Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Rian on vr 12-02-2016 at 9:32:33,82. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Rian\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 12-2-2016 09:36:37 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\WinZip Registry Optimizer deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Webroot deleted successfully C:\PROGRA~3\374311380 deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Evernote deleted successfully C:\PROGRA~3\PCSettings deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Rian\AppData\Local\ActiveSync deleted successfully C:\Users\Rian\AppData\Local\EgisTec deleted successfully C:\Users\Rian\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Rian\AppData\Local\EmieSiteList deleted successfully C:\Users\Rian\AppData\Local\EmieUserList deleted successfully C:\Users\Rian\AppData\Local\NetworkTiles deleted successfully C:\Users\Rian\AppData\Local\PACE Anti-Piracy deleted successfully C:\Users\Rian\AppData\Local\PackageAware deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5FF77D2C-5116-412E-ACE4-5EFC35169943} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6E336D7B-8702-46E3-A5D7-0A181594DEF0} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D44A86C1-1844-4622-980B-C5E9CE1FE375} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1427B4D2-9704-4BBD-ACC3-3D5ACFB79868} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1427B4D2-9704-4BBD-ACC3-3D5ACFB79868} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65} deleted successfully HKEY_CLASSES_ROOT\CLSID\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{97ab88ef-346b-4179-a0b1-7445896547a5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{43699cd0-e34f-11de-8a39-0800200c9a66} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{43699cd0-e34f-11de-8a39-0800200c9a66} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4169044D-6BA4-4661-B7D6-E29274F1F458} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{97ab88ef-346b-4179-a0b1-7445896547a5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{97ab88ef-346b-4179-a0b1-7445896547a5} deleted successfully ==== Installed Programs ====================== clear.fi SDK- Movie 2 clear.fi SDK - MVP 2 ???? ???? ????? ???? Windows Live ????? Windows Live ?????? ??????? ???????? ?????????? Windows Live ?????????? ?????????? (????????????? ??????) ??????????? æTorrent Acer Backup Manager Acer Crystal Eye Webcam Acer ePower Management Acer eRecovery Management Acer Instant Update Service Acer ScreenSaver Acer Updater Adobe AIR Adobe Creative Cloud Adobe Help Manager Adobe Media Player Adobe Photoshop CS5 Adobe Reader XI (11.0.14) - Nederlands Adobe Refresh Manager Adobe Shockwave Player 11.6 Adobe Story Agatha Christie - Death on the Nile Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update Atheros Bluetooth Suite (64) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver AVG AVG 2015 AVG PC Tuneup 2011 AVG SafeGuard toolbar AVG Zen Backup Manager V3 Bejeweled 3 Bonjour CCleaner Chuzzle Deluxe clear.fi Media clear.fi Photo CyberLink MediaEspresso D3DX10 Dolby Home Theater v4 ELAN Touchpad 15.6.3.3_X64_WHQL EZdok Camera for Microsoft Flight Simulator X FATE Final Drive: Nitro FMW 1 Fotogal‚ria Fotogalerie Fotogalerija Fotogalleri Fotogalleriet Fotograf Galerisi Fot¢t r Galeria de Fotografias Galeria de Fotos Galer¡a de fotos Galeria fotogr…fica Galeria fotografii Galerie de photos Galerie foto Galerija fotografija Google Chrome Google Earth Google Update Helper GoPro App GoPro Studio 2.5.5 Grand Theft Auto IV HP Deskjet 3070 B611 series Basissoftware van het apparaat HP Deskjet 3070 B611 series Haelp HP Deskjet 3070 B611 series Productverbeteringsonderzoek HP Update HPDiagnosticAlert HPSSupply iCloud Identity Card Insaniquarium Deluxe Intel(R) Control Center Intel(R) Management Engine Components Intel(R) OpenCL CPU Runtime Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) Turbo Boost Technology Monitor 2.5 Intel(R) USB 3.0 eXtensible Host Controller Driver Intel© Trusted Connect Service Client IPVanish IPVanish VPN iTunes Java 8 Update 73 Java 8 Update 73 (64-bit) Java Auto Updater Jewel Match 3 Jewel Quest Mysteries: The Seventh Gate Collector's Edition John Deere Drive Green Junk Mail filter update Knoll Light Factory Photo 64 bit Launch Manager Logitech Gaming Software 5.10 mccPILOTLOG Media Player Classic - Home Cinema 1.6.1.4235 MergeModule_x86 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft ASP.NET MVC 4 Runtime Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64) Microsoft Flight Simulator X Service Pack 1 Microsoft Flight Simulator X Service Pack 2 Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft Xbox 360 Accessories 1.2 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 MixPad Movie Maker MSVCRT MSVCRT Redists MSVCRT_amd64 MSVCRT110 MSVCRT110_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Music Manager NewBlue Video Essentials for Windows NL2000V4_installer NVIDIA-configuratiescherm 353.54 NVIDIA GeForce Experience 2.9.1.22 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 353.54 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA Optimus Update 2.9.1.22 NVIDIA PhysX NVIDIA PhysX Systeem Software 9.15.0428 NVIDIA ShadowPlay 2.9.1.22 NVIDIA Update 2.9.1.22 NVIDIA Update Core NVIDIA Virtual Audio 1.2.34 OpenAL Paint.NET v3.5.10 PDF Settings CS5 PDF Split And Merge Basic Penguins Photo Common Photo Gallery Photo to Cartoon Plants vs. Zombies - Game of the Year PlayMemories Home PMB_ModeEditor PMB_ServiceUploader PMDG 737 8900 NGX PMDGMD11X_GE_H2 PMDGMD11X_GE_KL1 PMDGMD11X_GE_LH PMDGMD11X_GE_TG PMDGMD11X_GE_VS PMDGMD11X_PW_AC PMDGMD11X_PW_DL2 PMDGMD11X_PW_QF PMDGMD11X_PW_SR PMDGMD11X_PW_UA3 PMDGMD11XF_PW_5XF PMDGMD11XF_PW_FXF PMDGMD11XF_PW_MPF1 Poczta uslugi Windows Live Podstawowe programy Windows Live Polar Bowler Posta Windows Live PS3 Media Server Qualcomm Atheros Direct Connect Qualcomm Atheros WiFi Driver Installation QuickTime 7 Raccolta foto Rapture3D 2.3.22 Game Realtek High Definition Audio Driver Realtek PCIE Card Reader S?????? f?t???af??? Screencast-O-Matic