di 14/07/2015 at 21:24:02,26. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PERRE~1\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\nvvsvc.exe C:\Windows\system32\dwm.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhostex.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\dashost.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files (x86)\Online Games Manager\ogmservice.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\conhost.exe C:\Windows\system32\conhost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\AVAST Software\Avast\ng\ngservice.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Windows\System32\rundll32.exe C:\VIA_XHCI\usb3Monitor.exe C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe C:\Windows\system32\GWX\GWX.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.6.1502.901_x86__8wekyb3d8bbwe\Solitaire.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Pïerre\Downloads\zoek.exe C:\Windows\system32\conhost.exe ==== System Restore Info ====================== 14/07/2015 21:26:27 Zoek.exe System Restore Point Created Successfully. ==== Windows Installer Info ====================== 7-Zip 9.22 (x64 edition) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\96F071321C0420729022000010000000]C:\Windows\Installer\21addb.msi ACS Unified PC/SC Driver 4.0.0.4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16917DE6E9456544F903AEF780699CF1]C:\Windows\Installer\3e2ffe.msi Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CBE729434D8935D489EB15D05F99F905]c:\Windows\Installer\cd81b.msi Adobe Community Help [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8EBD2D00D340387A77EACC6998A237E]C:\Windows\Installer\2237ed5.msi Adobe Media Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5CD9A3EDD5A9584669264317267C4EAC]C:\Windows\Installer\2237f05.msi Adobe Reader XI (11.0.10) - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B744BA0000000010]C:\Windows\Installer\cd839.msi Asmedia ASM106x SATA Host Controller Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5FE249168DC24D7468C9E2A9B80B581F]C:\Windows\Installer\af255.msi Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED365428DA576614D90C6B84F2024766]C:\Windows\Installer\3e3004.msi Contents [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6671B0EEA35115241A298FDFD3497111]c:\Windows\Installer\1ff9ad9.msi Corel PaintShop Pro X7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25269171555853E4C9607F3441D3674D]c:\Windows\Installer\37f70c.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\Windows\Installer\12759a5.msi ICA [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\642A88668E6FDA848960D885239E1FD5]c:\Windows\Installer\1ffa9b3.msi ICA [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D05F6717586EC947B13567F75EEF3D0]c:\Windows\Installer\37f71f.msi Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\71460E5BCA4A52243BE6E7439C61617E]C:\Windows\Installer\cd80a.msi IPM_PSP_COM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8FD9F47106CAA684F84F2A82134DE8D0]c:\Windows\Installer\37f715.msi IPM_PSP_COM64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2AF407712D1BC5D42AD3DB0A2DCBC97C]c:\Windows\Installer\37f71c.msi IPM_VS_Pro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E8E01CCC1DF755D4782C0D5ABA0C6AB2]c:\Windows\Installer\1ff9ae2.msi Java 8 Update 45 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2681408540F]C:\Windows\Installer\cd82a.msi Java 8 Update 45 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208540F]C:\Windows\Installer\cd820.msi Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D213EF3268BEC04E8E46A8DBA6F7263]C:\Windows\Installer\9c1e2.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]C:\Windows\Installer\cd80f.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1af2a8da7e60d0b429d7e6453b3d0182]C:\Windows\Installer\f317d3.msi Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9eab5ec6ac3d99b498a1d16c1c815acf]C:\Windows\Installer\3c7ca51.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\3c7ca4b.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\f317b5.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\37f6f0.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]C:\Windows\Installer\f317c3.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]C:\Windows\Installer\9db35.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\Windows\Installer\37f6eb.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\f317bc.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\9db3c.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]C:\Windows\Installer\cc704.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\caad4.msi Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C9F8B73BF303523781852719CD9C700]C:\Windows\Installer\37f704.msi Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3AEB2FCAE628F23AAB933F1E743AB79]C:\Windows\Installer\37f6ff.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\37f6fa.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\37f6f5.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4BEA594979BAED93C82408E6FE57CE7A]C:\Windows\Installer\9db0d.msi Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A95FF38022A7A3CBE8D50CBBABA178]C:\Windows\Installer\9db2e.msi Microsoft_VC80_ATL_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8F7463F0D15ECCF48826A9D8C0A5FC52]C:\Windows\Installer\20d74.msi Microsoft_VC80_ATL_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B850D529A465A3444B2BE7096C34E255]C:\Windows\Installer\20d7c.msi Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\Windows\Installer\20d3c.msi Microsoft_VC80_CRT_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19DA96544F74E9D4F89C17E73CD2A71E]C:\Windows\Installer\20d84.msi Microsoft_VC80_MFC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\20B91A1DE71869244AB57058F37DD475]C:\Windows\Installer\20d54.msi Microsoft_VC80_MFC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DAB1C8C6E456414DA70A3A83D56963C]C:\Windows\Installer\20d94.msi Microsoft_VC80_MFCLOC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BBB29DFF28DE24A8C3E460F249A47B]C:\Windows\Installer\20d4c.msi Microsoft_VC80_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\811CF9E1D156439479EB5EC3EAC5D754]C:\Windows\Installer\20d8c.msi Microsoft_VC90_ATL_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E873E3303DA65DA4DBBEBC6DB91340C6]C:\Windows\Installer\20d5c.msi Microsoft_VC90_ATL_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7937558D24AF684793B2ABC2C735239]C:\Windows\Installer\20d9c.msi Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\Windows\Installer\20d44.msi Microsoft_VC90_CRT_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D0AC3A29DC55D5C4AB59C562002CF062]C:\Windows\Installer\20d6c.msi Microsoft_VC90_MFC_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B5DEF536D6C2EB94786EA7F6DC22CBA5]C:\Windows\Installer\20d64.msi Microsoft_VC90_MFC_x86_x64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E9B274AFFA0B7F42BD56FF4E829A8BA]C:\Windows\Installer\20da4.msi Nikon Message Center 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\44EE410B791931546931176EBEB115E4]C:\Windows\Installer\1eb9a2.msi Nikon Movie Editor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3933DAC50CEEEC44F939CBAA63B577BF]C:\Windows\Installer\5db07c.msi Office 15 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80000000000000000F01FEC]C:\Windows\Installer\ef0e7.msi Office 15 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109F80000000100000000F01FEC]C:\Windows\Installer\ef015.msi Office 15 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00005109C80031400000000000F01FEC]C:\Windows\Installer\ef051.msi PDF Settings CS6 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\77EAAEFBF7DB43542B68C9C54B96E71B]C:\Windows\Installer\66deb.msi Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\598A4D02C84788D478C1DF1B96B51096]C:\Windows\Installer\3746d.msi PSPPContent [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4FB982716285B7442AA03708440D3B5E]c:\Windows\Installer\37f70f.msi PSPPHelp [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED0F5371371B6114ABCB56A321BF2983]c:\Windows\Installer\37f712.msi PSPPro64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\75511571034CA684BAA5788A31B46231]c:\Windows\Installer\37f719.msi Qualcomm Atheros Bandwidth Control Filter Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\82B9C08C99FCC134888CB8F1B9A681F2]C:\Windows\Installer\af24a.msi Qualcomm Atheros Killer E220x Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3B58A2DD5C4636247AFAF416AFF563A9]C:\Windows\Installer\af244.msi