Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Aliegriet on zo 04-01-2015 at 8:47:29,86. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\ALIEGR~1\AppData\Local\Temp\Rar$EXa0.015\zoek.exe.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe C:\Program Files (x86)\AVG\AVG2013\avgfws.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe C:\Windows\SysWOW64\NLSSRV32.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe C:\Windows\system32\taskeng.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\ASUS\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Windows\AsScrPro.exe C:\Program Files\Elantech\ETDGesture.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe C:\Users\ALIEGR~1\AppData\Local\Temp\Rar$EXa0.015\zoek.exe.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 4-1-2015 8:51:17 Zoek.exe System Restore Point Created Succesfully. ==== Windows Installer Info ====================== ???? ??? Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2D60ACBF246433F42BA07ABAF3D0E296]C:\Windows\Installer\1f1ba2.msi ?????? ??????? ?? Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90F929EC35830814DB090367B4FF1763]C:\Windows\Installer\1f1b06.msi ???????? ?????????? Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\413CD38E629C4124DA854167196DEFF9]C:\Windows\Installer\1f18f8.msi ?????????? Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1AC96F77D35E77D4B83AAF7006C68C15]C:\Windows\Installer\1f1b88.msi Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\360D32EFD43992840A8D0036C47EB9A4]C:\Windows\Installer\3afcd71.msi Adobe Reader X (10.1.7) MUI [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA7FFFFB744AA0000000010]C:\Windows\Installer\1f1643.msi Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5A440F64B8EC691489E4B56D25E563D1]C:\Windows\Installer\1fbbdae0.msi Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\045F27F206F16624596059B2126D46D0]C:\Windows\Installer\1c3c586.msi Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\56A9756CEAC913B4B8B633600E36A066]C:\Windows\Installer\b313ba6.msi ASUS AI Recovery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6760F93DE36159549A712EF899BB4D2D]C:\Windows\Installer\1290f.msi ASUS Live Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\76E045AFC590B1A479ABD445D7CEA94F]C:\Windows\Installer\15ef9e.msi ASUS Power4Gear Hybrid [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB9326B958E40954D827153ED01B9AAA]C:\Windows\Installer\12903.msi ASUS Splendid Video Enhancement Technology [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\50FA96906FF400C4496034952983EDD0]C:\Windows\Installer\1293f.msi ASUS USB Charger Plus [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5E3E958AF26CAFB4FAD1B2590E1366FA]C:\Windows\Installer\12933.msi ASUS Virtual Camera [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F12DB8CE0AC0FBB4799DA4253B00141A]C:\Windows\Installer\1292d.msi ASUS Virtual Touch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4DBFC83925605E94BBB8519384689514]C:\Windows\Installer\128f7.msi ATK Package [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E339C5BAD7C503D43B41C9384AB949EB]C:\Windows\Installer\128f1.msi AVG 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\580F3D6DAEA35CB47A72DE17BC64B02D]C:\Windows\Installer\f53460d.msi AVG 2013 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\74D97021BA4A5EA49A752C60D223F853]C:\Windows\Installer\6cabb.msi Bonjour [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B0163E6D0340BE4183EB2758E9BEDD8]C:\Windows\Installer\1c3c52c.msi Control ActiveX de Windows Live Mesh para conexiones remotas [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2FD86640F23D5554C9E75325D3DC5644]C:\Windows\Installer\1f1c96.msi Contr“le ActiveX Windows Live Mesh pour connexions … distance [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4F300D559959FB44ABE9590D0637D03D]C:\Windows\Installer\1f1ca3.msi D3DX10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7BD4C90EC03660F46A13E87A329932FA]C:\Windows\Installer\1f1733.msi Fast Boot [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3F7A4F31CBAE1624FAB6317177F77055]C:\Windows\Installer\12927.msi Galeria de Fotografias do Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\675B0CE09F093C34F8DA4A09D24F8B4F]C:\Windows\Installer\1f1b54.msi Galerˇa fotogr fica de Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFE4A58E2F28EEC4A8E826DFDA53A366]C:\Windows\Installer\1f1ad2.msi Galerie de photos Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7430F8847A4C4734197A0318B8DE7A01]C:\Windows\Installer\1f1aec.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\b3ddc0e.msi IBM SPSS Statistics 20 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B7108FA2305EF804AAECA8334525AC2D]C:\Windows\Installer\786bd4.msi InstantOn for NB [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B476F94747628E7478C965620AB6A219]C:\Windows\Installer\12939.msi Intel(R) Manageability Engine Firmware Recovery Agent [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9A84C6AA49643243BAA2695B0669872]C:\Windows\Installer\128df.msi Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1AB63590894E3CC48B438D486AD7E743]C:\Windows\Installer\128d9.msi iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C471724E6909D046948C901B9EEC2FB]C:\Windows\Installer\1c3cfce.msi Java 8 Update 25 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208520F]C:\Windows\Installer\1e897756.msi LabelPrint [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C971C95CD8669A946BAE1012CCCF2134]C:\Windows\Installer\1dc43.msi Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE4EBED704B66673BB53C5BB3C58AD73]C:\Windows\Installer\43995899.msi Microsoft Application Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021599B0090400100000000F01FEC]C:\Windows\Installer\1f1662.msi Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\12d175f.msi Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC]C:\Windows\Installer\12d1772.msi Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\12d1717.msi Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\Windows\Installer\439955a5.msi Microsoft Office Groove MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0031400000000000F01FEC]C:\Windows\Installer\12d1728.msi Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\12d172d.msi Microsoft Office Office 64-bit Components 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20000000100000000F01FEC]C:\Windows\Installer\12d176a.msi Microsoft Office OneNote MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021091A0031400000000000F01FEC]C:\Windows\Installer\12d1764.msi Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\12d171d.msi Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\12d1723.msi Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\12d1737.msi Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\12d1748.msi Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\12d1742.msi Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\12d173c.msi Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\12d174d.msi Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\12d1753.msi Microsoft Office Shared 64-bit MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A20031400100000000F01FEC]C:\Windows\Installer\12d1732.msi Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\12d1712.msi Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\12d1759.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\55e40.msi Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D034B0FAA6BD374B960AAD30DF10D8B]C:\Windows\Installer\1f1a5b.msi Microsoft SQL Server Compact 3.5 SP2 ENU [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D30CF9A3586C138449FCE4FD3D474979]C:\Windows\Installer\d52e2cc.msi Microsoft SQL Server Compact 3.5 SP2 x64 ENU [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA93DA4DE19033D4BBB2956FCF8BDA3C]C:\Windows\Installer\d52e2d6.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\d52e2c4.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\8896a.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC]c:\Windows\Installer\128eb.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]c:\Windows\Installer\3afcd4e.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\Windows\Installer\120746e.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\Windows\Installer\128e5.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]C:\Windows\Installer\2f8c3.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\Windows\Installer\1207474.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]c:\Windows\Installer\11bfe.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\Windows\Installer\bb20.msi MSVCRT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6C64DD86500CEF47BA082BB611A1FF1]C:\Windows\Installer\1f16db.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\Windows\Installer\3d0770a.msi Nitro Pro 8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\783FB9CC7D6BC0940ABBDEA19FB840D9]C:\Windows\Installer\50cc86.msi NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B2DE647C58F1E429C05A552BF1E2C4]C:\Windows\Installer\bb19.msi PowerStarter [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42C6FBF1DF1C10144AB2C065F4E9E897]C:\Windows\Installer\1dc58.msi QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FD7EE11154CF7C04897A57A34CB621BF]C:\Windows\Installer\1fbbdd92.msi Raccolta foto di Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\007B61DEF19D0B4468C7E75B52C33AD8]C:\Windows\Installer\1f1b20.msi S?????? f?t???af??? t?? Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\19A2C00C3BC6F384083B92852E49861F]C:\Windows\Installer\1f1ab8.msi SceneSwitch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\275E2715571C08F46A5DC54B8562DA16]C:\Windows\Installer\12945.msi Skype Click to Call [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9A1221D6FB710CE4182F723DE03C7010]C:\Windows\Installer\2e29f5cf.msi SkypeT 6.22 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B]C:\Windows\Installer\49bcb.msi Visual Studio 2008 x64 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\06AEBDCF0F97EAF4BB8A552AC606A994]C:\Windows\Installer\2f8c8.msi Visual Studio 2010 x64 Redistributables [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D331B1297950F74EBC16F6A3B4096F3]C:\Windows\Installer\2f040a.msi Windows Live ??? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31BAE7FECF64DD94E8C3AA8F2A685CBB]C:\Windows\Installer\1f1766.msi Windows Live ???? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\24199FEE7533C2042B89ED3C301ED229]C:\Windows\Installer\1f1a9e.msi Windows Live [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F1F913432FC79CC43B75A17E2DFFA35C]C:\Windows\Installer\1f17ea.msi Windows Live Communications Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D04254D3B6B9FF42B3445CE3E1E0066]C:\Windows\Installer\1f16ec.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\032440EF5AC97F34B985A55C2AA8F133]C:\Windows\Installer\1f1d41.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0EE4E59FE6C037246B9B19DFF670D167]C:\Windows\Installer\1f18cb.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B435DBA159EE074292CDCA51F377562]C:\Windows\Installer\1f1817.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9F114A485A04ADC4FB640EF9BBB23C31]C:\Windows\Installer\1f1925.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B53C70A248384AD4A95944B2C6980A37]C:\Windows\Installer\1f1871.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ECF99F7130F8934468A0525C5A34E481]C:\Windows\Installer\1f1790.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F0E19FED662DD3546B2FB10A204BC06B]C:\Windows\Installer\1f1844.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9B7C1D7447288341B82C5578BCBCC48]C:\Windows\Installer\1f17bd.msi Windows Live Essentials [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FB3C816B2415036418DD9F86469FC7E7]C:\Windows\Installer\1f189e.msi Windows Live Fotogalerie [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C81D311B0B767BF43B928EB96691A46E]C:\Windows\Installer\1f1b6e.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BFF8CCA148D950C44AED2DA8B99C6189]C:\Windows\Installer\1f165a.msi Windows Live Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F132F0B0A6ECD384AA32773B467F9571]C:\Windows\Installer\1f171b.msi Windows Live Language Selector [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8888C0811F05B6249ACDBA381A89C956]C:\Windows\Installer\1f1666.msi Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\389F20921C4BAB448BD5C5D6252E4C14]C:\Windows\Installer\1f1d9a.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11F12B5E3396B0E42AC597363E0CD711]C:\Windows\Installer\1f1758.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31CFA8E68B7F8D1488BA1F0DFC5C3650]C:\Windows\Installer\1f1863.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49D4E26060385D64186B546EDA907C99]C:\Windows\Installer\1f18bd.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\59D49284A9EE7734283144CF2456BF72]C:\Windows\Installer\1f1890.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D98EEAB78E698F469301A1C00741918]C:\Windows\Installer\1f1782.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61609E2BD05C98B44AD02973A76C965E]C:\Windows\Installer\1f17af.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\77A5A59CF226AC5459044864F8BC811B]C:\Windows\Installer\1f1836.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E2A16BA3D73D584095891BFFDC8FEA4]C:\Windows\Installer\1f1809.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C160DFBC72B498A4DA8D123061EEAF11]C:\Windows\Installer\1f1917.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C42CF3A20CE691545AB2DF4AAEB9D242]C:\Windows\Installer\1f1d60.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CDBD1AB11345DF646AF61AE71B4C93EE]C:\Windows\Installer\1f18ea.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EC8EBD876F16C6D408C60AFF6FF5E5D1]C:\Windows\Installer\1f1944.msi Windows Live Messenger [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F1983FF85B1017A4FBDC0267810974C1]C:\Windows\Installer\1f17dc.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\06F372D55250AB845ABF0DAC4A9A25EA]C:\Windows\Installer\1f1ae2.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\10AFD3FF89E14B640A56ADA84DC75989]C:\Windows\Installer\1f1b30.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4314AE291D01A814191EA5403531A183]C:\Windows\Installer\1f1a90.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\45B88E4E7774956469A7E2DEE1A6DF38]C:\Windows\Installer\1f1b7e.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5DB8CED64757AF740B0894B2BB2EEF3A]C:\Windows\Installer\1f1afc.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D220FB27F930248BAF5622CD66FDAD]C:\Windows\Installer\1f1ac8.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\699A5647ACF0D2D45AC28F330B28B9B5]C:\Windows\Installer\1f1b98.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\702501FF324831E40B1B055713072B54]C:\Windows\Installer\1f1bb2.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7F80AB91827CC964A853FBDB6333EB80]C:\Windows\Installer\1f1d87.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\87109BD90B5BDB540B7A4DA0A6D11FAC]C:\Windows\Installer\1f1b16.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\90663BC66A3EC6443A1C7CE113D1B2C9]C:\Windows\Installer\1f1aae.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4227BCACD61F34F838B6E1930AF029]C:\Windows\Installer\1f1b4a.msi Windows Live Movie Maker [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DA84FEAD8C9839A41BDD547B4EBF0617]C:\Windows\Installer\1f1b64.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0153CF3712467F045930DEEAD4C07FD0]C:\Windows\Installer\1f1850.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C8D398C0AB171541BC18EB9567EF207]C:\Windows\Installer\1f17f6.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D262DB9887B64540A5A4F5FE63C38B4]C:\Windows\Installer\1f187d.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2037E861A098831419902A52CAFAA71D]C:\Windows\Installer\1f1904.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\42E3739227CAE424F8A2BFF049632FF1]C:\Windows\Installer\1f1773.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4CD7BA2CE9849EB488A72562F2ABBD0E]C:\Windows\Installer\1f18d7.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\775F634D5961F2D4B844CA679CE90020]C:\Windows\Installer\1f1d4d.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\874ACB2BF0CEEE549A9EE5BA8EE77AD2]C:\Windows\Installer\1f1823.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\933F38D4C5A512B4F83DD504B789E127]C:\Windows\Installer\1f1931.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6ACDB9A3563B764CA384963D73AFB3E]C:\Windows\Installer\1f1737.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DEA4EFDAE8F78564D8E647B2519B1F02]C:\Windows\Installer\1f179c.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E807A14A6EB3165458D54420C7C10F8F]C:\Windows\Installer\1f17c9.msi Windows Live Photo Common [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E888F0737A241194E943D74736E271BE]C:\Windows\Installer\1f18aa.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0FB3B06AB459FA248B8DC2D1436B31AA]C:\Windows\Installer\1f1b3a.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A9D4F432C248434EB4F5E358C54947E]C:\Windows\Installer\1f1d77.msi Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\766F6333940964D4896BC447E3BE5C1B]C:\Windows\Installer\1f1a5f.msi Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7B292C385A83B0447A137070E0186AF4]C:\Windows\Installer\1f16fc.msi Windows Live SOXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4E3B286A696ED244AC1C470AE61874B]C:\Windows\Installer\1f16e3.msi Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26CEF00243C306D4C98ECE73E2100CF8]C:\Windows\Installer\1f16df.msi Windows Live UX Platform [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E97A59ECCF4EFFF4A857920FB449F22F]C:\Windows\Installer\1f1708.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\327CF605C6E87144C9FF53F199314052]C:\Windows\Installer\1f1894.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3D331821A73026C41B7B5566A60185A7]C:\Windows\Installer\1f191b.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4A4869755DDD3AC4E98AB77E9D95D34B]C:\Windows\Installer\1f1d37.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61B33B7353527E949809236678800A3A]C:\Windows\Installer\1f18c1.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F7A8E47D5757C2419878ED7B1B3FE8E]C:\Windows\Installer\1f1786.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9FC52F6D78E4BE343B421CB29EDC6D86]C:\Windows\Installer\1f1867.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AEA7747775758D74B83339F9348D2281]C:\Windows\Installer\1f17b3.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C48DFB04DC46CC24999078435C40926C]C:\Windows\Installer\1f183a.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC60E4C240F152C4B8C3399A40E94CC2]C:\Windows\Installer\1f180d.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC973E50626FD7E438456483563B30FB]C:\Windows\Installer\1f17e0.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CDCBA4A694A0231449E410BFCC3B64C5]C:\Windows\Installer\1f18ee.msi Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D791992DAEDC6A143A365F23ED1441DF]C:\Windows\Installer\1f175c.msi WinFlash [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E19212F84440D1B49B9F34077AE343D6]C:\Windows\Installer\12909.msi Wireless Console 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BF33AE91E43BAE04B8A81647A3BE97A5]C:\Windows\Installer\1291b.msi Zoo Tycoon 2 - African Adventure [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DB2607ECF6EB35146945D3270D1CCC71]C:\Windows\Installer\99392a.msi Zoo Tycoon 2 - Marine Mania [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B506604BEF54F8D42805E177745938EA]C:\Windows\Installer\99393b.msi ==== Empty Folders Check ====================== C:\PROGRA~2\a444df1f-4cc8-4e1c-9fdb-aafc21a0799e deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\VideoCnv deleted successfully C:\PROGRA~3\Asus deleted successfully C:\PROGRA~3\Deadtime Stories deleted successfully C:\Users\Aliegriet\AppData\Local\CrashDumps deleted successfully ==== Checking Systemdrive for Symlinks ====================== De volumenaam van station C is OS Het volumenummer is AA01-BCB6 Map van C:\ 14-07-2009 06:08 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\ProgramData 14-07-2009 06:08 Application Data [C:\ProgramData] 14-07-2009 06:08 Desktop [C:\Users\Public\Desktop] 14-07-2009 06:08 Documents [C:\Users\Public\Documents] 14-07-2009 06:08 Favorites [C:\Users\Public\Favorites] 14-07-2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Oracle\Java\javapath 01-12-2014 10:39 java.