Search.us.com Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881067) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085549) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085616) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3085620) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB3114742) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB2596614) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114548) 32-Bit Edition Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114745) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB3114741) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687406) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB3114429) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2880506) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB3114748) 32-Bit Edition SHIELD Streaming SHIELD Wireless Controller Driver SketchUp 2016 Skype Click to Call SkypeT 7.0 Slingo Deluxe Smart View 2.0 Soda PDF 6 Soda PDF 6 View Module Solar System - Earth 3D Screensaver v1.8 Spotify swMSM TomTom HOME TomTom HOME Visual Studio Merge Modules Topaz Adjust 5 Topaz Clean 3 Topaz Detail 3 Topaz Fusion Express 2 Topaz Fusion Express 2 (64-bit) Torchlight Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3114743) 32-Bit Edition Update Installer for WildTangent Games App Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Valokuvavalikoima VFW_Codec32 VFW_Codec64 Virtual Villagers 4 - The Tree of Life Visual Studio 2008 x64 Redistributables Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables VLC media player 2.1.1 Voxal Voice Changer WavePad Sound Editor Web Assistant 2.0.0.572 Wedding Dash Welcome Center WildTangent Games App (Acer Games) Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) Windows Live ??? Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalleri Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Par‡alar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Liven peruspaketti Windows Liven s„hk”posti Windows Media Player Firefox Plugin WinRAR 4.20 (64-bit) Zuma Deluxe ==== Running Processes ====================== C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe C:\Program Files (x86)\Launch Manager\LMutilps32.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\WINDOWS\SysWOW64\ctfmon.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Windows Live\Mail\wlmail.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rian\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Rian\AppData\Local\Google\Chrome\Application\chrome.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1427B4D2-9704-4BBD-ACC3-3D5ACFB79868}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c6673938-a52b-4dc6-af05-783e7e2c8b65}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c8d5d964-2be8-4c5b-8cf5-6e975aa88504}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Rian\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"=- "Uninstall C:\Users\Rian\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Registry Helper] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Rian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\WinZip Registry Optimizer not found C:\Program Files (x86)\Mobogenie not found C:\Program Files (x86)\Registry Helper not found C:\Users\Rian\AppData\Roaming\Search Protection not found C:\Users\Rian\AppData\Roaming\calibre deleted C:\Program Files (x86)\AVG SafeGuard toolbar deleted C:\PROGRA~3\DivX deleted C:\PROGRA~3\RightClick deleted C:\PROGRA~2\Smart Driver Updater deleted C:\PROGRA~2\Media Player Classic - Home Cinema deleted C:\Program Files\IB Updater deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\Rian\AppData\Roaming\Smart Driver Updater deleted C:\PROGRA~3\Registry Helper deleted C:\PROGRA~3\AVG Security Toolbar deleted C:\PROGRA~3\Strongvault Online Backup deleted C:\PROGRA~3\Vaudix deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\Download and Sa deleted C:\PROGRA~3\InstallMate deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\PROGRA~3\Tarma Installer deleted C:\PROGRA~3\Premium deleted C:\PROGRA~3\Package Cache deleted C:\Users\Default\AppData\Local\SearchProtect deleted C:\Users\DefaultAppPool\AppData\Local\SearchProtect deleted C:\Users\Rian\AppData\Local\AVG SafeGuard toolbar deleted C:\Users\Rian\AppData\Local\Mobogenie deleted C:\Users\Rian\AppData\Local\cache deleted C:\Users\Rian\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater deleted C:\Users\Rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\Rian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup deleted C:\Users\Rian\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\Rian\AppData\LocalLow\Softonic deleted C:\Users\Rian\AppData\LocalLow\Incredibar.com deleted C:\Users\Rian\AppData\LocalLow\Conduit deleted C:\Users\Rian\AppData\LocalLow\Toolbar4 deleted C:\AI_RecycleBin deleted C:\windows\SysNative\tasks\YourFile Update deleted C:\windows\SysNative\tasks\DealPly deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\WINDOWS\Syswow64\REN33D7.tmp deleted C:\WINDOWS\Syswow64\tmpCB7C.tmp deleted C:\WINDOWS\Syswow64\tmpCBCC.tmp deleted C:\WINDOWS\Syswow64\RegistryHelperLM.ocx deleted C:\WINDOWS\Syswow64\Hotspot Shield deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted "C:\Users\Rian\AppData\Roaming\date" deleted "C:\Users\Rian\AppData\Roaming\evf9" deleted "C:\Users\Rian\AppData\Roaming\Origin" deleted ==== System Specs ====================== Operating System: Microsoft Windows 10 Home 10.0.10586 64 bits Manufacturer: Acer - Model: Aspire V3-771 Install Date: 28-12-2015 05:27:32 Last Boot: 12-2-2016 08:47:32 Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Number of Processors: 4 Work Station Bootmode: Normal boot Total RAM: 8030 MB (free 5670 MB - 70) Computername: Rian-PC Domain: WORKGROUP User: Rian (Non-Administrator account) Local Disk: C:\ - NTFS - 449 GB (free 270 GB) CD \ DVD Drive: D:\ Bootdevice: \Device\HarddiskVolume2 Windows update: Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Google Chrome 48.0.2564.109 Internet Explorer Version: 11.103.10586.0 Adobe Reader version: 11.0.14.16 Sun Java version: 1.8.0_73 (32-bit) Sun Java version: 1.8.0_73 (64-bit) Shockwave Player version: 11.6.8r638 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-02-10 11:02:51 95D730526EF81792CD6848D8D10FAA1C 4502352 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Rian\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2016-02-10 11:03:07 8098C092B1C51D918C7FD17A0BC1B93A 