Qualcomm Atheros Network Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\617C46372121EAE40B9C3AD1E197B78F]C:\Windows\Installer\af250.msi Setup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E4A880713FC321F429D6A2E908588BCE]c:\Windows\Installer\37f708.msi Setup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9AEE6C68993D0E49BF134BC12C817C5]c:\Windows\Installer\1ff9aca.msi Share [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\541AD7DA811396D4EB983DDE5101DB51]c:\Windows\Installer\1ff9ad0.msi Share64 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C5908003615BE5A4B8990F1E312CC127]c:\Windows\Installer\1ff9acd.msi SmartSound Common Data [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9682A8BAC035C04C98FDB37455EE78F]c:\Windows\Installer\1ffa9bc.msi SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF3AB8F29AF197246B6917A2BB210FF9]c:\Windows\Installer\1ffa9c0.msi swMSM [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C43C21609E58D74B9C5F017D78D7262]C:\Windows\Installer\cd82f.msi ViewNX 2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\206EB536C9BB95C4C85C399F63E6A812]C:\Windows\Installer\5db075.msi VSClassic [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\05E6900DE99D87149A885E91B2F6B619]c:\Windows\Installer\1ff9adc.msi VSHelp [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D0DD9DA5E6D484DAC8DFB3FAD54405]c:\Windows\Installer\1ffa9b0.msi VSPro [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DCE7D88D371F79A4699FB2505CCD09CD]c:\Windows\Installer\1ff9adf.msi Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D00C83EB86A81348A6A7F4D5B1BFDE0]C:\Windows\Installer\1ffa9b9.msi ==== Empty Folders Check ====================== C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully C:\PROGRA~2\RelayStasis deleted successfully C:\PROGRA~2\Wondershare deleted successfully C:\Program Files\log deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully ==== Checking Systemdrive for Symlinks ====================== Volume in drive C has no label. Volume Serial Number is D8D5-3974 Directory of C:\ 22/08/2013 16:45 Documents and Settings [C:\Users] 0 File(s) 0 bytes Directory of C:\Program Files\Windows NT 15/04/2015 15:25 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 File(s) 0 bytes Directory of C:\ProgramData 22/08/2013 16:45 Application Data [C:\ProgramData] 15/04/2015 15:25 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 16:45 Desktop [C:\Users\Public\Desktop] 15/04/2015 15:25 Documenten [C:\Users\Public\Documents] 22/08/2013 16:45 Documents [C:\Users\Public\Documents] 15/04/2015 15:25 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 15/04/2015 15:25 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\ProgramData\Microsoft\Windows\Start Menu 15/04/2015 15:25 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\ProgramData\Oracle\Java\javapath 15/04/2015 16:09 java.exe [C:\Program Files\Java\jre1.8.0_45\bin\java.exe] 15/04/2015 16:09 javaw.exe [C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe] 15/04/2015 16:09 javaws.exe [C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe] 3 File(s) 0 bytes Directory of C:\Users 22/08/2013 16:45 All Users [C:\ProgramData] 22/08/2013 16:45 Default User [C:\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\All Users 22/08/2013 16:45 Application Data [C:\ProgramData] 15/04/2015 15:25 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 16:45 Desktop [C:\Users\Public\Desktop] 15/04/2015 15:25 Documenten [C:\Users\Public\Documents] 22/08/2013 16:45 Documents [C:\Users\Public\Documents] 15/04/2015 15:25 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 15/04/2015 15:25 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\All Users\Microsoft\Windows\Start Menu 15/04/2015 15:25 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\All Users\Oracle\Java\javapath 15/04/2015 16:09 java.exe [C:\Program Files\Java\jre1.8.0_45\bin\java.exe] 15/04/2015 16:09 javaw.exe [C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe] 15/04/2015 16:09 javaws.exe [C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe] 3 File(s) 0 bytes Directory of C:\Users\Default 22/08/2013 16:45 Application Data [C:\Users\Default\AppData\Roaming] 22/08/2013 16:45 Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 22/08/2013 16:45 Local Settings [C:\Users\Default\AppData\Local] 15/04/2015 15:25 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 15/04/2015 15:25 Mijn documenten [C:\Users\Default\Documents] 22/08/2013 16:45 My Documents [C:\Users\Default\Documents] 22/08/2013 16:45 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 15/04/2015 15:25 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 16:45 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 22/08/2013 16:45 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 15/04/2015 15:25 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 22/08/2013 16:45 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/08/2013 16:45 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 22/08/2013 16:45 Application Data [C:\Users\Default\AppData\Local] 15/04/2015 15:25 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 16:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local\Microsoft\Windows 22/08/2013 16:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 15/04/2015 15:25 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 15/04/2015 15:25 Mijn afbeeldingen [C:\Users\Default\Pictures] 15/04/2015 15:25 Mijn muziek [C:\Users\Default\Music] 15/04/2015 15:25 Mijn video's [C:\Users\Default\Videos] 22/08/2013 16:45 My Music [C:\Users\Default\Music] 22/08/2013 16:45 My Pictures [C:\Users\Default\Pictures] 22/08/2013 16:45 My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Gast 18/04/2015 06:44 Application Data [C:\Users\Gast\AppData\Roaming] 18/04/2015 06:44 Cookies [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCookies] 18/04/2015 06:44 Local Settings [C:\Users\Gast\AppData\Local] 18/04/2015 06:44 Menu Start [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu] 18/04/2015 06:44 Mijn documenten [C:\Users\Gast\Documents] 18/04/2015 06:44 NetHood [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 18/04/2015 06:44 Netwerkprinteromgeving [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 18/04/2015 06:44 Recent [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Recent] 18/04/2015 06:44 SendTo [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\SendTo] 18/04/2015 06:44 Sjablonen [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Local 18/04/2015 06:44 Application Data [C:\Users\Gast\AppData\Local] 18/04/2015 06:44 Geschiedenis [C:\Users\Gast\AppData\Local\Microsoft\Windows\History] 18/04/2015 06:44 Temporary Internet Files [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Local\Microsoft\Windows 18/04/2015 06:44 Temporary Internet Files [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache 18/04/2015 06:44 Content.IE5 [C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Directory of C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu 18/04/2015 06:44 Programma's [C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Gast\Documents 18/04/2015 06:44 Mijn afbeeldingen [C:\Users\Gast\Pictures] 18/04/2015 06:44 Mijn muziek [C:\Users\Gast\Music] 18/04/2015 06:44 Mijn video's [C:\Users\Gast\Videos] 0 File(s) 0 bytes Directory of C:\Users\Public\Documents 15/04/2015 15:25 Mijn afbeeldingen [C:\Users\Public\Pictures] 15/04/2015 15:25 Mijn muziek [C:\Users\Public\Music] 15/04/2015 15:25 Mijn video's [C:\Users\Public\Videos] 22/08/2013 16:45 My Music [C:\Users\Public\Music] 22/08/2013 16:45 My Pictures [C:\Users\Public\Pictures] 22/08/2013 16:45 My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes Directory of C:\Users\P‹erre 15/04/2015 15:29 Application Data [C:\Users\P‹erre\AppData\Roaming] 15/04/2015 15:29 Cookies [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCookies] 15/04/2015 15:29 Local Settings [C:\Users\P‹erre\AppData\Local] 15/04/2015 15:29 Menu Start [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Start Menu] 15/04/2015 15:29 Mijn documenten [C:\Users\P‹erre\Documents] 15/04/2015 15:29 NetHood [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 15/04/2015 15:29 Netwerkprinteromgeving [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 15/04/2015 15:29 Recent [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Recent] 15/04/2015 15:29 SendTo [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\SendTo] 15/04/2015 15:29 Sjablonen [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\Local 15/04/2015 15:29 Application Data [C:\Users\P‹erre\AppData\Local] 15/04/2015 15:29 Geschiedenis [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\History] 15/04/2015 15:29 Temporary Internet Files [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\Local\Microsoft\Windows 15/04/2015 15:29 Temporary Internet Files [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache 15/04/2015 15:29 Content.IE5 [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache\Low 15/04/2015 15:44 Content.IE5 [C:\Users\P‹erre\AppData\Local\Microsoft\Windows\INetCache\Low\IE\] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\LocalLow 29/04/2015 21:45 PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Start Menu 15/04/2015 15:29 Programma's [C:\Users\P‹erre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\P‹erre\Documents 15/04/2015 15:29 Mijn afbeeldingen [C:\Users\P‹erre\Pictures] 15/04/2015 15:29 Mijn muziek [C:\Users\P‹erre\Music] 15/04/2015 15:29 Mijn video's [C:\Users\P‹erre\Videos] 0 File(s) 0 bytes Total Files Listed: 6 File(s) 0 bytes 96 Dir(s) 168ÿ392ÿ093ÿ696 bytes free ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 7-Zip 9.22 (x64 edition) ACS Unified PC/SC Driver 4.0.0.4 Adobe AIR Adobe Community Help Adobe Media Player Adobe Photoshop CS6 Adobe Reader XI (11.0.10) - Nederlands Adobe Shockwave Player 12.1 Albelli.be Fotoboeken Asmedia ASM106x SATA Host Controller Driver Audacity 2.1.0 Avast Free Antivirus Belgium e-ID middleware 4.0.7 (build 7466) BricsCAD 13.1 CCleaner Combined Community Codec Pack 2014-07-13 Contents Corel PaintShop Pro X7 Corel PaintShop Pro X7 Corel VideoStudio Pro X6 FARO LS 1.1.406.58 Google Chrome Google Update Helper ICA Intel(R) Management Engine Components Intel© Trusted Connect Service Client IPM_PSP_COM IPM_PSP_COM64 IPM_VS_Pro Java 8 Update 45 Java 8 Update 45 (64-bit) Java Auto Updater K-Lite Codec Pack 11.0.5 Full Microsoft ASP.NET MVC 4 Runtime Microsoft Office 365 - nl-nl Microsoft OneDrive Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Nikon Message Center 2 Nikon Movie Editor NVIDIA-configuratiescherm 350.12 NVIDIA 3D Vision controllerstuurprogramma 349.95 NVIDIA 3D Vision stuurprogramma 350.12 NVIDIA GeForce Experience 2.4.1.21 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 350.12 NVIDIA HD Audio-stuurprogramma 1.3.33.0 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Miracast virtuele audio 350.12 NVIDIA Network Service NVIDIA PhysX Systeem Software 9.15.0324 NVIDIA ShadowPlay 2.4.1.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update 2.4.1.21 NVIDIA Update Core NVIDIA Virtual Audio 1.2.27 Office 15 Click-to-Run Extensibility Component Office 15 Click-to-Run Licensing Component Office 15 Click-to-Run Localization Component Online Games Manager v1.30 PDF Settings CS6 Picture Control Utility x64 Platform Prism Video File Converter PSPPContent PSPPHelp PSPPro64 Qualcomm Atheros Bandwidth Control Filter Driver Qualcomm Atheros Killer E220x Drivers Qualcomm Atheros Killer Network Manager Suite Qualcomm Atheros Network Manager Realtek High Definition Audio Driver Roads of Rome Roads of Rome Deluxe Setup Share Share64 SHIELD Streaming SHIELD Wireless Controller Driver SmartSound Common Data SmartSound Quicktracks 5 Sound Blaster Cinema Sqirlz Water Reflections Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (07/21/2014 4.0.0.4) Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) Super-Charger swMSM Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 10 VIA Platform apparaatbeheer ViewNX 2 VSClassic VSHelp VSPro Windows Media Encoder 9 Series Zylom Games Player Plugin ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\RelayStasis not found C:\PROGRA~2\Wondershare not found C:\PROGRA~2\CutThePriiCE deleted C:\PROGRA~2\Highlight to Search deleted C:\PROGRA~3\{88a8caa9-2779-5be2-88a8-8caa92772aa4} deleted C:\PROGRA~3\14900317688443960907 deleted C:\PROGRA~3\Wondershare Video Converter Ultimate deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\Trymedia deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted "C:\ProgramData\Metadata Importer" deleted "C:\ProgramData\Multipressor" deleted "C:\ProgramData\Nature" deleted "C:\ProgramData\People" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\PROGRA~2\COMMON~1\Wondershare" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 16328 MB CPU Info: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz CPU Speed: 3214,3 MHz Sound Card: S24D590-4 (NVIDIA High Definiti | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti | NVIDIA GeForce GTX 750 Ti Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Killer e2200 Gigabit Ethernet Controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW SH-224DB Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 232,4GB | X: 1862,9GB Hard Disks - Free: C: 156,8GB | X: 1860,3GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | | ALASKA - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: MSI Z87-GD65 GAMING (MS-7845) Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 43.0.2357.130 Internet Explorer Version: 11.0.9600.17842 Google Chrome version: 43.0.2357.130 Adobe Reader version: 11.0.10.32 Sun Java version: 1.8.0_45 (32-bit) Sun Java version: 1.8.0_45 (64-bit) Shockwave Player version: 12.1.7r157 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\PERRE~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-06-24 23:16:35 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys ====== C:\Windows\Tasks ====== 2015-06-24 22:52:11 F37CC49960FD21AFB8113FDC86CAA026 3992 ----a-w- C:\Windows\Sysnative\Tasks\LaunchPreSignup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2015-07-13 21:58:26 -------- d-----w- C:\PROGRA~2\ESET ======= C: ===== ====== C:\Users\PERRE~1\AppData ====== ====== C:\Users\PERRE~1 ====== 2015-06-24 23:48:25 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp 2015-06-24 23:03:16 -------- d-----w- C:\ProgramData\4e15dd4500005979 ====== C: exe-files == 2015-07-14 16:39:10 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Pïerre\Downloads\RSITx64.exe 2015-07-13 21:58:27 F0B5FAE0268D84B1CE6EA3B98D4D69EB 331464 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe 2015-07-13 21:58:27 E78517BD20C282FBCA150D2B3ACCC760 2870984 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe 2015-07-13 21:58:27 B23901621E5BD2EF1AAC3E6E6CB9E7FF 422600 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe 2015-07-13 21:58:27 4B0F506ACF0A8AE6D6B3E4CF6778B722 122568 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe 2015-07-13 21:58:27 21B9AB1916917F9476B767F605345E62 532168 ----a-w- C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe 2015-07-13 21:58:15 C5B68AC8EC40CAB217AB4F479B953B54 2870984 ----a-w- C:\Users\Pïerre\Downloads\esetsmartinstaller_enu.exe 2015-07-13 21:17:09 F9FF7AD0ED9AA77A2A506FB01D9649CA 512424 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\Packages\000079e8\CoProc update.19759144.exe 2015-07-09 21:15:25 876DB7A763F0E3B14B70E2BA7904A675 5900040 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\Packages\000079d8\DAO.19750200.exe 2015-07-09 15:30:20 FFCB747BE700621965F81033E8A462DD 628664 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe 2015-07-09 15:30:16 6ECC27CD8129ED471C86F6F26430B798 172984 ----a-w- C:\Users\Pïerre\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe === C: other files == 2015-07-13 21:59:26 560EDC0912BDB68290930E2542823A24 135760 ------w- C:\Users\Pïerre\AppData\Local\Temp\ehdrv.sys ======== System Restore Points ======== RP15: 24/06/2015 9:13:04 - Windows Update RP16: 3/07/2015 7:15:03 - Gepland controlepunt RP17: 9/07/2015 10:46:02 - Windows Update RP18: 14/07/2015 21:26:21 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2606789639-3167826691-1876802399-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-2606789639-3167826691-1876802399-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sound Blaster Cinema"="C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe /r" "UpdReg"="C:\Windows\UpdReg.EXE" "Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" "AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "MBCfg64"="C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "VIAxHCUtl"="C:\VIA_XHCI\usb3Monitor.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Corel Update Helper"="c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\pua.exe /t" ==== Startup Folders ====================== 2015-04-15 13:42:41 2837 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\klcp_update" ["C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe"] "C:\Windows\SysNative\tasks\LaunchPreSignup" [C:\Program Files (x86)\OLBPre\OLBPre.