Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Starcom1 on do 08/01/2015 at 14:51:30,23. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Starcom1\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\QNAP\Qfinder\iSCSIAgent.exe C:\Program Files\QNAP\NetBak\Enclosure.exe C:\Program Files\LuckyTab\LuckyTab.exe C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files\QNAP\NetBak\NetBak.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe C:\Program Files\STab\ProtectService.exe C:\Program Files\STab\cmdshell.exe C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files\STab\HPNotify.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\conhost.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\WUDFHost.exe C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files\QNAP\Qsync\Qsync.exe C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Starcom1\Downloads\zoek.exe C:\Windows\system32\conhost.exe C:\Windows\system32\taskeng.exe ==== System Restore Info ====================== 8/01/2015 14:53:05 Zoek.exe System Restore Point Created Succesfully. ==== Windows Installer Info ====================== Adobe Photoshop Elements 11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\467181D10DCD8B14AAB7A095F920A727]C:\Windows\Installer\48721be.msi Adobe Premiere Elements 11 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8D5570A94540BBE4C8C168C89E5EE318]C:\Windows\Installer\48721e1.msi ANT Drivers Installer x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\274F7E8D6F6826E4AABF82D332F8EE0D]C:\Windows\Installer\1f0f6ce0.msi Apple Application Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ED0FAC38B3D873C46A13B2F861CE0313]C:\Windows\Installer\1478ea77.msi Apple Mobile Device Support [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\33BBE5321AD3FD64AAED9955214390BC]C:\Windows\Installer\1478ecb5.msi Apple Software Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\46B5A9879DD95AB419A50FCFA0B1B7EF]C:\Windows\Installer\c67408e.msi ARC125 for Uniden (U)BC125XLT [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6C273B9838642D74B9ABCA4E2822F6D7]C:\Windows\Installer\39ff5482.msi Bonjour [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2F5519759897D9468219D52080EEDB5]C:\Windows\Installer\c674084.msi Dazzle Video Capture DVC100 X86 Driver 1.06 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\96AFCA4DAB5201B4A8E5AC229293CF9F]C:\Windows\Installer\9a04f4.msi Elements 11 Organizer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1E560D4DFBA30D143B58CFF620F7D400]C:\Windows\Installer\48721c6.msi Elevated Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\610CDAAB179C3564EAAA63AEDB31154C]C:\Windows\Installer\1f0f6cda.msi ESET NOD32 Antivirus [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\66EED85E6A288EE4E9412D465B90F78D]C:\Windows\Installer\12ac98.msi Filmmaker's Toolkit for Studio [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2654442CD7A8B244A8DB1FC07B44108]C:\Windows\Installer\9a0501.msi Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\73E2BA9355A129245A3D79E1F9070D8F]C:\Windows\Installer\2ba5e.msi Garmin BaseCamp [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C6F76A13D97D9B74F9B0310CCF3F3C8A]C:\Windows\Installer\13efaaf.msi Garmin City Navigator Europe NT 2011.40 Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\012B78A22765E124DA518BFD447D6819]C:\Windows\Installer\1aabc1b.msi Garmin City Navigator Europe NT 2014.30 Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BB0C659FAF2D5AB4087DCA807EDC16B1]C:\Windows\Installer\742ea8.msi Garmin City Navigator Europe NT 2014.40 Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7B4375491CFA0C499F7A6FFE6D1928F]C:\Windows\Installer\ce762.msi Garmin City Navigator Europe NT 2015.20 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2B441FE334EDE5459C9DF19A3CB5E8D]C:\Windows\Installer\eed34a.msi Garmin City Navigator Europe NTU 2015.10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FE8D69BF6CE184546AC54958622126CC]C:\Windows\Installer\477a284.msi Garmin City Navigator Europe NTU 2015.20 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\35D66E4B2B955374099422914CC022A7]C:\Windows\Installer\17d3f28.msi Garmin City Navigator Europe NTU 2015.30 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\12FB1F3653475504AA17E72D7B49C8C8]C:\Windows\Installer\12c31cf.msi Garmin Communicator Plugin [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2FBFBD17BE7F8624485849178DC3E466]C:\Windows\Installer\70d1bf8.msi Garmin Express [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F35CAD68B9C80F64A9742CD92EC7C18E]C:\Windows\Installer\1f0f6cce.msi Garmin Express Tray [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7C0F87B210DD6AF4C8A01BCCA07D5036]C:\Windows\Installer\1f0f6cd4.msi Garmin MapInstall [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\44DC7DE533A163B4AB90B055EF28FA59]C:\Windows\Installer\b01672b.msi Garmin POI Loader [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E5DE3123EBB73164EB96B8E1F45E02DD]C:\Windows\Installer\2d767650.msi Garmin USB Drivers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\183E5ABA64CEC524685CC51DB5FB4BFB]C:\Windows\Installer\4195386.msi Garmin VIRB Edit [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C20ECC002018D64DA641B83CC739985]C:\Windows\Installer\2c40792.msi Google Earth [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0336A2D4B8F23E11C9048BCAF6798BE8]C:\Windows\Installer\2e0e68f6.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\4d0a87e.msi Hollywood FX Volumes 1-3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8F181D3EB642F79449E5D69BC8AB6677]C:\Windows\Installer\9a050d.msi iCloud [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\723BB06737938064588C8861E2F23F6B]C:\Windows\Installer\da8d9.msi Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D924340EDF58904882C2D97294BC204]C:\Windows\Installer\58d7a65.msi Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A66F51D154E339346A8BE62C7EDDB3C3]C:\Windows\Installer\58d7a6b.msi Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D321549F0947E7D448960D1640D9BEB7]C:\Windows\Installer\58d7a5f.msi Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A8FEB20495B21FF47B19398181849734]C:\Windows\Installer\58d7a71.msi iTunes [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\139829D52D1D39A48AD2FB060D7EFC5A]C:\Windows\Installer\1478fd49.msi Java 8 Update 25 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2381208520F]C:\Windows\Installer\4bd312b.msi MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F54AC3FDCF7A1FF40BFBE32138FB24FF]C:\Windows\Installer\ad45a.msi MAGIX Video deluxe 2014 Premium [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\33640FA901AACE949896722935D143AB]C:\Windows\Installer\2ba78.msi MAGIX Video deluxe 2014 