18678272 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 11:03:05 A898C851127646F4F657BBC7CD9DB987 19339776 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 11:03:04 3B0CA32C396D84B4D3984177EA615F07 12125696 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 11:03:00 01BFC0BC4D4986C7911B5A120E0EAC7B 9918976 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 11:02:59 8B9DDC7866BD9B1A502D000D39CD40E3 5242496 ----a-w- C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 11:02:58 0FAFB579F8D0DD97D62EAF87AE552B03 21124344 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 11:02:53 FBF8BBB141504F661FA7F6864D95C16B 2230784 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 11:02:53 E6EE0236D61AE1B946B9FE7F059C694F 5662208 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 11:02:52 00ECC00ED8713D7FDE30323237C5CAEF 792064 ----a-w- C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 11:02:51 F29FE67D93D1EC698D8FE7B0A5BB32F1 1542816 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 11:02:50 FCBCED2A237DCD7EF86CED551B731742 4064320 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 11:02:49 F02A0D9F011212BC96B6DEF4F0E42AE9 1504768 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 11:02:49 CBE2DFB96C188DC8913B0CCBFA50C2FF 1824264 ----a-w- C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 11:02:49 52C8B2C9A9F61F2F1BE133E6015FA288 2919320 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 11:02:48 838A36729CEC0E27D760AFE625104BB6 1557776 ----a-w- C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 11:02:48 7FCEAC6F67C822B63306D1F6CB8B8A4B 3666432 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 11:02:47 A9EEEFE4CFF7EEA891C77169A4C43D0A 295264 ----a-w- C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 11:02:46 6EB3A9117D1849AE452110A2C66CC411 820704 ----a-w- C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 11:02:45 F87C928A9C09611670BBF6533281003C 162816 ----a-w- C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 11:02:45 F7169F42A954DEAD789529859921BD36 81112 ----a-w- C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 11:02:44 EC0F9E1BF64F2162F232C072BB1D6768 45568 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 11:02:44 AD18802933E2F0BD9FDE02FF35D8AEC3 118272 ----a-w- C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 11:02:44 0FC0E3CA4D36EB8A3BC1BA48436C1645 63488 ----a-w- C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 11:02:44 0B247775E6D85763E490BAE3B7CE0CB9 31232 ----a-w- C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 11:02:43 F7F4D3C8F419097D5219C80B811978A9 203264 ----a-w- C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 11:02:43 529D8C676C042EC2E6930221F81C1A4A 99840 ----a-w- C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 11:02:43 3ADA661523773B1A461CCA2BB1E4478B 65536 ----a-w- C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-09 09:57:21 2DBF8994FEB3884119B44095477FE080 97888 ----a-w- C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-09 09:57:21 2211C51BABE577798343D69F818E25AB 278624 ----a-w- C:\WINDOWS\SysWOW64\javaws.exe 2016-02-08 19:38:14 19F2050EA8A725657120089B5EFE4D4F 90768 ----a-w- C:\WINDOWS\SysWOW64\nvaudcap32v.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2016-02-10 11:03:03 1CA392E9520D8B86CFC484DE04B39F55 22394368 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2016-02-10 11:03:02 5343CC447AA0BEE71ECADCCDB5670F9A 13382656 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2016-02-10 11:03:02 1C772A877B4724F7F56117FB899C740C 3592704 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2016-02-10 11:03:01 4844C11E00F0ED6100B3375C216BFB49 24603136 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2016-02-10 11:02:59 5CADC12CD7D8C21952AF932EFD1707B7 11545088 ----a-w- C:\WINDOWS\Sysnative\twinui.dll 2016-02-10 11:02:58 3BFD141B784459A10F1DA623B7BE5E6C 6605544 ----a-w- C:\WINDOWS\Sysnative\windows.storage.dll 2016-02-10 11:02:56 3D6CDEB19DE3D9FD55533C28ED664EA0 22564328 ----a-w- C:\WINDOWS\Sysnative\shell32.dll 2016-02-10 11:02:55 F25D44D09132849746A080D9BAE331D9 7835648 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2016-02-10 11:02:55 E0D72868E01C22B985A9341F8295613B 2757120 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2016-02-10 11:02:55 380A4E413E227A6445FDB5244181BAFF 1087488 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll 2016-02-10 11:02:54 A2001D2C8E6C237B8F01E4375B16AF4E 7476064 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2016-02-10 11:02:52 F23708D1B4C792F35CF40710804D51A4 4894720 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2016-02-10 11:02:52 B67BE37DB6E01693A8529DBC4B2A1C88 970752 ----a-w- C:\WINDOWS\Sysnative\kerberos.dll 2016-02-10 11:02:52 80D6AF1D9BE30E386322E9E723F7B6DE 1387520 ----a-w- C:\WINDOWS\Sysnative\lsasrv.dll 2016-02-10 11:02:51 9B98D38675D854AE9D5DC06AE62E5E53 2275328 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll 2016-02-10 11:02:51 95F1566DEB77160095EC236964EE506D 1734656 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2016-02-10 11:02:50 C402B84B789382748EEEC04284781732 2606824 ----a-w- C:\WINDOWS\Sysnative\combase.dll 2016-02-10 11:02:50 C2737837E8DE02DCEE93EB9E0492E607 1819720 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2016-02-10 11:02:48 B0AD1A1DCBD8690F11C44708610974B9 1997328 ----a-w- C:\WINDOWS\Sysnative\KernelBase.dll 2016-02-10 11:02:47 D02F3E132E6AD02F2CB4F9991FB77B56 1270072 ----a-w- C:\WINDOWS\Sysnative\WinTypes.dll 2016-02-10 11:02:47 AAD4516753A9EDD1CF93B81E8B5D0CE5 359776 ----a-w- C:\WINDOWS\Sysnative\msv1_0.dll 2016-02-10 11:02:46 D53F94A3F5DA461209C6128D5337FFF1 304752 ----a-w- C:\WINDOWS\Sysnative\systemreset.exe 2016-02-10 11:02:46 0319FFA35F366D2FD1C9776DAA98FE96 299008 ----a-w- C:\WINDOWS\Sysnative\microsoft-windows-system-events.dll 2016-02-10 11:02:45 FAB5054707064EA9881954F98D9150C0 85320 ----a-w- C:\WINDOWS\Sysnative\OpenWith.exe 2016-02-10 11:02:45 C177128E60700E43109584F33D0430F9 258048 ----a-w- C:\WINDOWS\Sysnative\iassam.dll 2016-02-10 11:02:45 8A48AEAACC0F44E999BEC15BF017E74B 36864 ----a-w- C:\WINDOWS\Sysnative\ztrace_maps.dll 2016-02-10 11:02:45 1C375486D1F6D0DD5281B76C750EEFA3 147456 ----a-w- C:\WINDOWS\Sysnative\mtxoci.dll 2016-02-10 11:02:44 D974EACE921C3B1C78DD29334CC7F861 109056 ----a-w- C:\WINDOWS\Sysnative\hlink.dll 