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{2EEDFA7A-D017-49FC-A3E2-82F46472EA99}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Corel PaintShop Pro X7 (64-bit).lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X7 (64-bit)\Corel PaintShop Pro.exe C:\Users\Public\Desktop\Corel VideoStudio Pro X6.lnk - C:\Program Files (x86)\Corel\Corel VideoStudio Pro X6\vstudio.exe C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1435186324&z=2c4b71f47232bdae820d0b6g1z6c0w6geb8q6cdo7c&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M5AFRKE5FRKE5 ==== shortcuts in Users Start Menu ====================== C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albelli.be Fotoboeken\Albelli.be Fotoboeken.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections Help.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Sqirlz Water Reflections.lnk - C:\Users\Pïerre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sqirlz Water Reflections\Uninstall.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk - C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Utilities - CS6\ExtendScript Toolkit CS6\ExtendScript Toolkit.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Adobe Extension Manager CS6.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk - C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk - C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BricsCAD V13.lnk - C:\Program Files (x86)\Bricsys\BricsCAD V13\bricscad.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk - C:\Program Files (x86)\NCH Software\Prism\prism.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe\Adobe Media Player.lnk - C:\Program Files (x86)\Adobe Media Player\Adobe Media Player.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Office 2010 XAdES XL signature configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoffice2010_XAdES_XL.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID\Utilities\MS Outlook registry configuration.lnk - C:\Program Files (x86)\Belgium Identity Card\beidoutlooksnc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bricsys\BricsCAD V13\BricsCAD.lnk - C:\Program Files (x86)\Bricsys\BricsCAD V13\bricscad.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bricsys\BricsCAD V13\User Profile Manager.lnk - C:\Program Files (x86)\Bricsys\BricsCAD V13\profilemanager_app.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7\Corel PaintShop Pro X7 (64-bit).lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X7 (64-bit)\Corel PaintShop Pro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7\Corel PaintShop Pro X7.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X7\Corel PaintShop Pro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X7\Restore Database.lnk - C:\Program Files (x86)\Corel\Corel PaintShop Pro X7 (64-bit)\ResetDB.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X6\Corel ScreenCap X6.lnk - C:\Program Files (x86)\Corel\Corel VideoStudio Pro X6\VSSCap.exe /SCLM C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X6\Corel VideoStudio Pro X6.lnk - C:\Program Files (x86)\Corel\Corel VideoStudio Pro X6\vstudio.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio Pro X6\User Guide.lnk - C:\Program Files (x86)\Corel\Corel VideoStudio Pro X6\UserGuide C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&ts=1435186324&z=2c4b71f47232bdae820d0b6g1z6c0w6geb8q6cdo7c&from=wpc&uid=WDCXWD20EZRX-00D8PB0_WD-WCC4M5AFRKE5FRKE5 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSACCESS.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\EXCEL.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTE.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\OUTLOOK.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\POWERPNT.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSPUB.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Verzenden naar OneNote 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\ONENOTEM.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\WINWORD.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Office 2013 Upload Center.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\MSOUC.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Hulpprogramma's van Office 2013\Taalvoorkeuren voor Office 2013.lnk - C:\Program Files (x86)\Microsoft Office 15\root\office15\SETLANG.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2 Help.lnk - C:\Program Files (x86)\Nikon\Nikon Message Center 2\Localization\NL\NikonMessageCenter2_NL.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2\Nikon Message Center 2.lnk - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 Help.lnk - C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\ViewNX2.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 LeesMij.lnk - C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\Readme.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2 verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {635BE602-BB9C-4C59-8CC5-93F9366E8A21} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX 2\ViewNX 2.lnk - C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Windows Media Encoder.lnk - C:\Program Files (x86)\Windows Media Components\Encoder\wmenc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Encoding Script.lnk - C:\Program Files (x86)\Windows Media Components\Encoder\WMEncUtil.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media File Editor.lnk - C:\Program Files (x86)\Windows Media Components\Encoder\wmeditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Profile Editor.lnk - C:\Program Files (x86)\Windows Media Components\Encoder\WMProEdt.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media\Utilities\Windows Media Stream Editor.lnk - C:\Program Files (x86)\Windows Media Components\Encoder\wmstreamedt.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom\Roads of Rome Deluxe.lnk - C:\Zylom Games\Roads of Rome Deluxe\RoadsOfRome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom\Roads of Rome.lnk - C:\Zylom Games\Roads of Rome\ZY-RoadsOfRome.exe ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==== Uninstall List x64 ====================== æTorrent [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] 7-Zip 9.22 (x64 edition) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0922-000001000000}] ACS Unified PC/SC Driver 4.0.0.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ED71961-549E-4456-9F30-EA7F0896C91F}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34927EBC-98D4-4D53-98BE-510DF5999F50}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR] Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}] Adobe Community Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1] Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}] Adobe Media Player [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1] Adobe Photoshop CS6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}] Adobe Reader XI (11.0.10) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AB0000000001}] Adobe Shockwave Player 12.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Shockwave Player] Albelli.be Fotoboeken [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C16DFB31-4A09-474E-AF61-02AFB3008763}_is1] Asmedia ASM106x SATA Host Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}] Audacity 2.1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1] Avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avast] Belgium e-ID middleware 4.0.7 (build 7466) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{824563DE-75AD-4166-9DC0-B6482F207466}] BricsCAD 13.