Premium Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7A0F3CE2D97C822448FAACE02183D979]C:\Windows\Installer\ab0a9.msi Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E68D19A1421347534AFB04761662C5AF]C:\Windows\Installer\5164945.msi Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\271D3094BCCDF293393A43ACD974EFD3]C:\Windows\Installer\92f6787.msi Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5D213EF3268BEC04E8E46A8DBA6F7263]C:\Windows\Installer\9c89516.msi Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\4d522.msi Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\4d4e4.msi Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\Windows\Installer\139495a.msi Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\4d4f5.msi Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\4d4ea.msi Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\4d4f0.msi Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109110000000000000000F01FEC]C:\Windows\Installer\4d528.msi Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\4d4fa.msi Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\4d50b.msi Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\4d505.msi Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\4d4ff.msi Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\4d510.msi Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\4d516.msi Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\4d4df.msi Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\4d51c.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\99e3326.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\b25099274a207264182f8181add555d0]C:\Windows\Installer\4614879.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\caf84.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6F9E66FF7E38E3A3FA41D89E8A906A4A]C:\Windows\Installer\f967f.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181]C:\Windows\Installer\7d238a0.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\Windows\Installer\461487f.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]C:\Windows\Installer\f9686.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D04BB691875110D32B98EBCF771AA1E1]C:\Windows\Installer\f968c.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]C:\Windows\Installer\becfb.msi Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C025571B2A687A53689168CD7369889B]C:\Windows\Installer\5a768698.msi Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DC8A59DBF9D1DA5389A1E3975220E6BB]C:\Windows\Installer\5a768693.msi Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22BEFC8F7E2A1793E9ADB411DEFE1C58]C:\Windows\Installer\13d7be14.msi Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21EE4A31AE32173319EEFE3BD6FDFFE3]C:\Windows\Installer\13d7be0e.msi Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91785D291CBB3CC40AB8659C8E48CCC2]C:\Windows\Installer\becf1.msi Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\121E2D80A6F7BE3479DF26B944094330]C:\Windows\Installer\becf6.msi Motion Graphics Toolkit for Studio [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9F99C5ED79E6B04ABCFB8BCFF01134E]C:\Windows\Installer\9a0506.msi MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\09AB59D18F4FCE748A2844C1993DC0E1]c:\Windows\Installer\116a417.msi MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F764691F11C67F458B88521DA8CB349]C:\Windows\Installer\4614887.msi NVIDIA PhysX [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A59E554B408BF9345B3333B66153EA79]C:\Windows\Installer\9fc617f.msi PDF Settings CS6 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\77EAAEFBF7DB43542B68C9C54B96E71B]C:\Windows\Installer\caf8d.msi Pinnacle Studio 17 - Install Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC29D40FA3C5AF64C989E6CADB2D26FF]C:\Windows\Installer\9a04e9.msi Pinnacle Studio 17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\808F8AD32E27163428CE3403182D0350]C:\Windows\Installer\9a04ee.msi Premium Pack Volumes 1-2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6A8D4C8845990A6469D5295ED5BA7843]C:\Windows\Installer\9a0514.msi QuickTime 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C2CBC2D34D56364478BABBC258C9F1E3]C:\Windows\Installer\24340812.msi ScoreFitter Volumes 1-2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ACE9ADF03AD6E0847B9A673F35FAB6C6]C:\Windows\Installer\9a051b.msi SkypeT 6.21 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0AB19942EE0FDA44C98CE55CA0CE6F7B]C:\Windows\Installer\a8310d2.msi SmartSound Common Data [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E9682A8BAC035C04C98FDB37455EE78F]C:\Windows\Installer\d310cc.msi SmartSound Sonicfire Pro 5.8 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14D4815E69777214BB4E6499F3F9AA3F]C:\Windows\Installer\d310d1.msi Title Extreme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4104127FEE7273249987F2D9511555B9]C:\Windows\Installer\9a0529.msi Video Player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D65674AAB0D97149A4651F2A7B09B06]C:\Windows\Installer\7acbe5a.msi Win7codecs [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7AAC0C8272319948A80C25795ED4390]C:\Windows\Installer\12ac92.msi ==== Empty Folders Check ====================== C:\Program Files\AGEIA Technologies deleted successfully C:\Program Files\FLVM Player deleted successfully C:\Program Files\Winamp deleted successfully C:\Program Files\WinZip Registry Optimizer deleted successfully C:\Users\Starcom1\AppData\Roaming\Nico Mak Computing deleted successfully C:\Users\Starcom1\AppData\Local\DriverToolkit deleted successfully C:\Users\Starcom1\AppData\Local\GHISLER deleted successfully C:\Users\Starcom1\AppData\Local\LooksBuilder deleted successfully ==== Checking Systemdrive for Symlinks ====================== Het volume in station C heeft geen naam. Het volumenummer is 34DB-E96F Map van C:\ 14/07/2009 05:53 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\Program Files\Windows NT 22/11/2013 14:38 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 bestand(en) 0 bytes Map van C:\ProgramData 14/07/2009 05:53 Application Data [C:\ProgramData] 22/11/2013 14:38 Bureaublad [C:\Users\Public\Desktop] 14/07/2009 05:53 Desktop [C:\Users\Public\Desktop] 22/11/2013 14:38 Documenten [C:\Users\Public\Documents] 14/07/2009 05:53 Documents [C:\Users\Public\Documents] 22/11/2013 14:38 Favorieten [C:\Users\Public\Favorites] 14/07/2009 05:53 Favorites [C:\Users\Public\Favorites] 22/11/2013 14:38 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 22/11/2013 14:38 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 14/07/2009 05:53 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 05:53 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Microsoft\Windows\Start Menu 22/11/2013 14:38 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\ProgramData\Oracle\Java\javapath 12/12/2014 10:16 java.exe [C:\Program Files\Java\jre1.8.0_25\bin\java.exe] 12/12/2014 10:16 javaw.exe [C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe] 12/12/2014 10:16 javaws.exe [C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users 14/07/2009 05:53 All Users [C:\ProgramData] 14/07/2009 05:53 Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\All Users 14/07/2009 05:53 Application Data [C:\ProgramData] 22/11/2013 14:38 Bureaublad [C:\Users\Public\Desktop] 14/07/2009 05:53 Desktop [C:\Users\Public\Desktop] 22/11/2013 14:38 Documenten [C:\Users\Public\Documents] 14/07/2009 05:53 Documents [C:\Users\Public\Documents] 22/11/2013 14:38 Favorieten [C:\Users\Public\Favorites] 14/07/2009 05:53 Favorites [C:\Users\Public\Favorites] 22/11/2013 14:38 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 22/11/2013 14:38 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 14/07/2009 05:53 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 14/07/2009 05:53 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Microsoft\Windows\Start Menu 22/11/2013 14:38 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Oracle\Java\javapath 12/12/2014 10:16 java.exe [C:\Program Files\Java\jre1.8.0_25\bin\java.exe] 12/12/2014 10:16 javaw.exe [C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe] 12/12/2014 10:16 javaws.exe [C:\Program Files\Java\jre1.8.0_25\bin\javaws.exe] 3 bestand(en) 0 bytes Map van C:\Users\Default 14/07/2009 05:53 Application Data [C:\Users\Default\AppData\Roaming] 14/07/2009 05:53 Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 14/07/2009 05:53 Local Settings [C:\Users\Default\AppData\Local] 22/11/2013 14:38 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/11/2013 14:38 Mijn documenten [C:\Users\Default\Documents] 14/07/2009 05:53 My Documents [C:\Users\Default\Documents] 14/07/2009 05:53 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 22/11/2013 14:38 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 05:53 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 14/07/2009 05:53 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 14/07/2009 05:53 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 22/11/2013 14:38 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 14/07/2009 05:53 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 14/07/2009 05:53 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 14/07/2009 05:53 Application Data [C:\Users\Default\AppData\Local] 22/11/2013 14:38 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 05:53 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 14/07/2009 05:53 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 22/11/2013 14:38 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 22/11/2013 14:38 Mijn afbeeldingen [C:\Users\Default\Pictures] 22/11/2013 14:38 Mijn muziek [C:\Users\Default\Music] 22/11/2013 14:38 Mijn video's [C:\Users\Default\Videos] 14/07/2009 05:53 My Music [C:\Users\Default\Music] 14/07/2009 05:53 My Pictures [C:\Users\Default\Pictures] 14/07/2009 05:53 My Videos [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\LogMeInRemoteUser 26/12/2013 15:59 Application Data [C:\Users\LogMeInRemoteUser\AppData\Roaming] 26/12/2013 15:59 Cookies [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Cookies] 26/12/2013 15:59 Local Settings [C:\Users\LogMeInRemoteUser\AppData\Local] 26/12/2013 15:59 Menu Start [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu] 26/12/2013 15:59 Mijn documenten [C:\Users\LogMeInRemoteUser\Documents] 26/12/2013 15:59 NetHood [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 26/12/2013 15:59 Netwerkprinteromgeving [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 26/12/2013 15:59 Recent [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Recent] 26/12/2013 15:59 SendTo [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\SendTo] 26/12/2013 15:59 Sjablonen [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\LogMeInRemoteUser\AppData\Local 26/12/2013 15:59 Application Data [C:\Users\LogMeInRemoteUser\AppData\Local] 26/12/2013 15:59 Geschiedenis [C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\History] 26/12/2013 15:59 Temporary Internet Files [C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu 26/12/2013 15:59 Programma's [C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\LogMeInRemoteUser\Documents 26/12/2013 15:59 Mijn afbeeldingen [C:\Users\LogMeInRemoteUser\Pictures] 26/12/2013 15:59 Mijn muziek [C:\Users\LogMeInRemoteUser\Music] 26/12/2013 15:59 Mijn video's [C:\Users\LogMeInRemoteUser\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 22/11/2013 14:38 Mijn afbeeldingen [C:\Users\Public\Pictures] 22/11/2013 14:38 Mijn muziek [C:\Users\Public\Music] 22/11/2013 14:38 Mijn video's [C:\Users\Public\Videos] 14/07/2009 05:53 My Music [C:\Users\Public\Music] 14/07/2009 05:53 My Pictures [C:\Users\Public\Pictures] 14/07/2009 05:53 My Videos [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Starcom1 22/11/2013 14:39 Application Data [C:\Users\Starcom1\AppData\Roaming] 22/11/2013 14:39 Cookies [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Cookies] 22/11/2013 14:39 Local Settings [C:\Users\Starcom1\AppData\Local] 22/11/2013 14:39 Menu Start [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu] 22/11/2013 14:39 Mijn documenten [C:\Users\Starcom1\Documents] 22/11/2013 14:39 NetHood [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 22/11/2013 14:39 Netwerkprinteromgeving [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/11/2013 14:39 Recent [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Recent] 22/11/2013 14:39 SendTo [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\SendTo] 22/11/2013 14:39 Sjablonen [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Starcom1\AppData\Local 22/11/2013 14:39 Application Data [C:\Users\Starcom1\AppData\Local] 22/11/2013 14:39 Geschiedenis [C:\Users\Starcom1\AppData\Local\Microsoft\Windows\History] 22/11/2013 14:39 Temporary Internet Files [C:\Users\Starcom1\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu 22/11/2013 14:39 Programma's [C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Starcom1\Documents 22/11/2013 14:39 Mijn afbeeldingen [C:\Users\Starcom1\Pictures] 22/11/2013 14:39 Mijn muziek [C:\Users\Starcom1\Music] 22/11/2013 14:39 Mijn video's [C:\Users\Starcom1\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 6 bestand(en) 0 bytes 93 map(pen) 792.660.819.968 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Creative Cloud Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop CS6 Adobe Photoshop Elements 11 Adobe Premiere Elements 11 Adobe SVG Viewer 3.0 ANT Drivers Installer x86 Apple Application Support Apple Mobile Device Support Apple Software Update ARC125 for Uniden (U)BC125XLT Bonjour CCleaner CloudReading Common Desktop Agent CopyTrans Control Center Alleen Verwijderen Creative Pack Volume 1 Dazzle Video Capture DVC100 X86 Driver 1.06 Dropbox Elements 11 Organizer Elevated Installer ESET NOD32 Antivirus FileZilla Client 3.7.4.1 Filmmaker's Toolkit for Studio Firebird SQL Server - MAGIX Edition Foxit Reader Garmin BaseCamp Garmin City Navigator Europe NT 2011.40 Update Garmin City Navigator Europe NT 2014.30 Update Garmin City Navigator Europe NT 2014.40 Update Garmin City Navigator Europe NT 2015.20 Garmin City Navigator Europe NTU 2015.10 Garmin City Navigator Europe NTU 2015.20 Garmin City Navigator Europe NTU 2015.30 Garmin Communicator Plugin Garmin Express Garmin Express Tray Garmin MapInstall Garmin POI Loader Garmin USB Drivers Garmin VIRB Edit Google Chrome Google Earth Google Update Helper Google+ Auto Backup Hollywood FX Volumes 1-3 iCloud INTEK MT-446EX Intel(R) Management Engine Components Intel© Trusted Connect Service Client iTunes iZotope Music & Speech Cleaner Java 8 Update 25 Java Auto Updater JaVaWa Device Manager 3.6 JaVaWa GMTK 3.7 JaVaWa RTWtool 2.7 Keyspan USB Serial Adapter