2016-02-10 11:02:44 BAAB5AE1EC2A970C16FDA670882EEE39 79360 ----a-w- C:\WINDOWS\Sysnative\cfgbkend.dll 2016-02-10 11:02:44 00FFABBFBEE8A064DF817885187B1D8B 52224 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll 2016-02-10 11:02:43 DE4D2583E70B89D027CF9C5ABCD3673B 764928 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2016-02-10 11:02:43 DD4C204506488414C8980B925445481C 99328 ----a-w- C:\WINDOWS\Sysnative\ngckeyenum.dll 2016-02-10 11:02:43 AA94C58A205952A01A58C3D18E4B987F 69632 ----a-w- C:\WINDOWS\Sysnative\wininetlui.dll 2016-02-08 19:57:06 FF97BC35DA938684634492DA69DE1033 5096627 ----a-w- C:\WINDOWS\Sysnative\nvcoproc.bin 2016-02-08 19:57:06 F49929E1249B951D5CAEA622E6ED455C 1059984 ----a-w- C:\WINDOWS\Sysnative\nv3dappshext.dll 2016-02-08 19:57:06 E8A524D10C99A39992148703CEC60185 3493008 ----a-w- C:\WINDOWS\Sysnative\nvsvc64.dll 2016-02-08 19:57:06 9AC2925125E34EE169173D212866F666 62792 ----a-w- C:\WINDOWS\Sysnative\nvshext.dll 2016-02-08 19:57:06 1B44B5244EAF26BEC315AE84B0AFFC66 937616 ----a-w- C:\WINDOWS\Sysnative\nvvsvc.exe 2016-02-08 19:57:06 083495DA4CFDFBB6AB3C44B05B7BA265 75080 ----a-w- C:\WINDOWS\Sysnative\nv3dappshextr.dll 2016-02-08 19:57:05 8D02DE6F669FB1D581771150A03DE4B4 385168 ----a-w- C:\WINDOWS\Sysnative\nvmctray.dll 2016-02-08 19:57:05 346D3B40EE85127A1FD664FD2A978B5B 2558792 ----a-w- C:\WINDOWS\Sysnative\nvsvcr.dll 2016-02-08 19:57:05 26836E4F6E6602D3418E49F7EA801A52 6873744 ----a-w- C:\WINDOWS\Sysnative\nvcpl.dll 2016-02-08 19:39:06 70F213DCE4F5530086A00B8A8532D8CC 112032 ----a-w- C:\WINDOWS\Sysnative\NvRtmpStreamer64.dll 2016-02-08 19:38:14 8776536A8734F3C2A5313AFA7291DC49 99472 ----a-w- C:\WINDOWS\Sysnative\nvaudcap64v.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2016-02-10 11:03:02 CC0A2F91C231E0D25EE3DBBF11B660D9 1998176 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-02-10 11:02:55 299B5570571185DB929194C40A1A0DB0 576352 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-02-10 11:02:45 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-02-10 11:02:44 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-01-28 08:29:03 318E816717431D3C23DC82779900C744 1089880 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-01-28 08:28:46 F259A45D6B555B14CC8365AA6BC8DC20 67072 ----a-w- C:\WINDOWS\Sysnative\drivers\usbser.sys 2016-01-22 11:53:44 57544F5CB6000CF55F7B437109A01F65 255920 ----a-w- C:\WINDOWS\Sysnative\drivers\avgmfx64.sys ====== C:\WINDOWS\Tasks ====== 2016-02-07 12:30:17 971E16BCDF3DE168ADF75224B66FC1DC 4180 ----a-w- C:\WINDOWS\Sysnative\Tasks\User_Feed_Synchronization-{3481091E-1E4A-4A8A-B958-6C1FDAD2E78E} ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-02-07 12:19:48 -------- d-----w- C:\Program Files\trend micro 2016-01-18 10:02:57 -------- d-----w- C:\Program Files\SketchUp ======= C:\PROGRA~2 ===== 2016-02-09 09:55:08 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-02-07 12:18:11 -------- d-----w- C:\PROGRA~2\EZCA ======= C: ===== ====== C:\Users\Rian\AppData\Roaming ====== 2016-02-08 19:46:57 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps 2016-02-07 11:19:26 -------- d-----w- C:\Users\SIMULATION\AppData\Roaming ====== C:\Users\Rian ====== 2016-02-09 09:54:26 -------- d-----w- C:\Users\Rian\.oracle_jre_usage 2016-02-07 15:45:45 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2016-02-07 12:19:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Rian\Downloads\RSITx64.exe 2016-02-07 12:18:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA 2016-02-07 12:14:52 697E634F717AAE8C0A2794756EF5826A 218123672 ----a-w- C:\Users\Rian\Downloads\fsx_sp1_ENU.exe 2016-02-07 11:19:26 -------- d-----w- C:\Users\SIMULATION\AppData 2016-02-07 11:05:19 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Searches 2016-02-07 11:05:19 -------- d-----r- C:\WINDOWS\sysWoW64\config\systemprofile\Music 2016-01-18 10:13:45 65D42B5A898C27AC5E1FBE3E4BF34292 9664558 ----a-w- C:\Users\Rian\Untitled.skb 2016-01-18 10:08:09 F1758097F5ABF291B615A6209548C879 9664561 ----a-w- C:\Users\Rian\Untitled.skp 2016-01-18 10:03:40 -------- d---a-w- C:\ProgramData\Reprise 2016-01-18 10:03:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2016 2016-01-18 10:02:58 -------- d-----w- C:\ProgramData\SketchUp ====== C: exe-files == 2016-02-09 09:54:47 F3D4E3164D92FE6700FF18D87B1D8047 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\pack200.exe 2016-02-09 09:54:47 F1BA5CDF0370D6390E54EAEEDAFAD3F2 197216 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\unpack200.exe 2016-02-09 09:54:47 F1010A27A884EEE5D26926B81579876B 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\policytool.exe 2016-02-09 09:54:47 DBA8ED65887B3B35CE5BE9C88EE1EE35 206944 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\java.exe 2016-02-09 09:54:47 D16726E4994997018D072A6E355B5314 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\servertool.exe 2016-02-09 09:54:47 C944DDBB55E1B22096C209D79BDD5181 76896 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javacpl.exe 2016-02-09 09:54:47 C8EFA7B1032D44BCD3464633D2625DEC 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\keytool.exe 2016-02-09 09:54:47 C7F5165C7360B967E486456CA0A3E522 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\klist.exe 2016-02-09 09:54:47 C2855765B844E9A85004ECE863B60467 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\rmid.exe 2016-02-09 09:54:47 ADA50C98D597DD13F37341DBA8F02BB9 206944 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javaw.exe 2016-02-09 09:54:47 AB89FF604FBE1F3FC07CDF1748C0AD2E 326752 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\javaws.exe 2016-02-09 09:54:47 9DF50EE25CD16D6193AB4410B9397AF7 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\java-rmi.exe 2016-02-09 09:54:47 86B91195E3F20C16A4A7939E874DD0D7 100448 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jp2launcher.exe 2016-02-09 09:54:47 6DB35269F13AF4038F04B0DBB8FE6721 34400 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jabswitch.exe 2016-02-09 09:54:47 64A852A88245102D3985F46F8652C1E6 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\ktab.exe 2016-02-09 09:54:47 6225C4705CA350DE6F794C70EA9CBAEE 15968 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\jjs.exe 2016-02-09 09:54:47 54B2D7D49E384C889C0E5D0F2A614FED 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\tnameserv.exe 