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{39D61CBB-81C7-43CF-BB70-6BB620FBD10A}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Combined Community Codec Pack 2014-07-13 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Combined Community Codec Pack_is1] Contents [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE0B1766-153A-4251-A192-F8FD3D941711}] Corel PaintShop Pro X7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\_{176F50D6-6857-49CE-B731-65F757EE3F0D}] Corel PaintShop Pro X7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17196252-8555-4E35-9C06-F743143D76D4}] Corel VideoStudio Pro X6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\_{6688A246-F6E8-48AD-9806-8D5832E9F15D}] FARO LS 1.1.406.58 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] ICA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{176F50D6-6857-49CE-B731-65F757EE3F0D}] ICA [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6688A246-F6E8-48AD-9806-8D5832E9F15D}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] IPM_PSP_COM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{174F9DF8-AC60-486A-8FF4-A22831D48E0D}] IPM_PSP_COM64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{17704FA2-B1D2-4D5C-A23D-BDA0D2BC9CC7}] IPM_VS_Pro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CCC10E8E-7FD1-4D55-87C2-D0A5ABC0A62B}] Java 8 Update 45 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418045F0}] Java 8 Update 45 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218045F0}] K-Lite Codec Pack 11.0.5 Full [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}] Microsoft Office 365 - nl-nl [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\O365HomePremRetail - nl-nl] Microsoft OneDrive [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}] Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}] Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37B8F9C7-03FB-3253-8781-2517C99D7C00}] Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}] Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}] Microsoft Visual Studio 2010 Tools for Office Runtime (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)] Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3FF59A46-2208-3A7A-BC8E-5DC0BBBA1A87}] Microsoft_VC80_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}] Microsoft_VC80_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{925D058B-564A-443A-B4B2-7E90C6432E55}] Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] Microsoft_VC80_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}] Microsoft_VC80_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}] Microsoft_VC80_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}] Microsoft_VC80_MFCLOC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}] Microsoft_VC80_MFCLOC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}] Microsoft_VC90_ATL_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}] Microsoft_VC90_ATL_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8557397C-A42D-486F-97B3-A2CBC2372593}] Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] Microsoft_VC90_CRT_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}] Microsoft_VC90_MFC_x86 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}] Microsoft_VC90_MFC_x86_x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}] Nikon Message Center 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B014EE44-9197-4513-9613-71E6EB1B514E}] Nikon Movie Editor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}] NVIDIA-configuratiescherm 350.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision controllerstuurprogramma 349.95 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA 3D Vision stuurprogramma 350.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA GeForce Experience 2.4.1.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] NVIDIA GeForce Experience Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] NVIDIA Grafisch stuurprogramma 350.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA HD Audio-stuurprogramma 1.3.33.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA LED Visualizer 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] NVIDIA Miracast virtuele audio 350.12 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio] NVIDIA Network Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] NVIDIA PhysX Systeem Software 9.15.0324 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA ShadowPlay 2.4.1.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] NVIDIA Update 2.4.1.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] NVIDIA Virtual Audio 1.2.27 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] Online Games Manager v1.30 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Online Games Manager] PDF Settings CS6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}] Picture Control Utility x64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}] Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20D4A895-748C-4D88-871C-FDB1695B0169}] Prism Video File Converter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Prism] PSPPContent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17289BF4-5826-447B-A20A-738044D0B3E5}] PSPPHelp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1735F0DE-B173-4116-BABC-653A12FB9238}] PSPPro64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{17511557-C430-486A-AB5A-87A8134B2613}] Qualcomm Atheros Bandwidth Control Filter Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C80C9B28-CF99-431C-88C8-8B1F9B6A182F}] Qualcomm Atheros Killer E220x Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DD2A85B3-64C5-4263-A7AF-4F61FA5F369A}] Qualcomm Atheros Killer Network Manager Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}] Qualcomm Atheros Network Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Roads of Rome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\c0889f44ce13855fe03ecea579ed35d0] Roads of Rome Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\roadsofromedeluxe] Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17088A4E-3CF3-4F12-926D-2A9E8085B8EC}] Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6C6EEA9F-3998-4E0D-B91F-43CB218C715C}] Share [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD7DA145-3118-4D69-BE89-D3ED1510BD15}] Share64 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3008095C-B516-4A5E-8B99-F0E113C21C72}] SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] SHIELD Wireless Controller Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}] SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}] SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}] SmartSound Quicktracks 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}] Sound Blaster Cinema [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}] Sqirlz Water Reflections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sqirlz Water Reflections] Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (07/21/2014 4.0.0.4) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C2A85C2E5FD90614D290F9BCA57AF41E31067324] Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7] Super-Charger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1] swMSM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD] TeamViewer 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer] VIA Platform apparaatbeheer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}] ViewNX 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}] VSClassic [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0096E50-D99E-4178-A988-E5192B6F6B91}] VSHelp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9DD0D4F-6E5A-484D-AD8C-FD3BAF5D4450}] VSPro [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D88D7ECD-F173-4A97-96F9-2B05C5DC90DC}] Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}] Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Encoder 9] Zylom Games Player Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Zylom Games Player Plugin] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll O4 - HKLM\..\Run: [Sound Blaster Cinema] "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1436890039 O4 - Global Startup: Killer Network Manager.lnk = ? O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Bricsys\BricsCAD V13\BrxProtIE.dll O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MSI_SuperCharger - MSI - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Online Games Manager (ogmservice) - RealNetworks, Inc. - C:\Program Files (x86)\Online Games Manager\ogmservice.exe O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Qualcomm Atheros Killer Service V2 - Qualcomm Atheros - C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} AdobeBridge = (empty string) [file not found] CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [Piriform Ltd] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++} Adobe Speed Launcher = 1436890039 [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} RTHDVCPL = "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [Realtek Semiconductor] MBCfg64 = C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64 [MS] NvBackend = "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [NVIDIA Corporation] ShadowPlay = C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [MS] VIAxHCUtl = C:\VIA_XHCI\usb3Monitor.exe [VIA Technologies, Inc.] AdobeAAMUpdater-1.0 = "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [Adobe Systems Incorporated] Corel Update Helper = "c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\pua.exe" /t [Corel Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} Sound Blaster Cinema = "C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" /r [null data] UpdReg = C:\Windows\UpdReg.EXE [Creative Technology Ltd.] Super-Charger = C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [MSI] SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation] Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [Avast Software s.r.o.] SwitchBoard = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [Adobe Systems Incorporated] AdobeCS6ServiceManager = "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [Adobe Systems Incorporated] Wondershare Helper Compact.exe = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [file not found] Nikon Message Center 2 = C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [Nikon Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\(Default) = Skype for Business Click to Call BHO -> {HKLM...CLSID} = Skype for Business Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [Avast Software s.r.o.] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\(Default) = (no title provided) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [Oracle Corporation] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [Avast Software s.r.o.] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation] -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)\(Default) = {8BA85C75-763B-4103-94EB-9470F12FE0F7} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro2 (SyncInProgress)\(Default) = {CD55129A-B1A1-438E-A425-CEBC7DC684EE} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] SkyDrivePro3 (InSync)\(Default) = {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [Avast Software s.r.o.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} = Icaros Thumbnail Provider -> {HKLM...CLSID} = Icaros Thumbnail Provider \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosThumbnailProvider.dll [Tabibito Technology] {0C08E3BB-D10B-4CC9-B1B3-701F5BE9D6EC} = Icaros Property Handler -> {HKLM...CLSID} = Icaros Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll [Tabibito Technology] {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {8BA85C75-763B-4103-94EB-9470F12FE0F7} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {CD55129A-B1A1-438E-A425-CEBC7DC684EE} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) -> {HKLM...CLSID} = Microsoft SkyDrive Pro Icon Overlay 3 (InSync) \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} = Microsoft SkyDrive Pro Browser Helper -> {HKLM...CLSID} = Microsoft SkyDrive Pro Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONFILTER.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\VISSHE.DLL [MS] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [Avast Software s.r.o.] {FEB746CA-95C2-485F-B386-C30D4E56D22E} = Context Menu Shell Extension -> {HKLM...CLSID} = Context Menu Shell Extension \InProcServer32\(Default) = C:\Windows\SysWOW64\WSCM64.dll [empty string] {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {c5aec3ec-e812-4677-a9a7-4fee1f9aa000} = Icaros Thumbnail Provider -> {HKLM...Wow...CLSID} = Icaros Thumbnail Provider \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\32-bit\IcarosThumbnailProvider.dll [Tabibito Technology] {0C08E3BB-D10B-4CC9-B1B3-701F5BE9D6EC} = Icaros Property Handler -> {HKLM...Wow...CLSID} = Icaros Property Handler \InProcServer32\(Default) = C:\Program Files (x86)\K-Lite Codec Pack\Icaros\32-bit\IcarosPropertyHandler.dll [Tabibito Technology] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\msoshext.dll [MS] {506F4668-F13E-4AA1-BB04-B43203AB3CC0} = {506F4668-F13E-4AA1-BB04-B43203AB3CC0} -> {HKLM...Wow...CLSID} = ImageExtractorShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {D66DC78C-4F61-447F-942B-3FB6980118CF} = {D66DC78C-4F61-447F-942B-3FB6980118CF} -> {HKLM...Wow...CLSID} = CInfoTipShellExt Class \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\VISSHE.DLL [MS] {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} = Microsoft OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONFILTER.DLL [MS] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [Avast Software s.r.o.] HKLM\SYSTEM\CurrentControlSet\Control\Lsa\ <> ("" [file not found]) Security Packages = "" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {1ee7337f-85ac-45e2-a23c-37c753209769}\(Default) = Smartcard WinRT Provider -> {HKLM...CLSID} = Smartcard WinRT Provider \InProcServer32\(Default) = C:\Windows\system32\SmartcardCredentialProvider.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip32.dll [Igor Pavlov] avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [Avast Software s.r.o.] WondershareVideoConverterFileOpreation\(Default) = {FEB746CA-95C2-485F-B386-C30D4E56D22E} -> {HKLM...CLSID} = Context Menu Shell Extension \InProcServer32\(Default) = C:\Windows\SysWOW64\WSCM64.dll [empty string] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [Avast Software s.r.o.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip32.dll [Igor Pavlov] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip.dll [Igor Pavlov] -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\7-Zip\7-zip32.dll [Igor Pavlov] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShA64.dll [Avast Software s.r.o.] -> {HKLM...Wow...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [Avast Software s.r.o.] Default executables: -------------------- .scr HKCU\Software\Classes\.scr\(Default) = AutoCADScriptFile HKCU\Software\Classes\AutoCADScriptFile\(Default) = AutoCAD Script HKCU\Software\Classes\AutoCADScriptFile\shell\open\command\(Default) = C:\Windows\system32\notepad.exe "%1" [MS] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ EnableCursorSuppression = (REG_DWORD) dword:0x00000001 {unrecognized setting} SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = J:\5200\70715\DSC_0216[1].png Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\Mystify.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ BridgeCS6ImportMediaOnArrival\ Provider = Adobe Bridge CS6 InvokeProgID = Adobe.adobebridgeCS6 InvokeVerb = launch HKLM\SOFTWARE\Classes\Adobe.adobebridgeCS6\shell\launch\command\(Default) = C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe -v %1 [Adobe Systems, Inc.] BridgeCS6NonVolumeHandler\ Provider = Adobe Bridge CS6 ProgID = Adobe.adobebridgeMTP_1 HKLM\SOFTWARE\Classes\Adobe.adobebridgeMTP_1\CLSID\(Default) = {1E6C711B-6D70-4a65-8AB6-745DC19BE2A6} -> {HKLM...CLSID} = Adobe Bridge CS6 \LocalServer32\(Default) = C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\bridgeproxy.exe -m [Adobe Systems, Inc.] Corel PaintShop Pro X7ShowPicturesOnArrivalHandler\ Provider = Corel PaintShop Pro X7 InvokeProgID = PaintShopProX7_64.Image InvokeVerb = Overzicht HKLM\SOFTWARE\Classes\PaintShopProX7_64.Image\shell\Overzicht\command\(Default) = "c:\Program Files\Corel\Corel PaintShop Pro X7 (64-bit)\Corel PaintShop Pro.exe" "%1" [Corel, Inc.] MPCPlayBluRayOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayBlurayMovie HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayBlurayMovie\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" %L\BDMV\INDEX.BDMV [MPC-HC Team] MPCPlayCDAudioOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayCDAudio HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayCDAudio\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" %1 /cd [MPC-HC Team] MPCPlayDVDMovieOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayDVDMovie HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayDVDMovie\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" %1 /dvd [MPC-HC Team] MPCPlayMusicFilesOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayMusicFiles HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayMusicFiles\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" %1 [MPC-HC Team] MPCPlayVideoFilesOnArrival\ Provider = Media Player Classic InvokeProgID = MediaPlayerClassic.Autorun InvokeVerb = PlayVideoFiles HKLM\SOFTWARE\Classes\MediaPlayerClassic.Autorun\shell\PlayVideoFiles\command\(Default) = "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" %1 [MPC-HC Team] MSFhConfigBackup\ Provider = @C:\Windows\system32\fhautoplay.dll,-100 InvokeProgID = FHConfig.AutoPlayHandler InvokeVerb = config HKLM\SOFTWARE\Classes\FHConfig.AutoPlayHandler\shell\config\command\(Default) = fhmanagew -autoplay [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPromptEachTime\ Provider = @C:\Windows\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTime HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSPromptEachTimeNoContent\ Provider = @C:\Windows\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTimeNoContent HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSWMEncVCArrival\ Provider = Windows Media Encoder 9 Series ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = C:\Program Files (x86)\Windows Media Components\Encoder\WMEnc.exe HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] Nikon Transfer 2\ Provider = Nikon Transfer 2 InvokeProgID = Nikon Transfer 2 InvokeVerb = open HKLM\SOFTWARE\Classes\Nikon Transfer 2\shell\open\command\(Default) = C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\Nikon Transfer 2\NktTransfer2.exe /D=%L [Nikon Corporation] VSX6VideoCameraArrival\ Provider = Corel VideoStudio Pro ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "c:\Program Files (x86)\Corel\Corel VideoStudio Pro X6\\vstudio.exe" /T:UVSClassic /parameters:Step=0,Handler=VideoCameraArrival,DeviceHint=%1 HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] WIA_{445041D7-7817-4ADE-9680-863D783B1C46}\ Provider = Nikon Transfer 2 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\Nikon Transfer 2\NktTransfer2.exe; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "PERRE~1" & "All Users" startup folders: --------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp {++} Killer Network Manager -> shortcut to: C:\Windows\Installer\{7364C716-1212-4EAE-B0C9-A31D1E797BF8}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe -minimize [Flexera Software LLC] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks avast! Emergency Update -> (HIDDEN!) launches: C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [Avast Software s.r.o.] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] klcp_update -> launches: "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=90 [null data] LaunchPreSignup -> launches: C:\Program Files (x86)\OLBPre\OLBPre.exe signup [file not found] Microsoft Office 15 Sync Maintenance for Straetemans-P‹erre Straetemans -> launches: C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [MS] Microsoft OneDrive Auto Update Task-S-1-5-21-2606789639-3167826691-1876802399-1001 -> launches: %localappdata%\Microsoft\OneDrive\OneDrive.exe [MS] User_Feed_Synchronization-{2EEDFA7A-D017-49FC-A3E2-82F46472EA99} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS] {1D00BE2B-E07C-42ED-BE31-C3146A6100D6} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\P‹erre\Downloads\Setup\SETUP.EXE -d C:\Users\P‹erre\Downloads\Setup [MS] {26383757-75D3-441D-9EBE-D73135AB0A15} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\P‹erre\Downloads\filter\Setup\SETUP.EXE -d C:\Users\P‹erre\Downloads\filter\Setup [MS] C:\Windows\System32\Tasks\Microsoft\Office Office Automatic Updates -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False [MS] Office ClickToRun Service Monitor -> launches: C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe /WatchService [MS] Office Subscription Maintenance -> launches: C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework .NET Framework NGEN v4.0.30319 -> (HIDDEN!) launches: {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] .NET Framework NGEN v4.0.30319 64 -> (HIDDEN!) launches: {429BC048-379E-45E0-80E4-EB1977941B5C} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\AppID SmartScreenSpecific -> launches: {9f2b0085-9218-42a1-88b0-9f0e65851666} -> {HKLM...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\Windows\system32\apprepsync.dll [MS] -> {HKLM...Wow...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\Windows\system32\apprepsync.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent /increment [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] StartupAppTask -> launches: %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\ApplicationData CleanupTemporaryState -> launches: %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk ProactiveScan -> launches: {cf4270f5-2e43-4468-83b3-a8c45bb33ea1} -> {HKLM...CLSID} = Proactive Scan \InProcServer32\(Default) = C:\Windows\System32\pstask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program BthSQM -> (HIDDEN!) launches: {c8367320-6f85-11e0-a1f0-0800200c9a66} -> {HKLM...CLSID} = BthSQM \InProcServer32\(Default) = C:\Windows\System32\BthSQM.dll [MS] Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] Uploader -> launches: %windir%\system32\WSqmCons.exe -u [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan Data Integrity Scan for Crash Recovery -> (HIDDEN!) launches: {DCFD3EA8-D960-4719-8206-490AE315F94F} -> {HKLM...CLSID} = Data Integrity Scan \InProcServer32\(Default) = C:\Windows\System32\discan.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -h -o -$ [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup Metadata Refresh -> (HIDDEN!) launches: {23C1F3CF-C110-4512-ACA9-7B6174ECE888} -> {HKLM...CLSID} = DsmRefreshTask Class \InProcServer32\(Default) = C:\Windows\System32\DeviceSetupManagerAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup SilentCleanup -> launches: %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive% [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint Diagnostics -> launches: {5b6b6834-34f0-49b9-ad4e-81d4994c7a74} -> {HKLM...CLSID} = Disk Footprint Diagnostics Task \InProcServer32\(Default) = C:\Windows\system32\DfpCommon.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory File History (maintenance mode) -> launches: {89917B7C-A1A6-11DF-8BF6-18A90531A85A} -> {HKLM...CLSID} = FhTaskHandler Class \InProcServer32\(Default) = C:\Windows\System32\fhtask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: A9A33436-678B-4c9c-A211-7CC38785E79D -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic ProcessMemoryDiagnosticEvents -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\Windows\System32\MemoryDiagnostic.dll [MS] RunFullMemoryDiagnostic -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\Windows\System32\MemoryDiagnostic.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts MNO Metadata Parser -> launches: %SystemRoot%\System32\MbaeParserTask.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI LPRemove -> launches: %windir%\system32\lpremove.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetCfg BindingWorkItemQueueHandler -> launches: {5AA199A0-1CED-43A5-9B85-3226086738A3} -> {HKLM...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\System32\netcfgx.dll [MS] -> {HKLM...Wow...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\SysWOW64\netcfgx.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\PerfTrack BackgroundConfigSurveyor -> (HIDDEN!) launches: {EA9155A3-8A39-40B4-8963-D3C761B18371} -> {HKLM...CLSID} = PerfTrack TaskHandler class \InProcServer32\(Default) = C:\Windows\System32\perftrack.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PI Secure-Boot-Update -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\Windows\system32\TpmTasks.dll [MS] Sqm-Tasks -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\Windows\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play Device Install Group Policy -> (HIDDEN!) launches: {60400283-b242-4fa8-8c25-caf695b88209} -> {HKLM...CLSID} = Device Installation Group Policy Task Handler \InProcServer32\(Default) = C:\Windows\System32\pnppolicy.dll [MS] Device Install Reboot Required -> (HIDDEN!) launches: {48794782-6a1f-47b9-bd52-1d5f95d49c1b} -> {HKLM...CLSID} = Device Installation Reboot Dialog Task \InProcServer32\(Default) = C:\Windows\System32\pnpui.dll [MS] Plug and Play Cleanup -> launches: {DEF03232-9688-11E2-BE7F-B4B52FD966FF} -> {HKLM...CLSID} = Plug and Play Maintenance Task \InProcServer32\(Default) = C:\Windows\System32\pnpclean.dll [MS] Sysprep Generalize Drivers -> launches: %SystemRoot%\System32\drvinst.exe 6 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: {927ea2af-1c54-43d5-825e-0074ce028eee} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\energytask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools MRT_HB -> launches: C:\Windows\system32\MRT.exe /EHB /Q [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Servicing StartComponentCleanup -> launches: 752073A1-23F2-4396-85F0-8FDB879ED0ED [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync BackgroundUploadTask -> (HIDDEN!) launches: {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} -> {HKLM...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] BackupTask -> (HIDDEN!) launches: {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} -> {HKLM...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] NetworkStateChangeTask -> (HIDDEN!) launches: {A4173A49-F373-4475-9A0F-2D615204DC20} -> {HKLM...