KPG-121D KPG-90D MAGIX Speed burnR (MSI) MAGIX Video deluxe 2014 Premium MAGIX Video deluxe 2014 Premium Update Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft ASP.NET MVC 4 Runtime Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Microsoft_VC80_CRT_x86 Microsoft_VC90_CRT_x86 Motion Graphics Toolkit for Studio Mozilla Firefox 34.0.5 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) neroxml NetViewer 2.0 v1.1.1172.0 NewBlue ColorFast for Magix NVIDIA-configuratiescherm 344.75 NVIDIA 3D Vision controllerstuurprogramma 344.75 NVIDIA 3D Vision stuurprogramma 344.75 NVIDIA GeForce Experience 2.1.4 NVIDIA GeForce Experience Service NVIDIA Grafisch stuurprogramma 344.75 NVIDIA HD Audio-stuurprogramma 1.3.32.1 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA Network Service NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.14.0702 NVIDIA ShadowPlay 16.13.65 NVIDIA Stereoscopic 3D Driver NVIDIA Update 16.13.65 NVIDIA Update Core NVIDIA Virtual Audio 1.2.26 OKI Color Swatch Utility OKI Network Extension OnRoute Motor Midden-Europa 1.01 PDF Settings CS6 Picasa 3 Pinnacle Studio 17 - Install Manager Pinnacle Studio 17 - Standard Content Pack Pinnacle Studio 17 Pokki PRE11 STI Installer Premium Pack Volumes 1-2 proDAD Heroglyph 4.0 PSE11 STI Installer QNAP NetBak Replicator QNAP Qfinder QNAP Qsync QuickTime 7 Samsung Easy Printer Manager Samsung M2070 Series Samsung Printer Live Update Samsung Scan Assistant ScoreFitter Volumes 1-2 Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition Sena Bluetooth Device Manager 2.0.4 SHIELD Streaming SHIELD Wireless Controller Driver SkypeT 6.21 SmartSound Common Data SmartSound Sonicfire Pro 5.8 SpyHunter Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Surveillance_client version 1.0.44 TeamViewer 9 Title Extreme Total Commander (Remove or Repair) UltraISO Premium V9.53 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) Video Player Vinny27 - Adobe Photoshop CS6 32-bit Win7codecs Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (02/03/2011 2.4.0.0) Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (03/25/2014 2.5.1.1) Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/16/2014 2.5.1.2) Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (09/25/2013 2.5.0.4) Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (12/30/2013 2.5.0.6) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) WinFakt PDF (novaPDF 7.4 printer) WinRAR 5.01 (32-bit) ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IHProtect Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WindowsMangerProtect deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Starcom1\AppData\Roaming\Mozilla\Firefox\Profiles\xnju54dw.default-1419962495715 user.js not found ---- Lines webssearch removed from prefs.js ---- user_pref("browser.search.selectedEngine", "webssearches"); user_pref("browser.startup.homepage", "http://istart.webssearches.com/?type=hppp&ts=1418741852&from=exp&uid=WDCXWD10EZEX"); ---- FireFox user.js and prefs.js backups ---- prefs_20150801_1500_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted C:\Program Files\SamsungPrinterLiveUpdateInstaller deleted C:\Program Files\shopperz deleted C:\Program Files\STab deleted C:\Setup.exe deleted C:\Users\Starcom1\AppData\Roaming\MAGIX deleted C:\Users\Starcom1\AppData\Roaming\AnyProtectEx deleted C:\Users\Starcom1\AppData\Roaming\OpenCandy deleted C:\PROGRA~2\DSearchLink deleted C:\PROGRA~2\IHProtectUpDate deleted C:\PROGRA~2\MAGIX deleted C:\PROGRA~2\WindowsMangerProtect deleted C:\PROGRA~2\Package Cache deleted C:\Users\Starcom1\AppData\Local\nskEB96.tmp deleted C:\Users\Starcom1\AppData\Local\onlysearch deleted C:\Users\Starcom1\AppData\Local\Pokki deleted C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted C:\Users\Starcom1\AppData\LocalLow\Company deleted C:\Users\Starcom1\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted C:\Windows\wininit.ini deleted C:\Windows\system32\Tasks\EPUpdater deleted C:\Windows\system32\tasks\LuckyTab deleted C:\Windows\tasks\APSnotifierPP1.job deleted C:\Windows\tasks\APSnotifierPP2.job deleted C:\Windows\tasks\APSnotifierPP3.job deleted C:\Windows\system32\tasks\APSnotifierPP1 deleted C:\Windows\system32\tasks\APSnotifierPP2 deleted C:\Windows\system32\tasks\APSnotifierPP3 deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\Starcom1\Documents\Updater deleted C:\Users\Starcom1\Desktop\Continue Live Installation.lnk deleted "C:\Windows\Installer\7acbe5a.msi" deleted "C:\Program Files\LuckyTab\LuckyTab.exe" deleted "C:\Program Files\LuckyTab" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition Service Pack 1 (Build 7601) Memory (RAM): 3539 MB CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz CPU Speed: 3471,3 MHz Sound Card: Luidsprekers (High Definition A | Digitale audio (S/PDIF) (High D | M2262D-1 (NVIDIA High Definitio | Display Adapters: NVIDIA GeForce GT 640 | NVIDIA GeForce GT 640 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver | LogMeIn Mirror Driver Monitors: 2x; Algemeen PnP-beeldscherm | Algemeen PnP-beeldscherm | Screen Resolution: 1680 X 1050 - 32 bit Network: Network Present Network Adapters: Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) CD / DVD Drives: 2x (D: | E: | ) D: EZBSYS ISO CDVD DRIVE | E: hp DVD A DH16ACSHR Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 931,4GB | L: 298,0GB Hard Disks - Free: C: 736,9GB | L: 283,4GB Manufacturer *: AMI BIOS Info: AT/AT COMPATIBLE | 12/22/11 | HPQOEM - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: PEGATRON CORPORATION 2AD5 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: ESET NOD32 Antivirus 5.2 On-access scanning disabled (Outdated) Anti-Spyware: ESET NOD32 Antivirus 5.2 disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 39.0.2171.95 Internet Explorer Version: 11.0.9600.17501 Mozilla Firefox version: 34.0.5 (x86 nl) Google Chrome version: 39.0.2171.95 Sun Java version: 1.8.0_25 (32-bit) Flash Player version: 11.6.602.108 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Starcom1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-12-30 14:58:43 2A05C72B05CE849544A758ACC643A790 268004 ---ha-w- C:\Windows\System32\mlfcache.dat ====== C:\Windows\system32\drivers ===== 2014-12-15 14:47:40 1F3D35ED9104B2AB5BDF12CA8AD4551C 10911040 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-12-15 14:34:47 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\Windows\System32\drivers\nvvad32v.sys 2014-12-14 09:23:38 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_TeeDriver_01011.Wdf 2014-12-09 23:46:09 7FE680A3DFA421C4A8E4879AE4C5AAB0 74752 ----a-w- C:\Windows\System32\drivers\tdx.sys ====== C:\Windows\Tasks ====== 2014-12-30 17:39:19 -------- d-----w- C:\Windows\system32\Tasks\Safer-Networking 2014-12-30 16:39:06 470884464634070BD166267551A1A876 3344 ----a-w- C:\Windows\system32\Tasks\SpyHunter4Startup 2014-12-16 15:03:39 0543BF18FCEA4353B2D48A370D0A6105 3168 ----a-w- C:\Windows\system32\Tasks\{AB08C37A-4AEB-44CA-9C6C-F9C28827B572} 2014-12-16 14:51:17 1FDCF127065E033FB3E39370021F90D6 3146 ----a-w- C:\Windows\system32\Tasks\{4E9B830A-49E7-4A75-9812-70E699CF2021} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-07 