2016-02-09 09:54:47 3E80095D364B17CFC4AFCD87C53E81DB 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\kinit.exe 2016-02-09 09:54:47 3B3F1542526F195793E42423002AEFFB 66144 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\ssvagent.exe 2016-02-09 09:54:47 0AE097899108472D9EDFCF45B316E97E 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\orbd.exe 2016-02-09 09:54:47 0352BB7AE4A6EC6C0E34C01FF92B10DC 16480 ----a-w- C:\Program Files\Java\jre1.8.0_73\bin\rmiregistry.exe 2016-02-09 09:54:16 DB409F9BD2FA779E75835B1E0FE1181C 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\unpack200.exe 2016-02-09 09:54:16 C84504D069A78BE5E4444EA06AA5E102 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\orbd.exe 2016-02-09 09:54:16 B100697A0837596183F3BBD94448F68E 30816 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jabswitch.exe 2016-02-09 09:54:16 ABC1BAF673FA608029D45EB6C78E1D04 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssvagent.exe 2016-02-09 09:54:16 AB6E988F108E2437E65536F3F5550BA2 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\ktab.exe 2016-02-09 09:54:16 A3AA0A0935506C7ECA6EF2F584CD416F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\policytool.exe 2016-02-09 09:54:16 8BD1E7120713F9581645D5FDD14B8D25 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmid.exe 2016-02-09 09:54:16 876744373E18627410A9F23C348C5D9E 76896 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2launcher.exe 2016-02-09 09:54:16 6ABADA3CA8DC4AC2AFDA69A6836C362F 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\pack200.exe 2016-02-09 09:54:16 66550F1F363BC66AFD9A530AD8CB6570 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\kinit.exe 2016-02-09 09:54:16 5B98DCE4893425BA4F08C2BE134CABE5 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe 2016-02-09 09:54:16 4383D5735FD7743D01AD04E9AAD1D6CF 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\keytool.exe 2016-02-09 09:54:16 3B74EE580794FCBDE389639E9D8ECEFB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmiregistry.exe 2016-02-09 09:54:16 328A57535A2B74C924FA34DD29039E9D 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java-rmi.exe 2016-02-09 09:54:16 2942578781EFB763366176C015F09ACD 16480 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\tnameserv.exe 2016-02-09 09:54:16 249C1C8BD8AC9568E5C5A0EC2FB39018 191072 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\java.exe 2016-02-09 09:54:16 237CDD69D6E3866533B402F321A11A4E 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe 2016-02-09 09:54:16 2211C51BABE577798343D69F818E25AB 278624 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaws.exe 2016-02-09 09:54:16 16E2FE80EE89DCCA1907D97E34656E19 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\jjs.exe 2016-02-09 09:54:16 0A7708846A0629D518739075A40DDD06 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\servertool.exe 2016-02-09 09:54:16 04E0265E964D9ECB07B105D456B96982 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\bin\klist.exe 2016-02-08 19:57:23 774762F36F97F49D9C9FA24DA10FEFE3 420800 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{8A63849E-C606-43B4-B751-9F351B9BD6BB}\setup.exe 2016-02-08 19:57:05 DB1EC96C28212D0EAE597317EEFF6D67 1253008 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe 2016-02-08 19:57:05 3244E954707B649F16ECB3D94CE56600 2447688 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe 2016-02-08 19:57:05 1FE48F0A7F1A19175D330E85FCB46E30 62096 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe 2016-02-08 19:57:05 1D79EFA8A44FBE19CE593C44CF01AE3C 62280 ----a-w- C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe 2016-02-08 19:57:02 B97485DF340ADAAD026F305E49911368 3405968 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\NvGpuUtilization.exe 2016-02-08 19:57:02 AAE0A5221483812B568755B040676FC2 12730512 ----a-w- C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe 2016-02-08 19:56:47 B12A490B9F29FC2A8DFAD0103B8B9448 76096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\nvsetup.exe 2016-02-08 19:56:47 9F9CCDB1670C8E86A94F68DBC0B4A6B3 98120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\NvSplashService.exe 2016-02-08 19:56:47 9F5353C5B8612ACA4918F70E349BF963 2701968 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\GeForce_iCafe.exe 2016-02-08 19:56:47 98EFF0A63C2819A3911BBF64E10AFE75 28923840 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\NvCplSetupEng.exe 2016-02-08 19:56:47 1A12F30A2148A272624C405290E331F4 2337936 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\NvSplash.exe 2016-02-08 19:56:46 D38D47C59E7BC370B35AD82B4A99B598 448144 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\dbInstaller.exe 2016-02-08 19:56:46 488D6757832666153B08155F45DE0216 95305888 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BBE4697B-F0DD-4551-9A0C-63E9BFD3B3BA}\NvCplSetupInt.exe 2016-02-08 19:40:15 62BDF598124488D50DCF855A95FDE0FD 389921688 ----a-w- C:\ProgramData\NVIDIA Corporation\NetService\82adada0-446f-4cd3-a898-e380399fad3e\361.75-notebook-win10-64bit-international-whql-g.exe 2016-02-08 19:39:06 ECF15114221AE14B0911EBE8273A8ADD 321312 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe 2016-02-08 19:37:27 8C19428C0BBE189A7E844FB6B1F1F9B1 1879488 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{5CA3A6E0-8AF6-4B72-81F5-A18E6C1ABC5A}\NVNetworkService.exe 2016-02-08 16:53:49 ED38F21247F5BC1794FCED42148E4FC6 24488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2016-02-08 16:53:49 DFCB2B68BCB2638E5136F2256B901685 25512 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe 2016-02-08 16:53:49 C4B31584AEE23E717E6448B658FF3696 6935848 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2016-02-08 16:53:49 835A8CE22977ADC3C32EA500B27BAD61 25512 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2016-02-08 16:53:49 72C6D53BD15ADD13F006D94D28333E0B 71592 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe 2016-02-07 12:34:41 2C03A49F571FDEF985E3B50002DC12D0 1193984 ----a-w- C:\FSX\PMDG\Livery Manager\PMDG_Livery_Manager.exe 2016-02-07 12:33:00 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{20708FD5-E94D-4097-A21E-E28564CDBC06}\setup.exe 2016-02-07 12:19:49 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Rian.exe 2016-02-07 12:18:11 DD09943FED016F36B7E014039F1324A8 83825 ----a-w- C:\Program