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe] 01-12-2014 10:39 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe] 01-12-2014 10:39 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users 14-07-2009 06:08 All Users [C:\ProgramData] 14-07-2009 06:08 Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\Aliegriet 02-08-2012 18:35 Application Data [C:\Users\Aliegriet\AppData\Roaming] 02-08-2012 18:35 Cookies [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Cookies] 02-08-2012 18:35 Local Settings [C:\Users\Aliegriet\AppData\Local] 02-08-2012 18:35 Menu Start [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu] 02-08-2012 18:35 Mijn documenten [C:\Users\Aliegriet\Documents] 02-08-2012 18:35 NetHood [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 02-08-2012 18:35 Netwerkprinteromgeving [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 02-08-2012 18:35 Recent [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Recent] 02-08-2012 18:35 SendTo [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\SendTo] 02-08-2012 18:35 Sjablonen [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Aliegriet\AppData\Local 02-08-2012 18:35 Application Data [C:\Users\Aliegriet\AppData\Local] 02-08-2012 18:35 Geschiedenis [C:\Users\Aliegriet\AppData\Local\Microsoft\Windows\History] 02-08-2012 18:35 Temporary Internet Files [C:\Users\Aliegriet\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu 02-08-2012 18:35 Programma's [C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Aliegriet\Documents 02-08-2012 18:35 Mijn afbeeldingen [C:\Users\Aliegriet\Pictures] 02-08-2012 18:35 Mijn muziek [C:\Users\Aliegriet\Music] 02-08-2012 18:35 Mijn video's [C:\Users\Aliegriet\Videos] 0 bestand(en) 0 bytes Map van C:\Users\All Users 14-07-2009 06:08 Application Data [C:\ProgramData] 14-07-2009 06:08 Desktop [C:\Users\Public\Desktop] 14-07-2009 06:08 Documents [C:\Users\Public\Documents] 14-07-2009 06:08 Favorites [C:\Users\Public\Favorites] 14-07-2009 06:08 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Oracle\Java\javapath 01-12-2014 10:39 java.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe] 01-12-2014 10:39 javaw.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe] 01-12-2014 10:39 javaws.exe [C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users\Default 14-07-2009 06:08 Application Data [C:\Users\Default\AppData\Roaming] 14-07-2009 06:08 Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 14-07-2009 06:08 Local Settings [C:\Users\Default\AppData\Local] 14-07-2009 06:08 My Documents [C:\Users\Default\Documents] 14-07-2009 06:08 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 14-07-2009 06:08 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14-07-2009 06:08 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14-07-2009 06:08 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 14-07-2009 06:08 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14-07-2009 06:08 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 14-07-2009 06:08 Application Data [C:\Users\Default\AppData\Local] 14-07-2009 06:08 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14-07-2009 06:08 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 14-07-2009 06:08 My Music [C:\Users\Default\Music] 14-07-2009 06:08 My Pictures [C:\Users\Default\Pictures] 14-07-2009 06:08 My Videos [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 14-07-2009 06:08 My Music [C:\Users\Public\Music] 14-07-2009 06:08 My Pictures [C:\Users\Public\Pictures] 14-07-2009 06:08 My Videos [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser 03-08-2012 04:06 Application Data [C:\Users\UpdatusUser\AppData\Roaming] 03-08-2012 04:06 Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies] 03-08-2012 04:06 Local Settings [C:\Users\UpdatusUser\AppData\Local] 03-08-2012 04:06 My Documents [C:\Users\UpdatusUser\Documents] 03-08-2012 04:06 NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 03-08-2012 04:06 PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 03-08-2012 04:06 Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 03-08-2012 04:06 SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 03-08-2012 04:06 Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 03-08-2012 04:06 Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\AppData\Local 03-08-2012 04:06 Application Data [C:\Users\UpdatusUser\AppData\Local] 03-08-2012 04:06 History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 03-08-2012 04:06 Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\Documents 03-08-2012 04:06 My Music [C:\Users\UpdatusUser\Music] 03-08-2012 04:06 My Pictures [C:\Users\UpdatusUser\Pictures] 03-08-2012 04:06 My Videos [C:\Users\UpdatusUser\Videos] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile 20-11-2012 18:25 Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 20-11-2012 18:25 Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 20-11-2012 18:25 Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 20-11-2012 18:25 Menu Start [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 20-11-2012 18:25 Mijn documenten [C:\Windows\system32\config\systemprofile\Documents] 20-11-2012 18:25 NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 20-11-2012 18:25 Netwerkprinteromgeving [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 20-11-2012 18:25 Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 20-11-2012 18:25 SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 20-11-2012 18:25 Sjablonen [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile\AppData\Local 20-11-2012 18:25 Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 20-11-2012 18:25 Geschiedenis [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 20-11-2012 18:25 Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu 20-11-2012 18:25 Programma's [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Windows\System32\config\systemprofile\Documents 20-11-2012 18:25 Mijn afbeeldingen [C:\Windows\system32\config\systemprofile\Pictures] 20-11-2012 18:25 Mijn muziek [C:\Windows\system32\config\systemprofile\Music] 20-11-2012 18:25 Mijn video's [C:\Windows\system32\config\systemprofile\Videos] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile 20-11-2012 18:25 Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming] 20-11-2012 18:25 Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies] 20-11-2012 18:25 Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local] 20-11-2012 18:25 Menu Start [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu] 20-11-2012 18:25 Mijn documenten [C:\Windows\system32\config\systemprofile\Documents] 20-11-2012 18:25 NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 20-11-2012 18:25 Netwerkprinteromgeving [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 20-11-2012 18:25 Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent] 20-11-2012 18:25 SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo] 20-11-2012 18:25 Sjablonen [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile\AppData\Local 20-11-2012 18:25 Application Data [C:\Windows\system32\config\systemprofile\AppData\Local] 20-11-2012 18:25 Geschiedenis [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History] 20-11-2012 18:25 Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu 20-11-2012 18:25 Programma's [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Windows\SysWOW64\config\systemprofile\Documents 20-11-2012 18:25 Mijn afbeeldingen [C:\Windows\system32\config\systemprofile\Pictures] 20-11-2012 18:25 Mijn muziek [C:\Windows\system32\config\systemprofile\Music] 20-11-2012 18:25 Mijn video's [C:\Windows\system32\config\systemprofile\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 6 bestand(en) 0 bytes 101 map(pen) 159.659.692.032 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== ???? ??? Windows Live ?????? ??????? ?? Windows Live ???????? ?????????? Windows Live Aangifte inkomstenbelasting 2011 Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 15 ActiveX Adobe Reader X (10.1.7) MUI Apple Application Support Apple Mobile Device Support Apple Software Update ASUS AI Recovery ASUS Live Update ASUS Power4Gear Hybrid ASUS Splendid Video Enhancement Technology ASUS USB Charger Plus ASUS Virtual Camera ASUS Virtual Touch ATK Package AVG 2013 Bonjour Brother MFL-Pro Suite DCP-375CW CCleaner Control ActiveX de Windows Live Mesh para conexiones remotas Contr“le ActiveX Windows Live Mesh pour connexions … distance CSI - Deadly Intent CyberLink LabelPrint CyberLink Media Suite D3DX10 Dropbox ETDWare PS/2-X64 10.5.9.0 fabius 1.0. Fast Boot FastStone Capture 7.8 Galeria de Fotografias do Windows Live Galerˇa fotogr fica de Windows Live Galerie de photos Windows Live GIMP 2.8.6 Google Chrome Google Update Helper IBM SPSS Statistics 20 InstantOn for NB Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) OpenCL CPU Runtime Intel(R) Processor Graphics Intel© Trusted Connect Service Client IrfanView (remove only) iTunes Java 8 Update 25 Java Auto Updater L.A. Noire LoiLoScope 2 LoiLoScope Downloaden Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 30.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB973688) Nitro Pro 8 NVIDIA Control Panel 290.81 NVIDIA Graphics Driver 290.81 NVIDIA Install Application NVIDIA Optimus 1.6.24 NVIDIA PhysX NVIDIA Update 1.6.24 NVIDIA Update Components PDFCreator PHOTOfunSTUDIO 9.0 AE PhotoScape Qualcomm Atheros WiFi Driver Installation QuickTime 7 Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Recuva Rockstar Games Social Club RollerCoaster Tycoon 2 S?????? f?t???af??? t?? Windows Live SceneSwitch Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition SimCity 4 Deluxe Skype Click to Call SkypeT 6.22 Spotify Stellarium 0.12.4 The Lost Cases of Sherlock Holmes 2 1.00 The Sims Deluxe Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VirtualCloneDrive Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables VLC media player 2.0.1 Vuze Windows Live ??? Windows Live ???? Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinFlash WinRAR 4.20 (32-bit) Wireless Console 3 ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdate deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\globalUpdatem deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\globalUpdatem deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\ALIEGR~1\AppData\Roaming\Mozilla\Firefox\Profiles\egi3vwr1.default user.js not found ---- Lines a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855 removed from prefs.js ---- user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.coma user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.InstallationThankYouPage", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.InstallationTime", 1418664444); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.active", true); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.addressbar", "NA"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.addressbarenhanced", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.asyncdb.was_copied", "true"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.asyncinternaldb.was_copied", "true"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.backgroundver", 2); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.certdomaininstaller", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.changeprevious", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.InstallationTime.value", "%221418664444%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00: user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22002 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.au.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100") user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.au.value", "%222014-12-21%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100" user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.cnt.value", "%22NL%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.first_run.expiration", "Fri Feb 01 2030 00:00:00 GMT user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.first_run.value", "%221%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.install.expiration", "Fri Feb 01 2030 00:00:00 GMT+0 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.cookie.install.value", "%222014-12-20%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.description", "The must-have App extensions for Television user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.domain", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.enablesearch", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.homepage", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.iframe", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 20 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerIdentifiers.value", "%7B%22installer_bi user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%2 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 20 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerParamsCache.value", "%7B%22source_id%22 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerUserIdentifiersCache.expiration", "Fri user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.InstallerUserIdentifiersCache.value", "%7B%22ins user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 0 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_appVer.value", "9"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_lastVersion.value", "1"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00: user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_nextCheck.expiration", "Sun Dec 21 201 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.__defualt_browser__.expiration", "Fri Feb 01 203 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.__defualt_browser__.value", "%22ie%22"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.installer.value", "%7B%22InstallerIdentifiers%22 user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_bundledUrls.expiration", "Fr user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_bundledUrls.value", "%7B%22d user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_bundledWithHash.expiration", user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_bundledWithHash.value", "nul user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_notBundledArr_.expiration", user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_notBundledArr_.value", "%5B% user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_regBundledWithSoftware.expir user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.internaldb.monetization_plugin_regBundledWithSoftware.value user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.lastDailyReport", "1419165272837"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.lastUpdate", "1419165273166"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.manifesturl", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.name", "TheTorntvs V10 1.1 +"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.newtab", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.opensearch", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.pluginsurl", "http://js.newstaticinputserv.com/plugin/apps/ user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.pluginsversion", 5); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.publisher", "Yes"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.searchstatus", 0); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.setnewtab", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.thankyou", ""); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.updateinterval", 360); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.68855.ver", 9); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.apps", "68855"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.bic", "14a68fa91c12fa067b6c4646c9353b35"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.cid", 68855); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.firstrun", false); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.hadappinstalled", true); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.installationdate", 1419100459); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.modetype", "production"); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.reportInstall", true); user_pref("extensions.a5760ec0d6ec24a119c6398ffa137c6b34f842bd805263bee28d76com68855.statsDailyCounter", 4); ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "14a68fa91c12fa067b6c4646c9353b35"); ---- FireFox user.js and prefs.js backups ---- prefs_04-01-2015_0914_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~3\SummerSoft deleted C:\PROGRA~2\TheTorntvs V10 1.1 + deleted C:\PROGRA~2\globalUpdate deleted C:\Users\Aliegriet\AppData\Roaming\appdataFr2.bin deleted C:\Users\Aliegriet\AppData\Roaming\TornTV.com deleted C:\PROGRA~3\cheapncheap deleted C:\PROGRA~3\beautydeals deleted C:\PROGRA~3\AVG January 2013 Campaign deleted C:\PROGRA~3\InstallMate deleted C:\Users\Aliegriet\AppData\Local\uninst.tmp deleted C:\Users\Aliegriet\AppData\Local\CRE deleted C:\Users\Aliegriet\AppData\Local\globalUpdate deleted C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-1.job deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-11.job deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-3.job deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-4.job deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-6.job deleted C:\Windows\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-7.job deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-1 deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-11 deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-3 deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-4 deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-6 deleted C:\windows\SysNative\Tasks\b96f09aa-67ad-4eda-8dbc-30892345d498-7 deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted C:\Windows\tasks\ROC_REG_JAN_DELETE.job deleted C:\windows\SysNative\tasks\ROC_REG_JAN_DELETE deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\ALIEGR~1\AppData\Roaming\Mozilla\Firefox\Profiles\egi3vwr1.default\extensions\5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.com deleted "C:\Users\Aliegriet\AppData\Roaming\DURCKM" deleted "C:\Windows\tasks\DURCKM.job" deleted "C:\Windows\SysNative\tasks\DURCKM" deleted "C:\Users\Aliegriet\AppData\Roaming\XKJSF" deleted "C:\Windows\tasks\XKJSF.job" deleted "C:\Windows\SysNative\tasks\XKJSF" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 6031 MB CPU Info: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz CPU Speed: 2332,9 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | Intel(R) HD Graphics 4000 | NVIDIA GeForce GT 630M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR9485 Wireless Network Adapter | Realtek PCIe GBE Family Controller CD / DVD Drives: 2x (E: | G: | ) E: SlimtypeDVD A DS8A8SH | G: ELBY CLONEDRIVE Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 520,0GB | D: 153,3GB Hard Disks - Free: C: 148,6GB | D: 150,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/14/12 | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK COMPUTER INC. K75VM Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG Internet Security 2013 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: AVG Internet Security 2013 disabled (Outdated) Firewall: AVG Internet Security 2013 disabled Internet Explorer Version: 11.0.9600.17501 Mozilla Firefox version: 30.0 (x86 nl) Google Chrome version: 38.0.2125.111 Adobe Reader version: 10.1.7.27 Sun Java version: 1.8.0_25 (32-bit) Sun Java version: 1.8.0_25 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ALIEGR~1\AppData\Local\Temp ==== 2014-12-27 11:02:53 97511FE2CA09CC2E06C3CD6519C3494E 43008 ----a-w- C:\Users\Aliegriet\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprjmero.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-12-11 07:47:37 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-03 20:25:00 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-12-22 13:05:38 -------- d-----w- C:\PROGRA~2\DOSBox-0.74 ======= C: ===== ====== C:\Users\Aliegriet\AppData\Roaming ====== 2014-12-24 16:53:30 E8B4A6AB15E5EAD7515973C120A6EA49 39519 ----a-w- C:\Users\Aliegriet\AppData\Local\recently-used.xbel 2014-12-22 14:52:15 -------- d-----w- C:\Users\Aliegriet\AppData\Local\DOSBox 2014-12-20 18:21:34 -------- d-----w- C:\Users\Aliegriet\AppData\Local\Popcorn-Time 2014-12-20 18:21:19 -------- d-----w- C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2014-12-20 18:20:46 -------- d-----w- C:\Users\Aliegriet\AppData\Local\Popcorn Time 2014-12-17 18:55:43 -------- d-s---w- C:\Users\UpdatusUser\AppData\Locallow\Microsoft ====== C:\Users\Aliegriet ====== 2015-01-03 20:24:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Aliegriet\Downloads\RSITx64.exe 2014-12-22 18:48:27 -------- d-----w- C:\Users\Aliegriet\Dos 2014-12-22 13:05:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74 2014-12-22 13:05:12 D98336D46509BC7FA840A82457F72827 1448809 ----a-w- C:\Users\Aliegriet\Downloads\DOSBox0.74-win32-installer.exe ====== C: exe-files == 2015-01-03 20:25:00 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Aliegriet.exe 2015-01-03 20:24:27 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Aliegriet\Downloads\RSITx64.exe 2014-12-29 16:12:42 CB404197AEC10A525509E0BF523B8158 433072 ------r- C:\ProgramData\NVIDIA\Updatus\Download\6AEA\updatus.19181379_RUNASUSER.exe === C: other files == ======== System Restore Points ======== RP184: 11-11-2014 18:13:08 - Gepland controlepunt RP185: 15-11-2014 20:15:16 - Windows Update RP186: 19-11-2014 12:42:51 - Configured Power2Go RP187: 19-11-2014 12:48:53 - Removed Facebook Video Calling 3.1.0.521 RP188: 19-11-2014 12:49:34 - Removed Facebook Video Calling 3.1.0.521 RP190: 19-11-2014 12:53:52 - Removido Controlo ActiveX do Windows Live Mesh para Ligaçőes Remotas RP192: 19-11-2014 12:56:21 - Windows Live Mesh ActiveX Control for Remote Connections is verwijderd RP193: 19-11-2014 12:57:35 - Windows Live Mesh ActiveX control for remote connections is verwijderd RP194: 19-11-2014 13:03:54 - Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen is verwijderd RP197: 19-11-2014 23:18:02 - avast! antivirus system restore point RP198: 19-11-2014 23:21:07 - Installatie van apparaatstuurprogramma: Avast Network Service RP199: 19-11-2014 23:53:09 - Windows Update RP200: 23-11-2014 9:58:59 - avast! antivirus system restore point RP201: 23-11-2014 10:01:42 - Removed WD Discovery RP202: 2-12-2014 18:47:27 - Gepland controlepunt RP203: 11-12-2014 8:36:40 - Gepland controlepunt RP204: 12-12-2014 9:26:36 - Windows Update RP205: 14-12-2014 18:15:00 - Windows Update RP206: 19-12-2014 15:38:48 - Windows Update RP207: 28-12-2014 13:32:32 - Gepland controlepunt RP209: 4-1-2015 8:50:52 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1147976641-2597456954-336000686-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Aliegriet\AppData\Local\Akamai\netsession_win.exe" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1147976641-2597456954-336000686-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Aliegriet\AppData\Local\Akamai\netsession_win.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1147976641-2597456954-336000686-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-1147976641-2597456954-336000686-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app --load-component-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\man --flag-switches-begin --flag-switches-end --restore-last-session" "FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "BrMfcWnd"="C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="C:\Users\Aliegriet\AppData\Local\Akamai\netsession_win.exe" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app --load-component-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\man --flag-switches-begin --flag-switches-end --restore-last-session" "FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll, C:\\Windows\\SysWOW64\\nvinit.dll" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ACMON] "command"="C:\\Program Files (x86)\\ASUS\\Splendid\\ACMON.exe" "hkey"="HKLM" "item"="ACMON" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\"" "hkey"="HKLM" "item"="Adobe Reader Speed Launcher" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector] "command"="C:\\Windows\\AsScrPro.exe" "hkey"="HKLM" "item"="ASUS Screen Saver Protector" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\"" "hkey"="HKLM" "item"="CLMLServer" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s" "hkey"="HKLM" "item"="RTHDVCPL" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2012-08-28 19:19:52 1155 ----a-w- C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2013-07-02 17:04:35 2478 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.0 AE.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-12-2014 18:22] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-07-2014 18:21] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-07-2014 18:21] C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe [] C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe] "C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe] "C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"] "C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe] "C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\ALIEGR~1\AppData\Roaming\Mozilla\Firefox\Profiles\egi3vwr1.default - Undetermined - C:\Users\Aliegriet\AppData\Roaming\Mozilla\Firefox\Profiles\egi3vwr1.default\extensions\5760ec0d6ec24a119c6398f@fa137c6b34f842bd805263bee28d76.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Aliegriet\AppData\Roaming\Mozilla\Firefox\Profiles\egi3vwr1.default B16EC84E06F26B8B85800F3B07B8D757 - C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 38.0.2125.111 (Possible outdated, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\Aliegriet\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions meinjhkhgaalhfbinmclpmjikccbplkf - C:\Users\Aliegriet\AppData\Local\CRE\meinjhkhgaalhfbinmclpmjikccbplkf.crx[] Google Drive - Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Aliegriet\Desktop\CSI Deadly Intent - Snelkoppeling.lnk - C:\Users\Aliegriet\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\Aliegriet\Desktop\Internet Explorer (64-bit).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Aliegriet\Desktop\IrfanView Thumbnails.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe /thumbs C:\Users\Aliegriet\Desktop\IrfanView.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe C:\Users\Aliegriet\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe C:\Users\Aliegriet\Desktop\Popcorn Time.lnk - C:\Users\Aliegriet\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe . C:\Users\Aliegriet\Desktop\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames Interactive\RollerCoaster Tycoon 2\rct2.exe C:\Users\Aliegriet\Desktop\Simcity 4.lnk - C:\Program Files (x86)\Maxis\SimCity 4 Deluxe\simcity 4.exe C:\Users\Aliegriet\Desktop\Spotify.lnk - C:\Users\Aliegriet\AppData\Roaming\Spotify\spotify.exe C:\Users\Aliegriet\Desktop\The Lost Cases of Sherlock Holmes 2.lnk - C:\Program Files (x86)\Games\The Lost Cases of Sherlock Holmes 2\SherlockHolmes2.exe C:\Users\Aliegriet\Desktop\Typen Fabius.lnk - C:\Program Files (x86)\fabius\fabius.exe C:\Users\UpdatusUser\Desktop\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe C:\Users\Public\Desktop\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Users\Public\Desktop\Avidemux 2.6 - 64bits.lnk - C:\Program Files\Avidemux 2.6 - 64bits\avidemux.exe C:\Users\Public\Desktop\Brother Creative Center.lnk - C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\DOSBox 0.74.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf C:\Users\Public\Desktop\Eenvoudige videobewerker LoiLo.lnk - C:\Program Files (x86)\LoiLo\LoiLoScope 2\LoiLoScopeLauncher.exe C:\Users\Public\Desktop\FastStone Capture.lnk - C:\Program Files (x86)\FastStone Capture\FSCapture.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\L.A. Noire.lnk - C:\Program Files (x86)\Rockstar Games\L.A. Noire\LANLauncher.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\Nitro Pro 8.lnk - C:\Program Files (x86)\Nitro\Pro 8\NitroPDF.exe C:\Users\Public\Desktop\PDFArchitect.lnk - C:\Program Files (x86)\PDFCreator\PDFArchitect\PDFArchitect.exe C:\Users\Public\Desktop\PDFCreator.lnk - C:\Program Files (x86)\PDFCreator\PDFCreator.exe C:\Users\Public\Desktop\PHOTOfunSTUDIO 9.0 AE.lnk - C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 9.0 AE\PHOTOfunSTUDIO.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Recuva.lnk - C:\Program Files\Recuva\recuva64.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\Stellarium.lnk - C:\Program Files\Stellarium\stellarium.exe C:\Users\Public\Desktop\Virtual CloneDrive.lnk - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDPrefs.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Public\Desktop\ASUS\Backup & Restore\AI Recovery Burner.lnk - C:\ProgramData\ChangeFolderView\aiRecovery.ico C:\Users\Public\Desktop\ASUS\Entertainment\Game Park Console.lnk - C:\ProgramData\Asus\Game Park Console\GameConsole.exe C:\Users\Public\Desktop\ASUS\Entertainment\LifeFrame.lnk - C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe C:\Users\Public\Desktop\ASUS\Multimedia\CyberLink Media Suite.lnk - C:\Program Files (x86)\CyberLink\Media Suite\PS.exe C:\Users\Public\Desktop\ASUS\System tool\e-Driver.lnk - C:\eSupport\eDriver\InstAll.exe C:\Users\Public\Desktop\ASUS\System tool\Scene Switch.lnk - C:\ProgramData\ChangeFolderView\sceneswitch.ico C:\Users\Public\Desktop\ASUS\System tool\Splendid Utility.Lnk - C:\Program Files (x86)\ASUS\Splendid\Backbone.exe C:\Users\Public\Desktop\ASUS\Word processor\Adobe Reader X.lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\The Sims House Party™.lnk - C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Aliegriet\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe . C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Aliegriet\AppData\Local\Popcorn Time\Uninstall.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk - C:\Windows\system32\mstsc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\DOSBox 0.74 Manual.lnk - C:\Program Files (x86)\DOSBox-0.74\Documentation\README.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\DOSBox 0.74.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Extras\DOSBox 0.74 (noconsole).lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -noconsole -userconf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Extras\Screenshots & Recordings.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -opencaptures explorer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Extras\Uninstall.lnk - C:\Program Files (x86)\DOSBox-0.74\uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Extras\Video\Install movie codec.lnk - C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 C:\Program Files (x86)\DOSBox-0.74\Video Codec\zmbv.inf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Extras\Video\Video instructions.lnk - C:\Program Files (x86)\DOSBox-0.74\Video Codec\Video Instructions.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Options\DOSBox 0.74 Options.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -editconf notepad.exe -editconf "C:\Windows\system32\notepad.exe" -editconf "C:\Windows\notepad.exe" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Options\Reset KeyMapper.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -erasemapper C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74\Options\Reset Options.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -eraseconf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabius\fabius.lnk - C:\Program Files (x86)\fabius\fabius.