11:11:24 -------- d-----w- C:\Program Files\trend micro 2014-12-30 16:39:02 -------- d-----w- C:\Program Files\Enigma Software Group 2014-12-30 16:38:20 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard 2014-12-30 14:11:59 -------- d-----w- C:\Program Files\Passware 2014-12-30 13:54:08 -------- d-----w- C:\Program Files\NetViewer 2.0 2014-12-14 09:23:48 -------- d-----w- C:\Program Files\Common Files\PostureAgent 2014-12-14 09:23:32 -------- d-----w- C:\Program Files\Intel 2014-12-12 09:19:18 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== 2014-12-22 15:33:46 06743964CC9516E68A1E6A06B73ABC2C 96350 ----a-w- C:\tb33.jpg 2014-12-22 15:30:56 1DE75AA7646B659B99FAAF2BB43EEE1E 104480 ----a-w- C:\tb22.jpg 2014-12-22 15:24:31 400201BC2E2141919CDFC803DC61ADC3 147359 ----a-w- C:\tb11.jpg 2014-12-18 12:23:26 C87465CF6815ECE49DBDAAAE682EFC96 724263 ----a-w- C:\snowtalk engels.pdf 2014-12-17 15:06:08 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\MSDOS.SYS 2014-12-17 15:06:08 D41D8CD98F00B204E9800998ECF8427E 0 --sha-r- C:\IO.SYS ====== C:\Users\Starcom1\AppData\Roaming ====== 2014-12-30 17:41:01 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Programs 2014-12-30 16:39:03 -------- d-----w- C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-12-30 13:54:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Starcom1\AppData\Roaming\RSDevID.fig 2014-12-30 13:54:11 BCDACDDA451739285DC0F3E9ADC73252 20 ----a-w- C:\Users\Starcom1\AppData\Roaming\RSIpAndPort.fig 2014-12-30 13:54:08 -------- d-----w- C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetViewer 2.0 2014-12-28 07:41:29 DF6BF0F70032E306C5C2586BE284B5D7 132 ----a-w- C:\Users\Starcom1\AppData\Roaming\Adobe CS5-voorkeuren voor PNG-indeling 2014-12-12 09:19:13 -------- d-----w- C:\Users\Starcom1\AppData\Locallow\Oracle ====== C:\Users\Starcom1 ====== 2015-01-07 11:10:30 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Starcom1\Downloads\RSIT.exe 2015-01-07 11:10:30 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Starcom1\Downloads\RSIT (1).exe 2015-01-03 10:04:44 E713142712B31512F78B6877EC962391 783400 ----a-w- C:\Users\Starcom1\Downloads\yet_another_cleaner_ava.exe 2014-12-31 15:22:18 -------- d-----w- C:\Users\Public\Documents\MAGIX 2014-12-31 15:22:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX 2014-12-30 17:52:02 B4CD9E8513C17C32224C70330A235296 3044736 ----a-w- C:\Users\Starcom1\Downloads\SpyHunter-Installer (1).exe 2014-12-30 16:37:26 58CFEB24D4AC902D42EB2D15E18C3110 728960 ----a-w- C:\Users\Starcom1\Downloads\SpyHunter-installer(1).exe 2014-12-30 16:37:07 58CFEB24D4AC902D42EB2D15E18C3110 728960 ----a-w- C:\Users\Starcom1\Downloads\SpyHunter-installer.exe 2014-12-30 14:19:32 -------- d-----w- C:\Users\Starcom1\www.starcom1.eu 2014-12-30 14:11:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passware 2014-12-30 13:54:11 2CDED967C30CFF1833AE50760BB36C3A 281 ----a-w- C:\ProgramData\RSUserCfg.ini 2014-12-30 13:25:39 C5633CAB85EEFDE7099D91B70303E8BF 3454320 ----a-w- C:\Users\Starcom1\Downloads\dmge-latest.exe 2014-12-16 07:09:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-12-14 09:23:39 -------- d-----w- C:\Windows\system32\config\systemprofile\Intel 2014-12-14 09:23:39 -------- d-----w- C:\ProgramData\Intel 2014-12-14 09:23:14 -------- d-----w- C:\Users\Starcom1\Intel ====== C: exe-files == 2015-01-07 11:11:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Starcom1.exe 2015-01-07 11:10:30 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Starcom1\Downloads\RSIT.exe 2015-01-07 11:10:30 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Starcom1\Downloads\RSIT (1).exe 2015-01-06 08:55:07 A1CF92651A2274E887189DABD2929DEF 82944 ----a-w- C:\Windows\Temp\3B03C7AF-F47B-44F0-9EE1-F9CA827888AF\DismHost.exe 2015-01-03 10:04:44 E713142712B31512F78B6877EC962391 783400 ----a-w- C:\Users\Starcom1\Downloads\yet_another_cleaner_ava.exe === C: other files == 2015-01-03 07:49:33 40F645604A115F0AA2CE3656C45B9C15 973908643 ----a-w- C:\Users\Starcom1\Downloads\Lenz.zip ======== System Restore Points ======== RP215: 2/01/2015 22:29:33 - Windows Update RP216: 6/01/2015 8:01:48 - Windows Update RP217: 6/01/2015 15:56:22 - Verwijderd Renesas Electronics USB 3.0 Host Controller Driver RP218: 8/01/2015 14:52:53 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-186408431-812368755-1050484228-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #5"="C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" "Application Restart #4"="C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "ConvertAd"="C:\Users\Starcom1\AppData\Local\ConvertAd\ConvertAd.exe" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #5"="C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" "Application Restart #4"="C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="c:\\progra~2\\browse~1\\261040~1.25\\{c16c1~1\\browse~1.dll" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Creative Cloud] "command"="\"C:\\Program Files\\Adobe\\Adobe Creative Cloud\\ACC\\Creative Cloud.exe\" --showwindow=false --onOSstartup=true" "hkey"="HKLM" "item"="Adobe Creative Cloud" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "command"="\"C:\\Program Files\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" "hkey"="HKLM" "item"="AdobeAAMUpdater-1.0" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] "command"="\"C:\\Program Files\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin" "hkey"="HKLM" "item"="AdobeCS6ServiceManager" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" "hkey"="HKLM" "item"="APSDaemon" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CDAServer] "command"="C:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe" "hkey"="HKLM" "item"="CDAServer" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn GUI] "command"="\"C:\\Program Files\\LogMeIn\\x86\\LogMeInSystray.exe\"" "hkey"="HKLM" "item"="LogMeIn GUI" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] "command"="\"C:\\Program Files\\NVIDIA Corporation\\Update Core\\NvBackend.exe\"" "hkey"="HKLM" "item"="NvBackend" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nvtmru] "command"="\"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\nvtmru.exe\"" "hkey"="HKLM" "item"="Nvtmru" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Qsync] "command"="\"C:\\Program Files\\QNAP\\Qsync\\Qsync.exe\" /launch_qsync" "hkey"="HKLM" "item"="Qsync" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RUSB3MON] "command"="\"C:\\Program Files\\Renesas Electronics\\USB 3.0 Host Controller Driver\\Application\\rusb3mon.exe\"" "hkey"="HKLM" "item"="RUSB3MON" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay] "command"="C:\\Windows\\system32\\rundll32.exe C:\\Windows\\system32\\nvspcap.dll,ShadowPlayOnSystemStart" "hkey"="HKLM" "item"="ShadowPlay" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] "command"="C:\\Program Files\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe" "hkey"="HKLM" "item"="SwitchBoard" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" ==== Startup Folders ====================== 2013-01-09 18:40:26 289 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD 2013-01-09 18:40:26 