Files (x86)\EZCA\UnEZCA.exe === C: other files == 2016-02-12 08:58:56 A29030FB93B2E48EDD124749881406CE 943211 ----a-w- C:\Users\Rian\AppData\Local\Temp\sysspec\SysSpec.zip 2016-02-10 11:03:02 CC0A2F91C231E0D25EE3DBBF11B660D9 1998176 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-02-10 11:03:02 1C772A877B4724F7F56117FB899C740C 3592704 ----a-w- C:\Windows\System32\win32kfull.sys 2016-02-10 11:02:55 299B5570571185DB929194C40A1A0DB0 576352 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys 2016-02-10 11:02:45 A1105260EEEE3DBD8D38FD054B22BD00 604928 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-02-10 11:02:44 BF6CA7EA5ECD6CF72D3D76652A9B8280 144384 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2016-02-09 09:54:47 2BC369B33B11EA3EE4A2EB869EFB3E4E 14130 ----a-w- C:\Program Files\Java\jre1.8.0_73\lib\deploy\ffjcext.zip 2016-02-09 09:54:16 EFE4B4EBEBBF14DE84461AFCC281DA12 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_73\lib\deploy\ffjcext.zip 2016-02-08 19:57:25 77457487D2E157DEC32D153F1CFB7308 435784 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{48F03371-3B4B-45FF-9653-4877EA4C7F06}\nvstusb32.sys 2016-02-08 19:57:25 624C1453F9109D98F7E2612DAD76BBB1 195912 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{B801F64B-11E4-4D32-B3B8-09DB48AC15BE}\nvhda64v.sys 2016-02-08 19:57:25 4398DCC9BA21E1BE911A13BD18C63481 452240 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{48F03371-3B4B-45FF-9653-4877EA4C7F06}\nvstusb64.sys 2016-02-08 19:57:25 14E6524D68B4ED54654431773A446927 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{B801F64B-11E4-4D32-B3B8-09DB48AC15BE}\nvhda64.sys 2016-02-08 19:57:24 7D6348EC738067F8E8D132DAB4789CF0 162624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{B801F64B-11E4-4D32-B3B8-09DB48AC15BE}\nvhda32v.sys 2016-02-08 19:57:24 0792E412AD42A49BB2C09F704F37F309 127888 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{B801F64B-11E4-4D32-B3B8-09DB48AC15BE}\nvhda32.sys 2016-02-08 19:57:23 F895CCCC4DF4282DB632F31712B4BF0B 21440 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{8A63849E-C606-43B4-B751-9F351B9BD6BB}\NVI2SystemService32.sys 2016-02-08 19:57:23 1DC51A2C46A4F8FD61DC7CAFDA68D0C0 22464 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{8A63849E-C606-43B4-B751-9F351B9BD6BB}\NVI2SystemService64.sys 2016-02-08 19:45:37 64E8275CEAD43D3CA8E3A311B2F4B64A 47760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{B9DC2DFD-4E0E-4208-B155-B62236E218AE}\nvvad64v.sys 2016-02-08 19:45:37 0AAE6C356F1F7C723BA99FB41E32DE12 42128 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{B9DC2DFD-4E0E-4208-B155-B62236E218AE}\nvvad32v.sys 2016-02-08 19:38:15 9D9CAD70EA640AB8D3EB77BFAE6CABE2 28344 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F5C84DEB-659C-41F3-BF30-16AC696B1DC3}\NVSWCFilter64.sys 2016-02-08 19:38:15 7ABD081BB7A1A8CF7E3B1E64183AB812 24760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F5C84DEB-659C-41F3-BF30-16AC696B1DC3}\NVSWCFilter32.sys 2016-02-08 19:38:14 64E8275CEAD43D3CA8E3A311B2F4B64A 47760 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{4173861D-9396-4E01-8DDE-823C61E01EAF}\nvvad64v.sys 2016-02-08 19:38:14 0AAE6C356F1F7C723BA99FB41E32DE12 42128 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{4173861D-9396-4E01-8DDE-823C61E01EAF}\nvvad32v.sys 2016-02-08 17:10:50 A30703AB47BE6657ECDA7C585E061978 75179 ----a-w- C:\Users\Rian\AppData\Roaming\MCC Pilotlog\BackUp\mccPILOTLOG.BackupDatabase.20160208.1810.zip 2016-02-08 16:53:55 5C575BB5AD53A2CE98816EBFF2EB6A70 21216 ----a-w- C:\Users\Rian\AppData\Local\Microsoft\Windows\INetCache\IE\ZA6P8ZSV\mccpilotlog.airfields_update[1].zip 2016-02-07 18:55:37 BC1358E9C46E29C282104FBF20DC532A 1658674 ----a-w- C:\Users\Rian\Downloads\spacesniffer_1_3_0_0.zip 2016-02-05 13:00:19 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Rian\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\CollectOneDriveLogs.bat 2016-02-05 10:42:48 A25A33352E8739519A0B0945610C0350 73954 ----a-w- C:\Users\Rian\AppData\Roaming\MCC Pilotlog\BackUp\mccPILOTLOG.BackupDatabase.20160205.1142.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN17C364Y005MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" "uTorrent"="C:\Users\Rian\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "OneDrive"="C:\Users\Rian\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe /c" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "MusicManager"="C:\Users\Rian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe" "PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN17C364Y005MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1" "uTorrent"="C:\Users\Rian\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "OneDrive"="C:\Users\Rian\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Google Update"="C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe /c" "iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" "ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" "iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" "MusicManager"="C:\Users\Rian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" "IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "Start WingMan Profiler"="C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Creative Cloud" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Photo Downloader] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Photo Downloader" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Adobe\\Photoshop Elements 4.0\\apdproxy.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5.5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeCS5ServiceManager" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AppleIEDAV" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="ApplePhotoStreams" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BackupManagerTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\com.apple.dav.bookmarks.daemon] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="com.apple.dav.bookmarks.daemon" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\BookmarkDAV_client.