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - ==== shortcuts in Quick Launch ====================== C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\AVG 2013.lnk - C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe C:\Users\Aliegriet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PhotoScape.lnk - C:\Program Files (x86)\PhotoScape\PhotoScape.exe C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:8555;https=127.0.0.1:8555" "ProxyOverride"="127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896;" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Uninstall List x64 ====================== ???? ??? Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}] ?????? ??????? ?? Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE929F09-3853-4180-BD90-30764BFF7136}] ???????? ?????????? Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E83DC314-C926-4214-AD58-147691D6FE9F}] ?????????? Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}] Aangifte inkomstenbelasting 2011 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2011] Aangifte inkomstenbelasting 2012 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2012] Aangifte inkomstenbelasting 2013 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2013] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE23D063-934D-4829-A0D8-00634CE79B4A}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR] Adobe Flash Player 10 Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Flash Player 15 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Reader X (10.1.7) MUI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{46F044A5-CE8B-4196-984E-5BD6525E361D}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F72F540-1F60-4266-9506-952B21D6640D}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}] ASUS AI Recovery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D39F0676-163E-4595-A917-E28F99BBD4D2}] ASUS Live Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] ASUS Power4Gear Hybrid [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}] ASUS Splendid Video Enhancement Technology [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] ASUS USB Charger Plus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}] ASUS Virtual Camera [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}] ASUS Virtual Touch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{938CFBD4-0652-49E5-BB8B-153948865941}] ATK Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12079D47-A4AB-4AE5-A957-C2062D328F35}] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D6D3F085-3AEA-4BC5-A727-ED71CB460BD2}] AVG 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] Brother MFL-Pro Suite DCP-375CW [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] Control ActiveX de Windows Live Mesh para conexiones remotas [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{04668DF2-D32F-4555-9C7E-35523DCD6544}] Contr“le ActiveX Windows Live Mesh pour connexions … distance [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{55D003F4-9599-44BF-BA9E-95D060730DD3}] CSI - Deadly Intent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CSI - Deadly Intent] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink LabelPrint [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}] CyberLink Media Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] CyberLink Media Suite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}] D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] ETDWare PS/2-X64 10.5.9.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Elantech] fabius 1.0. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\fabius_is1] Fast Boot [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13F4A7F3-EABC-4261-AF6B-1317777F0755}] FastStone Capture 7.8 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FastStone Capture] Galeria de Fotografias do Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}] Galerˇa fotogr fica de Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}] Galerie de photos Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{488F0347-C4A7-4374-91A7-30818BEDA710}] GIMP 2.8.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GIMP-2_is1] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] IBM SPSS Statistics 20 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2AF8017B-E503-408F-AACE-8A335452CAD2}] InstantOn for NB [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}] Intel(R) Manageability Engine Firmware Recovery Agent [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A6C48A9F-694A-4234-B3AA-62590B668927}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel(R) OpenCL CPU Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] Intel(R) Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{09536BA1-E498-4CC3-B834-D884A67D7E34}] IrfanView (remove only) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IrfanView] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{427174C0-096E-40D9-9684-9C109BEE2CBF}] Java 8 Update 25 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}] L.A. Noire [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{915726DF-7891-444A-AA03-0DF1D64F561A}] LoiLoScope 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1] LoiLoScope Downloaden [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2A254F4-AC74-482F-8F09-DB2843AC2AAE}_is1] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}] Microsoft SQL Server Compact 3.5 SP2 ENU [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3A9FC03D-C685-4831-94CF-4EDFD3749497}] Microsoft SQL Server Compact 3.5 SP2 x64 ENU [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8220EEFE-38CD-377E-8595-13398D740ACE}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Mozilla Firefox 30.0 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 30.0 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] Nitro Pro 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CC9BF387-B6D7-490C-A0BB-ED1AF98B049D}] NVIDIA Control Panel 290.81 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA Graphics Driver 290.81 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA Optimus 1.6.24 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}] NVIDIA Update 1.6.24 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] PDFCreator [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] PHOTOfunSTUDIO 9.0 AE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{94C19375-D509-4D21-A627-DD9160DF4710}] PhotoScape [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PhotoScape] Qualcomm Atheros WiFi Driver Installation [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7D916FA5-DAE9-4A25-B089-655C70EAF607}] QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}] Raccolta foto di Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ED16B700-D91F-44B0-867C-7EB5253CA38D}] Realtek Ethernet Controller Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Realtek USB 2.0 Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96AE7E41-E34E-47D0-AC07-1091A8127911}] Recuva [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Recuva] Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Rockstar Games Social Club] RollerCoaster Tycoon 2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}] S?????? f?t???af??? t?? Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C00C2A91-6CB3-483F-80B3-2958E29468F1}] SceneSwitch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5172E572-C175-4F80-A6D5-5CB45826AD61}] SimCity 4 Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}] Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}] SkypeT 6.22 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify] Stellarium 0.12.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Stellarium_is1] The Lost Cases of Sherlock Holmes 2 1.00 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Lost Cases of Sherlock Holmes 2 1.00] The Sims Deluxe [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{10798AE3-DCBB-43C3-9C93-C23512427E25}] VirtualCloneDrive [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VirtualCloneDrive] Visual Studio 2008 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}] Visual Studio 2010 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21B133D6-5979-47F0-BE1C-F6A6B304693F}] VLC media player 2.0.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] Vuze [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\8461-7759-5462-8226] Windows Live ??? [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}] Windows Live ???? [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEF99142-3357-402C-B298-DEC303E12D92}] Windows Live [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{17F99FCE-8F03-4439-860A-25C5A5434E18}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ABD534B7-E951-470E-92C2-CD5AF1735726}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B618C3BF-5142-4630-81DD-F96864F97C7E}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite] Windows Live Fotogalerie [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B113D18C-67B0-4FB7-B329-E89B66194AE6}] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}] Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}] Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{180C8888-50F1-426B-A9DC-AB83A1989C65}] Windows Live Mesh ActiveX Control for Remote Connections [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{062E4D94-8306-46D5-81B6-45E6AD09C799}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{48294D95-EE9A-4377-8213-44FC4265FB27}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FF3891F-01B5-4A71-BFCD-20761890471C}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2E90616-C50D-4B89-A40D-92377AC669E5}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BAEE89D5-6E87-4F89-9603-A1C100479181}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C95A5A77-622F-45CA-9540-84468FCB18B1}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CBFD061C-4B27-4A89-ADD8-210316EEFA11}] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19BA08F7-C728-469C-8A35-BFBD3633BE08}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7465A996-0FCA-4D2D-A52C-F833B0829B5B}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BF022D76-9F72-4203-B8FA-6522DC66DFDA}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E4E88B54-4777-4659-967A-2EED1E6AFD83}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF105207-8423-4E13-B0B1-50753170B245}] Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{168E7302-890A-4138-9109-A225ACAF7AD1}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29373E24-AC72-424E-8F2A-FB0F9436F21F}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{370F888E-42A7-4911-9E34-7D74632E17EB}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D83F339-5A5C-4B21-8FD3-5D407B981E72}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{73FC3510-6421-40F7-9503-EDAE4D0CF70D}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A41A708E-3BE6-4561-855D-44027C1CF0F8}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C893D8C0-1BA0-4517-B11C-E89B65E72F70}] Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D436F577-1695-4D2F-8B44-AC76C99E0002}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{34F4D9A4-42C2-4348-BEF4-E553C84549E7}] Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}] Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}] Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}] Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}] Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{05E379CC-F626-4E7D-8354-463865B303BF}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{128133D3-037A-4C62-B1B7-55666A10587A}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{37B33B16-2535-49E7-8990-32668708A0A3}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40BFD84C-64CD-42CC-9909-8734C50429C6}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{506FC723-8E6C-4417-9CFF-351F99130425}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{77477AEA-5757-47D8-8B33-939F43D82218}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D299197D-CDEA-41A6-A363-F532DE4114FD}] Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}] WinFlash [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] WinRAR 4.20 (32-bit) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] Wireless Console 3 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23C5434E-6594-A58C-BF28-904968C99AA5} deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Aliegriet\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app" --load-component-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\man" --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1147976641-2597456954-336000686-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1147976641-2597456954-336000686-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: Dropbox.lnk = Aliegriet\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: PHOTOfunSTUDIO 9.0 AE.lnk = C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} Akamai NetSession Interface = "C:\Users\Aliegriet\AppData\Local\Akamai\netsession_win.exe" [file not found] Skype = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [Skype Technologies S.A.] HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++} Application Restart #1 = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --extensions-on-chrome-urls --test-type --load-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\app" --load-component-extension="c:\Program Files\Google\Chrome\Application\Extensions\chrome\man" --flag-switches-begin --flag-switches-end --restore-last-session [Google Inc.] FlashPlayerUpdate = C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe -update activex [Adobe Systems Incorporated] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} ETDCtrl = C:\Program Files\Elantech\ETDCtrl.exe IgfxTray = C:\Windows\system32\igfxtray.exe [Intel Corporation] HotKeysCmds = C:\Windows\system32\hkcmd.exe [Intel Corporation] Persistence = C:\Windows\system32\igfxpers.exe [Intel Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated] ASUSPRP = "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [ASUSTek Computer Inc.] ATKOSD2 = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [ASUSTek Computer Inc.] ATKMEDIA = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [ASUS] HControlUser = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [ASUS] Wireless Console 3 = C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [ASUSTeK Computer Inc.] BrMfcWnd = C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [null data] ControlCenter3 = C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [Brother Industries, Ltd.] GrooveMonitor = "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [MS] AVG_UI = "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [AVG Technologies CZ, s.r.o.] VirtualCloneDrive = "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [Elaborate Bytes AG] APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.] iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [Apple Inc.] QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [Apple Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO -> {HKLM...CLSID} = Skype Click to Call for Internet Explorer \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS] -> {HKLM...Wow...CLSID} = Skype Click to Call for Internet Explorer \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [Oracle Corporation] {9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided) -> {HKLM...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] -> {HKLM...Wow...CLSID} = Windows Live ID Sign-in Helper \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS] {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO -> {HKLM...CLSID} = Skype Click to Call for Internet Explorer \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS] -> {HKLM...Wow...CLSID} = Skype Click to Call for Internet Explorer \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [MS] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] DropboxExt4\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} = NvAppShExt extension -> {HKLM...CLSID} = NvAppShExt Class \InProcServer32\(Default) = C:\Windows\system32\nv3dappshext.dll [NVIDIA Corporation] {E97DEC16-A50D-49bb-AE24-CF682282E08D} = OpenGLShExt extension -> {HKLM...CLSID} = OpenGLShExt Class \InProcServer32\(Default) = C:\Windows\system32\nv3dappshext.dll [NVIDIA Corporation] {0066D4B3-8DE0-4D08-AA83-EDD50E2431F0} = ELAN Control Panel -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Elantech\ETDMcpl.dll [ELAN Microelectronics Corp.] {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = AVG Shell Extension -> {HKLM...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [AVG Technologies CZ, s.r.o.] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\MSOHEVI.DLL [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {B7056B8E-4F99-44f8-8CBD-282390FE5428} = VirtualCloneDrive -> {HKLM...CLSID} = VirtualCloneDrive Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [Elaborate Bytes AG] {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes -> {HKLM...CLSID} = iTunes \InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided) -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim -> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS] {B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = AVG Shell Extension -> {HKLM...Wow...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper -> {HKLM...Wow...CLSID} = Groove GFS Browser Helper \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar -> {HKLM...Wow...CLSID} = Groove Folder Synchronization \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler -> {HKLM...Wow...CLSID} = Groove GFS Stub Icon Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook -> {HKLM...Wow...CLSID} = Groove GFS Stub Execution Hook \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler -> {HKLM...Wow...CLSID} = Groove XML Icon Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {HKLM...Wow...CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler -> {HKLM...Wow...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL [MS] {00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler -> {HKLM...Wow...CLSID} = Microsoft Office Outlook \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL [MS] {5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search -> {HKLM...Wow...CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...Wow...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = C:\Windows\system32\nvinitx.dll [NVIDIA Corporation] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll [file not found] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <> skypec2c\CLSID = {91774881-D725-4E58-B298-07617B9B86A8} -> {HKLM...CLSID} = Skype Click to Call for IE Pluggable Protocol \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} -> {HKLM...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [AVG Technologies CZ, s.r.o.] -> {HKLM...Wow...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] NP8ShellExtension\(Default) = {9C4B85B8-956C-49BF-9BA5-101384E562B2} -> {HKLM...CLSID} = NP8ShellExtension ContextMenu Shell Extension \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Nitro\Pro\8.0\NPSHEL~1.DLL [Nitro PDF] VirtualCloneDrive\(Default) = {B7056B8E-4F99-44f8-8CBD-282390FE5428} -> {HKLM...CLSID} = VirtualCloneDrive Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [Elaborate Bytes AG] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll [Dropbox, Inc.] -> {HKCU...Wow...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} -> {HKLM...CLSID} = GraphicsShellExt Class \InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation] NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...Wow...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ AVG Shell Extension\(Default) = {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} -> {HKLM...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [AVG Technologies CZ, s.r.o.] -> {HKLM...Wow...CLSID} = AVG Shell Extension Class \InProcServer32\(Default) = C:\Program Files (x86)\AVG\AVG2013\avgse.dll [AVG Technologies CZ, s.r.o.] WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D} -> {HKLM...Wow...CLSID} = Groove GFS Context Menu Handler \InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext64.dll [Alexander Roshal] WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...Wow...