289 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD 2013-12-26 14:59:55 289 ----a-w- C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/11/2013 15:00] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/11/2013 15:00] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Starcom1-PC-Starcom1" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\iSCSIAgentAutoStartup" ["C:\Program Files\QNAP\Qfinder\iSCSIAgent.exe"] "C:\Windows\system32\tasks\NetBakAutoStartup" ["C:\Program Files\QNAP\NetBak\Enclosure.exe"] "C:\Windows\system32\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "faststartff@gmail.com"="C:\Users\Starcom1\AppData\Roaming\Mozilla\Firefox\Profiles\ybsckvoj.default\extensions\faststartff@gmail.com" [] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{5081D2D4-1637-404c-B74F-50526718257D}"="C:\Program Files\shopperz\Firefox" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Starcom1\AppData\Roaming\Mozilla\Firefox\Profiles\xnju54dw.default-1419962495715 E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 343BA8F3ABC8CE69700F37DB4A82300F - c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll - Silverlight Plug-In D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 5D2A80BA01A494E9924A466F39C4DAE7 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision 39D82BF49A279BF746A7F6A55BCEF99F - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION 847C1A6B649D406FDB721E1BCE4E1E38 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.6 B239D122D14692FC5EFBA7121C770F61 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.6 0900BBAB5745ECEC21C5E8254F05B7B0 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.6 17D7FEB824594E6446059EB3987D1AA9 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.6 59492511D7A8BC90A2F6023218E80F9C - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.6 BE40D3882DCDC3E4BD8B284B8D5F4FDB - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In 030992BCBD13BE4D1889A7B8C522B558 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll - AdobeAAMDetect 54740489C66AFC8B78CF9A2893A5DA63 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 9CD7CD8FD07718851DD8081CDF8CA3E7 - C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll - AdobeExManDetect 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 209F58DECE7A511BB81A7A172F4346E8 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla CF28AD14811DB6B2D92D49EC3E26610C - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_108.dll - Shockwave Flash C24ABF1ACE4E395B413971F5476208D1 - C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll - AdobeAAMDetect AB3546B509E4B89096078EB2081C39C7 - c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) YouTube - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf iCloud Bookmarks - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah Google Wallet - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Instagram for Chrome - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb Gmail - Starcom1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Starcom1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage deleted successfully C:\Users\Starcom1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_istart.webssearches.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1418741828&from=exp&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S132703627036&q={searchTerms}" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1418741828&from=exp&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S132703627036&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hppp&ts=1418741852&from=exp&uid=WDCXWD10EZEX" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1418741828&from=exp&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S132703627036&q={searchTerms}" "Default_Page_URL"="http://istart.webssearches.com/?type=hppp&ts=1418741852&from=exp&uid=WDCXWD10EZEX" "Start Page"="http://istart.webssearches.com/?type=hppp&ts=1418741852&from=exp&uid=WDCXWD10EZEX" "Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1418741828&from=exp&uid=WDCXWD10EZEX-60ZF5A0_WD-WCC1S132703627036&q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {1AACC6E1-C8B2-4651-96A0-755DE3B1042B} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo Url="http://www.google.com/search?q={sear" ==== Reset Google Chrome ====================== C:\Users\Starcom1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Starcom1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{5081D2D4-1637-404c-B74F-50526718257D} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\LogMeInRemoteUser\Desktop\SenaBluetoothDeviceManager.lnk - C:\Program Files\Sena Technologies\SenaBluetoothDeviceManager\SenaBluetoothDeviceManagerForWindows.exe C:\Users\Starcom1\Desktop\Adobe Photoshop CS6.lnk - C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe C:\Users\Starcom1\Desktop\BaseCamp.lnk - C:\Program Files\Garmin\BaseCamp\BaseCamp.exe C:\Users\Starcom1\Desktop\CopyTrans Control Center.lnk - C:\Users\Starcom1\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe C:\Users\Starcom1\Desktop\iCloud.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud C:\Users\Starcom1\Desktop\KPG-121D.lnk - C:\Program Files\Kenwood FPU\KPG121D\KPG121D.exe C:\Users\Starcom1\Desktop\KPG-90D.lnk - C:\Program Files\Kenwood Fpu\KPG90D\Kpg90d.exe C:\Users\Starcom1\Desktop\MapSource.exe.lnk - C:\Garmin\MapSource.exe C:\Users\Starcom1\Desktop\NetViewer 2.0.lnk - C:\Program Files\NetViewer 2.0\NetViewer 2.0.exe C:\Users\Starcom1\Desktop\Samsung Easy Printer Manager.lnk - C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe C:\Users\Starcom1\Desktop\SenaBluetoothDeviceManager.lnk - C:\Program Files\Sena Technologies\SenaBluetoothDeviceManager\SenaBluetoothDeviceManagerForWindows.exe C:\Users\Starcom1\Desktop\SpyHunter.lnk - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Users\Starcom1\Desktop\Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE C:\Users\Starcom1\Desktop\VIRB Edit.lnk - C:\Windows\Installer\{0CCE02C9-1020-46D8-AD46-B138CC379958}\icon.9BF5772B_00E3_4830_A4DF_E6851308AD3C.ico ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Creative Cloud.lnk - C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --appletID=HomePanel_BL --appletVersion=1.0 C:\Users\Public\Desktop\Adobe Photoshop Elements 11.lnk - C:\Program Files\Adobe\Elements 11 Organizer\Photoshop Elements 11.0.exe C:\Users\Public\Desktop\Adobe Premiere Elements 11.lnk - C:\Program Files\Adobe\Adobe Premiere Elements 11\Adobe Premiere Elements 11.exe C:\Users\Public\Desktop\ARC125.lnk - C:\Program Files\BuTel\ARC125\arc125.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\Public\Desktop\Foxit Reader.lnk - C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files\Garmin\Express\Express.exe C:\Users\Public\Desktop\GeForce Experience.lnk - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\INTEK MT-446EX.lnk - C:\Program Files\INTEK\INTEK MT-446EX\INTEK MT-446EX.