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Pro Agent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DAEMON Tools Pro Agent" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\DAEMON Tools Pro\\DTAgent.exe\" -autorun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dropbox] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Dropbox" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe\" /systemstartup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Google Update" "hkey"="HKCU" "command"="\"C:\\Users\\Rian\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoPro Studio Importer] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GoPro Studio Importer" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\GoPro\\Tools\\Importer\\GoPro Importer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iCloudServices" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstantUpdate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="InstantUpdate" "hkey"="HKLM" "command"="C:\\Program Files\\Acer\\Acer Instant Service\\InstantUpdate\\iuDaemon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MusicManager] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="MusicManager" "hkey"="HKCU" "command"="\"C:\\Users\\Rian\\AppData\\Local\\Programs\\Google\\MusicManager\\MusicManager.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Norton Online Backup" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="QuickTime Task" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Remote Mouse] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Remote Mouse" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Remote Mouse\\RemoteMouse.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RGSC] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RGSC" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Rian\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Rian\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SwitchBoard" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Tuxler] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Tuxler" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Tuxler\\Tuxler.exe\" --auto-start" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\urlspace] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="urlspace" "hkey"="HKCU" "command"="C:\\Users\\Rian\\jingling_442265\\SEO_TRAFFIC.exe -h" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Rian\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\XboxStat] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="XboxStat" "hkey"="HKLM" "command"="\"C:\\Program Files\\Microsoft Xbox 360 Accessories\\XboxStat.exe\" silentrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GoPro Importer.lnk] "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\GoPro Importer.lnk" "backup"="C:\\Windows\\pss\\GoPro Importer.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\Program Files (x86)\\GoPro\\Tools\\Importer\\GoPro Importer.exe" "item"="GoPro Importer" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\Rian\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Rian\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Inktwaarschuwingen controleren - .lnk] "path"="C:\\Users\\Rian\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Inktwaarschuwingen controleren - .lnk" "backup"="C:\\Windows\\pss\\Inktwaarschuwingen controleren - .lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Windows\\system32\\RunDll32.exe \"C:\\Program Files\\HP\\HP Deskjet 3070 B611 series\\bin\\HPStatusBL.dll\",RunDLLEntry SERIALNUMBER=CN17C364Y005MQ;CONNECTION=NW;MONITOR=1;" "item"="Inktwaarschuwingen controleren - " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeActiveFileMonitor4.0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\c2cautoupdatesvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\c2cpnrsvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IconMan_R] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\OpenVPNService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RzKLService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SwitchBoard] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater18.1.9] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Web Assistant] ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05-08-2015 14:04] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3802055020-4190651341-422863216-1001Core.job --a-------- C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 19:25] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3802055020-4190651341-422863216-1001UA.job --a-------- C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe [28-08-2015 19:25] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-Rian-PC-Rian" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\WINDOWS\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe] "C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3802055020-4190651341-422863216-1001Core" [C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3802055020-4190651341-422863216-1001UA" [C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP Deskjet 3070 B611 series.exe_{1F024BE3-9500-4DB5-893A-9C1F83E77A27}" [C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HP Deskjet 3070 B611 series.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 3070 B611 series" ["C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\Origin" [C:\Users\Rian\AppData\Roaming\Origin\update.vbe] "C:\WINDOWS\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\WINDOWS\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{3481091E-1E4A-4A8A-B958-6C1FDAD2E78E}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\WINDOWS\SysNative\tasks\AVG\PC Tuneup 2011\Disk Defrag\Sheduled Defragmentation" [C:\Program Files (x86)\AVG\AVG PC Tuneup 2011\diskdefrag.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}"="C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Rian\AppData\Roaming\TomTom\HOME\Profiles\dogubgb6.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions apjkpjchfbckhjhokinlgdbmibpbbjak - C:\Users\Rian\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx[] dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[] jifflliplgeajjdhmkcfnngfpgbjonjg - C:\Program Files (x86)\Perion\NewTab\newTab.crx[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14-07-2014 18:22] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apjkpjchfbckhjhokinlgdbmibpbbjak - C:\Users\Rian\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx[] Chrome Web Store Payments - Rian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Chrome Web Store Payments - Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbartv.swagbucks.