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files (x86)\WinRAR\rarext.dll [Alexander Roshal] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files (x86)\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] LSBDBurningOnArrival\ Provider = LoiLoScope 2 InvokeProgID = LoiLoScope.AutoPlay InvokeVerb = LSBDBurningOnArrival HKLM\SOFTWARE\Classes\LoiLoScope.AutoPlay\shell\LSBDBurningOnArrival\Command\(Default) = "C:\Program Files (x86)\LoiLo\LoiLoScope 2\LoiLoScopeLauncher.exe" [null data] LSCameraOnArrival\ Provider = LoiLoScope 2 InvokeProgID = LoiLoScope.AutoPlay InvokeVerb = LSCameraOnArrival HKLM\SOFTWARE\Classes\LoiLoScope.AutoPlay\shell\LSCameraOnArrival\Command\(Default) = "C:\Program Files (x86)\LoiLo\LoiLoScope 2\LoiLoScopeLauncher.exe" [null data] LSDVDBurningOnArrival\ Provider = LoiLoScope 2 InvokeProgID = LoiLoScope.AutoPlay InvokeVerb = LSDVDBurningOnArrival HKLM\SOFTWARE\Classes\LoiLoScope.AutoPlay\shell\LSDVDBurningOnArrival\Command\(Default) = "C:\Program Files (x86)\LoiLo\LoiLoScope 2\LoiLoScopeLauncher.exe" [null data] LSFileOnArrival\ Provider = LoiLoScope 2 InvokeProgID = LoiLoScope.AutoPlay InvokeVerb = LSFileOnArrival HKLM\SOFTWARE\Classes\LoiLoScope.AutoPlay\shell\LSFileOnArrival\Command\(Default) = "C:\Program Files (x86)\LoiLo\LoiLoScope 2\LoiLoScopeLauncher.exe" [null data] MSLivePhotoAcquireDropHandler\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.LivePhotoAcqDTShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSLiveShowPicturesOnArrival\ Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10 InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1 InvokeVerb = open HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] PanasonicPfS9.0PhotoArrival\ Provider = Panasonic PHOTOfunSTUDIO 9.0 AE InvokeProgID = Shell.AutoplayForPfS9.0 InvokeVerb = open HKLM\SOFTWARE\Classes\Shell.AutoplayForPfS9.0\shell\open\command\(Default) = C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 9.0 AE\PHOTOfunSTUDIO.exe /NoSplash /Import:%L [null data] PStarterBlankCDArrival\ Provider = Media Suite InvokeProgID = BlankCD InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] PStarterDVDBurningOnArrival\ Provider = Media Suite InvokeProgID = BlankDVD InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] PStarterMixedCDArrival\ Provider = Media Suite InvokeProgID = MixedContent InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\MixedContent\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] PStarterMusicFilesArrival\ Provider = Media Suite InvokeProgID = MusicFiles InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\MusicFiles\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] PStarterPicturesArrival\ Provider = Media Suite InvokeProgID = Picture InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\Picture\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] PStarterVideoFilesArrival\ Provider = Media Suite InvokeProgID = VideoFiles InvokeVerb = OpenWithPowerStarter HKLM\SOFTWARE\Classes\VideoFiles\shell\OpenWithPowerStarter\Command\(Default) = "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe" "%L" [CyberLink Corp.] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] WIA_{15D80095-AF13-4A20-9943-B0A353EE75FC}\ Provider = ControlCenter3 CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Aliegriet" & "All Users" startup folders: ----------------------------------------------------------- C:\Users\Aliegriet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Dropbox -> shortcut to: C:\Users\Aliegriet\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [Dropbox, Inc.] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} PHOTOfunSTUDIO 9.0 AE -> shortcut to: C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe -e "C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 9.0 AE\PHOTOfunSTUDIO.exe" [null data] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks Adobe Flash Player Updater -> launches: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] ASUS Live Update -> launches: C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [null data] ASUS P4G -> launches: C:\Program Files\ASUS\P4G\BatteryLife.exe [ASUS] ASUS Quick Gesture -> launches: C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [ASUSTeK Computer Inc.] ASUS Quick Gesture (x64) -> launches: C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [ASUSTeK Computer Inc.] ASUS USB Charger Plus -> launches: "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [ASUSTek Computer Inc.] ATKOSD2 -> launches: C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [ASUSTek Computer Inc.] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> launches: C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate [Intel Corporation] ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> launches: C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate [Intel Corporation] SidebarExecute -> launches: C:\Program Files\Windows Sidebar\sidebar.exe /addGadget [MS] {646CE1E9-059F-42E1-9818-49CE5C64532D} -> launches: C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\ [MS] {D611B0FA-4FB7-45FA-8FA1-F9A6B8AA8915} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Aliegriet\setup.exe -d C:\Users\Aliegriet [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D} -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS] ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS] DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS] ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS] MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS] ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS] PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS] PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS] PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS] PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS] PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS] RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS] ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS] SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\Windows\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\Windows\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TabletPC InputPersonalization -> launches: %CommonProgramFiles%\Microsoft Shared\Ink\InputPersonalization.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS] ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1} -> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater \InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-1147976641-2597456954-336000686-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000007\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000008\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000010\LibraryPath = C:\Program Files (x86)\Bonjour\mdnsNSP.dll [Apple Inc.] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000007\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000008\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000009\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS] 000000000010\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [MS] HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ ButtonText = Skype Click to Call settings CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -> {HKLM...CLSID} = Skype Click to Call settings \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [MS] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\ {2670000A-7350-4F3C-8081-5663EE0C6C49}\ ButtonText = Verzenden naar OneNote MenuText = Verz&enden naar OneNote CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C} -> {HKLM...Wow...CLSID} = Send to OneNote from Internet Explorer button \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll [MS] {898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ ButtonText = Skype Click to Call settings CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -> {HKLM...Wow...CLSID} = Skype Click to Call settings \InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM...Wow...CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL [MS] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated] AFBAgent, AFBAgent, "C:\Windows\system32\FBAgent.exe" [ASUSTeK Computer Inc.] Apple Mobile Device, Apple Mobile Device, "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] ASLDR Service, ASLDRService, C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [ASUS] ASUS InstantOn Service, ASUS InstantOn, C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [ASUS] ATKGFNEX Service, ATKGFNEXSrv, C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [ASUS] AVG Firewall, avgfws, "C:\Program Files (x86)\AVG\AVG2013\avgfws.exe" [AVG Technologies CZ, s.r.o.] AVG WatchDog, avgwd, "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" [AVG Technologies CZ, s.r.o.] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] Intel(R) Capability Licensing Service Interface, Intel(R) Capability Licensing Service Interface, "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [Intel(R) Corporation] Intel(R) Dynamic Application Loader Host Interface Service, jhi_service, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [Intel Corporation] Intel(R) Management and Security Application Local Management Service, LMS, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [Intel Corporation] Intel(R) Management and Security Application User Notification Service, UNS, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" [Intel Corporation] Intel(R) ME Service, Intel(R) ME Service, C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [null data] iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] Nalpeiron Licensing Service, nlsX86cc, C:\Windows\SysWOW64\NLSSRV32.EXE [Nalpeiron Ltd.] NitroPDFDriverCreatorReadSpool8, NitroDriverReadSpool8, "C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe" [Nitro PDF Software] NVIDIA Display Driver Service, nvsvc, C:\Windows\system32\nvvsvc.exe [NVIDIA Corporation] NVIDIA Update Service Daemon, nvUpdatusService, C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [NVIDIA Corporation] Skype Click to Call PNR Service, c2cpnrsvc, "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service [MS] Skype Click to Call Updater, c2cautoupdatesvc, "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [MS] Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> MCODS, <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> MCODS, <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Nitro PDF Port Monitor\Driver = nitrolocalmon2.dll [Nitro PDF Software] pdfcmon\Driver = pdfcmon.dll [pdfforge GbR] <>: Suspicious data at a browser hijack point. ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Aliegriet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Aliegriet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Aliegriet\AppData\Local\Mozilla\Firefox\Profiles\egi3vwr1.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Aliegriet\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=231 folders=42 14150630 bytes) ==== Empty Temp Folders ====================== C:\Users\Aliegriet\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ALIEGR~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 04-01-2015 at 9:52:40,67 ======================