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\Users\Public\Desktop\iZotope Music & Speech Cleaner.lnk - C:\Program Files\iZotope\Music & Speech Cleaner\win32\iZotope Music & Speech Cleaner.exe C:\Users\Public\Desktop\JaVaWa Device Manager.lnk - C:\Program Files\JaVaWa Device Manager\jdm.exe C:\Users\Public\Desktop\JaVaWa GMTK.lnk - C:\Program Files\JaVaWa GMTK\GMTK.exe C:\Users\Public\Desktop\JaVaWa RTWtool.lnk - C:\Program Files\JaVaWa RTWtool\RTWtool.exe C:\Users\Public\Desktop\MAGIX Video deluxe 2014 Premium.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\NetBak Replicator.lnk - C:\Program Files\QNAP\NetBak\NetBak.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\Pinnacle Studio 17.lnk - C:\Program Files\Pinnacle\Studio 17\programs\PinnacleStudio.EXE C:\Users\Public\Desktop\Qfinder.lnk - C:\Program Files\QNAP\Qfinder\Qfinder.exe C:\Users\Public\Desktop\Qsync (Beta).lnk - C:\Program Files\QNAP\Qsync\Qsync.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\Sonicfire Pro 5.8.lnk - C:\Program Files\SmartSound Software\Sonicfire Pro 5.8\SonicfirePro5.exe C:\Users\Public\Desktop\Surveillance_client.lnk - C:\Program Files\Dvrsoft\Surveillance_client\Surveillance_client.exe C:\Users\Public\Desktop\TeamViewer 9.lnk - C:\Program Files\TeamViewer\Version9\TeamViewer.exe C:\Users\Public\Desktop\UltraISO.lnk - C:\Program Files\UltraISO\UltraISO.exe C:\Users\Public\Desktop\VideoPlayer.exe.lnk - C:\Program Files\DVR Soft\Video Player\VideoPlayer.exe C:\Users\Public\Desktop\WinFakt .lnk - C:\Users\Public\Desktop\WinFakt Support.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Get Lucky.lnk - C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Help.lnk - C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab\Uninstall.lnk - C:\Program Files\LuckyTab\LuckyTab.exe -uninstall C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk - C:\Users\Starcom1\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"menu" C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center\CopyTrans Control Center.lnk - C:\Users\Starcom1\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center\Uninstall.lnk - C:\Users\Starcom1\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe /uninstall C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetViewer 2.0\NetViewer 2.0.lnk - C:\Program Files\NetViewer 2.0\NetViewer 2.0.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetViewer 2.0\Uninstall.lnk - C:\Program Files\NetViewer 2.0\uninst.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter Emergency Startup.lnk - C:\Windows\explorer.exe "C:\Program Files\Enigma Software Group\SpyHunter\SH4.com" C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\SpyHunter.lnk - C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\Uninstall SpyHunter.lnk - C:\Windows\System32\msiexec.exe /X {AF549236-6258-4AC6-A043-5B5B89C6EB61} ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvrsoft\Surveillance_client\Surveillance_client.lnk - C:\Program Files\Dvrsoft\Surveillance_client\Surveillance_client.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dvrsoft\Surveillance_client\Uninstall Surveillance_client.lnk - C:\Program Files\Dvrsoft\Surveillance_client\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp (2D only).lnk - C:\Program Files\Garmin\BaseCamp\BaseCamp.exe /Disable3D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\BaseCamp.lnk - C:\Program Files\Garmin\BaseCamp\BaseCamp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\MapInstall.lnk - C:\Program Files\Garmin\MapInstall\MapInstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\WebUpdater.lnk - C:\Program Files\Garmin\WebUpdater\WebUpdater.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Agenda.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe calendar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Contactgegevens.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe contacts C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-mail.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe mail C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Herinneringen.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe reminders C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-foto's.lnk - C:\Program Files\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notities.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe notes C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Zoek mijn iPhone.lnk - C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe find C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\MAGIX Music Editor 3.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\MusicEditor\MusicEditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\MAGIX Photo Designer 7.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\PhotoDesigner\PhotoDesigner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\MAGIX Video deluxe 2014 Premium.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\MAGIX Xtreme Print Studio.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\coverlabel\cdprinter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Dienst en Support\Licentievoorwaarden.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\license.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Dienst en Support\MAGIX Video deluxe 2014 Premium deïnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Music Editor 3 Hulp.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\MusicEditor\MusicEditor_NL.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Photo Designer 7 Handleiding.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\PhotoDesigner\Manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Photo Designer 7 Hulp.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\PhotoDesigner\pa.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Video deluxe 2014 Premium Handleiding.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe_NL.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Video deluxe 2014 Premium Hulp.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe_NL.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX\MAGIX Video deluxe 2014 Premium\Documentatie\MAGIX Xtreme Print Studio Hulp.lnk - C:\Program Files\MAGIX\Video deluxe 2014 Premium\coverlabel\HelpAndSupport\NLD\XaraX.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.31211.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passware\Asterisk Key.lnk - C:\Program Files\Passware\ariskkey.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Over QuickTime.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\RichText.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime deïnstalleren.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk - C:\Windows\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\QTPlayer.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Player\Uninstall.lnk - C:\Windows\System32\msiexec.exe /x {A47656D1-D0BA-4179-A964-152F7A0BB960} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Player\VideoPlayer.exe.lnk - C:\Program Files\DVR Soft\Video Player\VideoPlayer.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Foxit Reader.lnk - C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iZotope Music & Speech Cleaner.lnk - C:\Program Files\iZotope\Music & Speech Cleaner\win32\iZotope Music & Speech Cleaner.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NetBak Replicator.lnk - C:\Program Files\QNAP\NetBak\NetBak.