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdncache-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cdncache1-a.akamaihd.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovigo.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_auto.trovit.be_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_auto.trovit.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_immo.trovit.be_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_immo.trovit.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.local.smartshopping.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_airportnavfinder.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_finder.cox.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.saveur.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-g.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-l.media6degrees.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.adserverplus.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.afy11.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.download.cnet.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.go.affec.tv_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.media6degrees.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.turn.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.yieldads.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.yieldmanager.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adf.ly_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adnantechno.blogspot.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads-by.madadsmedia.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.adsonar.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.avsim.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.beringmedia.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.pro-market.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.pubmatic.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2srv.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.bicmedia.nl_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserving.bizcrank.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad.360yield.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ad.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.criteo.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.sv.us.criteo.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static0.demorgen.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static0.hln.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.himediads.com_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_static.himediads.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d3b3ehuo35wzeh.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3l3lkinz3f56t.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dkl2tqmjys2z2.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_servedby.dealply.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.ask.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_notfound-static.fwebservices.be_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.rentaldeals.gr_0.localstorage-journal deleted successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_windows-live-mail.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.crewdock.com/pport/web/login" "Default_Page_URL"="http://search.us.com/v/2/?guid={79212240-8114-47A3-A8AE-EB9BC6EC02D2}&serpv=17" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=01ed6d0e-5b90-4448-9c56-8b03a768aad9&searchtype=ds&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=01ed6d0e-5b90-4448-9c56-8b03a768aad9&searchtype=ds&q={searchTerms}" "SearchAssistant"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=BE&userid=01ed6d0e-5b90-4448-9c56-8b03a768aad9&searchtype=ds&q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="https://www.crewdock.com/pport/web/login" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - No_Url_Value HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox HKLM\Wow6432Node\SearchScopes "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox HKCU\SearchScopes "DefaultScope"="{43F372BB-9915-4C0A-B8B7-B860DE4235DD}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{43F372BB-9915-4C0A-B8B7-B860DE4235DD} - https://www.google.com/search?q={searchTerms} ==== Reset Google Chrome ====================== C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Preferences_bak was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3802055020-4190651341-422863216-1001\SOFTWARE\Mozilla\Firefox\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BE19569E-CB49-518F-77CB-1599CA8EE8AB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\com.apple.dav.bookmarks.daemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote Mouse deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tuxler deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\urlspace deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit= O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe" C:\Program Files (x86)\AVG\AVG2015\avgui.exe O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [HP Deskjet 3070 B611 series (NET)] "C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17C364Y005MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [uTorrent] "C:\Users\Rian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [OneDrive] "C:\Users\Rian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Users\Rian\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe O4 - HKCU\..\Run: [MusicManager] "C:\Users\Rian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (file missing) O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.5 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Rian\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rian\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Rian\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Rian\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Rian\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=794 folders=294 440228249 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Rian\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 12-02-2016 at 10:17:11,46 ======================