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\Windows\system32\SettingSyncCore.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx launchtrayprocess -> launches: %windir%\system32\GWX\GWX.exe /tasklaunch [MS] refreshgwxconfig -> launches: %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers Logon-5d -> launches: %windir%\system32\GWX\GWX.exe /event:7 [MS] MachineUnlock-5d -> launches: %windir%\system32\GWX\GWX.exe /event:8 [MS] OutOfIdle-5d -> launches: %windir%\system32\GWX\GWX.exe /event:6 [MS] OutOfSleep-5d -> launches: %windir%\system32\GWX\GWX.exe /event:9 [MS] refreshgwxconfig-B -> launches: schtasks /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig" [MS] Time-5d -> launches: %windir%\system32\GWX\GWX.exe /event:10 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CreateObjectTask -> (HIDDEN!) launches: {990a9f8f-301f-45f7-8d0e-68c5952dba43} -> {HKLM...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\Windows\system32\shell32.dll [MS] -> {HKLM...Wow...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\Windows\system32\shell32.dll [MS] FamilySafetyMonitor -> launches: %windir%\System32\wpcmon.exe [MS] FamilySafetyRefresh -> launches: {EBF00FCB-0769-4b81-9BEC-6C05514111AA} -> {HKLM...CLSID} = FamilySafety.WebSync \InProcServer32\(Default) = C:\Windows\System32\WpcWebSync.dll [MS] IndexerAutomaticMaintenance -> launches: {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} -> {HKLM...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive Idle Sync Maintenance Task -> launches: {bf6c1e47-86ec-4194-9ce5-13c15dcb2001} [InProcServer32 entry not found] Routine Maintenance Task -> launches: {1b1f472e-3221-4826-97db-2c2324d389ae} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform SvcRestartTask -> (HIDDEN!) launches: {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\Windows\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\Windows\System32\sppcext.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort SpaceAgentTask -> launches: %windir%\system32\SpaceAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain WsSwapAssessmentTask -> launches: %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TaskScheduler Idle Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\Windows\system32\msched.dll [MS] Maintenance Configurator -> launches: {645E29EA-4B0A-464C-8B7D-1A6B9F9D92A8} -> {HKLM...CLSID} = Maintenance Configurator \InProcServer32\(Default) = C:\Windows\system32\msched.dll [MS] Manual Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\Windows\system32\msched.dll [MS] Regular Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\Windows\system32\msched.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization ForceSynchronizeTime -> launches: {A31AD6C2-FF4C-43D4-8E90-7101023096F9} -> {HKLM...CLSID} = Time Synchronization Task Handler \InProcServer32\(Default) = C:\Windows\system32\TimeSyncTask.dll [MS] SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone SynchronizeTimeZone -> launches: %windir%\system32\tzsync.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TPM Tpm-Maintenance -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\Windows\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate Scheduled Start -> launches: C:\Windows\system32\sc.exe start wuauserv [MS] Scheduled Start With Network -> launches: C:\Windows\system32\sc.exe start wuauserv [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WOF WIM-Hash-Management -> launches: {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} -> {HKLM...CLSID} = WOF Task Handler \InProcServer32\(Default) = C:\Windows\system32\WofTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders Work Folders Logon Synchronization -> launches: {97d47d56-3777-49fb-8e8f-90d7e30e1a1e} -> {HKLM...CLSID} = Work Folder Logon Trigger Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] Work Folders Maintenance Work -> launches: {63260bce-a3fb-4a34-aa51-d4d8e877b62b} -> {HKLM...CLSID} = Work Folder Maintenance Task Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WS Badge Update -> launches: {00CCDDF6-5107-424D-853D-3907AE5502DC} -> {HKLM...CLSID} = WinStore Tile Badge Updater \InProcServer32\(Default) = C:\Windows\winstore\WinStoreUI.dll [MS] License Validation -> (HIDDEN!) launches: rundll32.exe WSClient.dll,WSpTLR licensing [MS] Sync Licenses -> launches: {10F591BE-3C84-418A-86DD-BAA002E2F36E} -> {HKLM...CLSID} = WinStore License Sync task \InProcServer32\(Default) = C:\Windows\winstore\WinStoreUI.dll [MS] WSRefreshBannedAppsListTask -> (HIDDEN!) launches: rundll32.exe WSClient.dll,RefreshBannedAppsList [MS] WSTask -> launches: {E52C9A25-F3E8-49E4-BAA7-FAD0EF620129} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Windows\System32\WSService.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-2606789639-3167826691-1876802399-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 10 Toolbars, Explorer Bars, Extensions: ------------------------------------ Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll [MS] {31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ ButtonText = Skype for Business Click to Call MenuText = Skype for Business Click to Call CLSIDExtension = {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> {HKLM...CLSID} = Skype for Business Browser Helper \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Send to OneNote MenuText = Se&nd to OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll [MS] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ ButtonText = OneNote Lin&ked Notes MenuText = OneNote Lin&ked Notes CLSIDExtension = {FFFDC614-B694-4AE6-AB38-5D6374584B52} -> {HKLM...Wow...CLSID} = Linked Notes button \InProcServer32\(Default) = C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] Avast Antivirus, avast! Antivirus, "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [Avast Software s.r.o.] AvastVBox COM Service, AvastVBoxSvc, "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [Avast Software] Corel License Validation Service V2 x64, Powered by arvato, PSI_SVC_2_x64, "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [arvato digital services llc] Corel License Validation Service V2, Powered by arvato, PSI_SVC_2, "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [arvato digital services llc] Diagnostics Tracking Service, DiagTrack, C:\Windows\System32\svchost.exe -k utcsvc {C:\Windows\system32\diagtrack.dll [MS]} Intel(R) Capability Licensing Service Interface, Intel(R) Capability Licensing Service Interface, "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [Intel(R) Corporation] Intel(R) Dynamic Application Loader Host Interface Service, jhi_service, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [Intel Corporation] Intel(R) Management and Security Application Local Management Service, LMS, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" [Intel Corporation] Microsoft Office ClickToRun Service, ClickToRunSvc, "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service [MS] MSI_SuperCharger, MSI_SuperCharger, C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [MSI] Network Connection Broker, NcbService, C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted {C:\Windows\System32\ncbservice.dll [MS]} NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA GeForce Experience Service, GfExperienceService, "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" [NVIDIA Corporation] NVIDIA Network Service, NvNetworkService, "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" [NVIDIA Corporation] NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation] NVIDIA Streamer Service, NvStreamSvc, "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [NVIDIA Corporation] Online Games Manager, ogmservice, "C:\Program Files (x86)\Online Games Manager\ogmservice.exe" --service-run [RealNetworks, Inc.] Qualcomm Atheros Killer Service V2, Qualcomm Atheros Killer Service V2, "C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe" [Qualcomm Atheros] TeamViewer 10, TeamViewer, "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [TeamViewer GmbH] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> SystemEventsBroker, Service <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> SystemEventsBroker, Service <> PEVSystemStart, Service ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=89 folders=55 21257593 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\PERRE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 14/07/2015 at 21:49:30,67 ======================