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Qfinder.lnk - C:\Program Files\QNAP\Qfinder\Qfinder.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Qsync.lnk - C:\Program Files\QNAP\Qsync\Qsync.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Bridge CS6.lnk - C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop CS6.lnk - C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\FileZilla.lnk - C:\Program Files\FileZilla FTP Client\filezilla.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MapSource Application.lnk - C:\Garmin\MapSource.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Picasa 3.lnk - C:\Program Files\Google\Picasa3\Picasa3.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\POI Loader.lnk - C:\Program Files\Garmin\POI Loader\POILoader.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Menu.lnk - C:\Users\Starcom1\AppData\Local\Pokki\Engine\HostAppService.exe /OPEN"menu" C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WebUpdater.lnk - C:\Program Files\Garmin\WebUpdater\WebUpdater.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Starcom1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 ==== Uninstall List x86 ====================== Adobe Creative Cloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Creative Cloud] Adobe Flash Player 11 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Photoshop CS6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}] Adobe Photoshop Elements 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D181764-DCD0-41B8-AA7B-0A599F027A72}] Adobe Photoshop Elements 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Photoshop Elements 11] Adobe Premiere Elements 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A0755D8-0454-4EBB-8C1C-868CE9E53E81}] Adobe Premiere Elements 11 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PremElem110] Adobe SVG Viewer 3.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer] ANT Drivers Installer x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8E7F472-86F6-4E62-AAFB-283D238FEED0}] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{235EBB33-3DA1-46DF-AADE-9955123409CB}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] ARC125 for Uniden (U)BC125XLT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89B372C6-4683-47D2-9BBA-ACE482226F7D}] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CloudReading [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1] Common Desktop Agent [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{031A0E14-0413-4C97-9772-2639B782F46F}] CopyTrans Control Center Alleen Verwijderen [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\CopyTrans Suite] Creative Pack Volume 1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}] Dazzle Video Capture DVC100 X86 Driver 1.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4ACFA69-25BA-4B10-8A5E-CA222939FCF9}] Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox] Elements 11 Organizer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}] Elevated Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BAADC016-C971-4653-AEAA-36EABD1351C4}] ESET NOD32 Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E58DEE66-82A6-4EE8-9E14-D264B5097FD8}] FileZilla Client 3.7.4.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\FileZilla Client] Filmmaker's Toolkit for Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2444562A-A7DC-42B8-A4D8-1BCF704B1480}] Filmmaker's Toolkit for Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2444562A-A7DC-42B8-A4D8-1BCF704B1480}] Firebird SQL Server - MAGIX Edition [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}] Foxit Reader [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Foxit Reader_is1] Garmin BaseCamp [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{31A67F6C-D79D-47B9-9F0B-13C0FCF3C3A8}] Garmin City Navigator Europe NT 2011.40 Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2A87B210-5672-421E-AD15-B8DF44D78691}] Garmin City Navigator Europe NT 2014.30 Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F956C0BB-D2FA-4BA5-80D7-AC08E7CD611B}] Garmin City Navigator Europe NT 2014.40 Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45734B7D-FC19-4C0A-997F-6AFF6E1D29F8}] Garmin City Navigator Europe NT 2015.20 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EF144B2A-E433-45ED-959C-FD913ABCE5D8}] Garmin City Navigator Europe NTU 2015.10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB96D8EF-1EC6-4548-A65C-9485261262CC}] Garmin City Navigator Europe NTU 2015.20 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4E66D53-59B2-4735-9049-2219C40C227A}] Garmin City Navigator Europe NTU 2015.30 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{63F1BF21-7435-4055-AA71-7ED2B7948C8C}] Garmin Communicator Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}] Garmin Express [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22939821-cd61-449c-8a03-cff0af03c156}] Garmin Express [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86DAC53F-8C9B-46F0-9A47-C29DE27C1CE8}] Garmin Express Tray [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B78F0C7-DD01-4FA6-8C0A-B1CC0AD70563}] Garmin MapInstall [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}] Garmin POI Loader [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}] Garmin USB Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}] Garmin VIRB Edit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0CCE02C9-1020-46D8-AD46-B138CC379958}] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Earth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Google+ Auto Backup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}] Hollywood FX Volumes 1-3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3D181F8-246B-497F-945E-6DB98CBA6677}] iCloud [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{760BB327-3973-4608-85C8-88162E2FF3B6}] INTEK MT-446EX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BFD136E9-F6DE-4F4B-9793-DC19A43D3545}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{043429D6-5FDE-4098-88C2-D27992B42C40}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D15F66A-3E45-4393-A6B8-6EC2E7DD3B3C}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F945123D-7490-4D7E-8469-D061049DEB7B}] Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{402BEF8A-2B59-4FF1-B791-931818487943}] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}] iZotope Music & Speech Cleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iZotope Music & Speech Cleaner_is1] Java 8 Update 25 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218025F0}] JaVaWa Device Manager 3.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D700EE8-5A7D-43C1-B4E2-BC8A22B482DD}_is1] JaVaWa GMTK 3.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{75BC5466-3CE9-4316-B6E8-CD1F49C3B0BE}_is1] JaVaWa RTWtool 2.7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A19495AF-E104-40A5-95F7-351A49FA1EF4}_is1] Keyspan USB Serial Adapter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2E97DE76-851A-48AA-A0D6-665860FAD9CA}] KPG-121D [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EE7ADD7A-0120-458E-8B1D-B486E06AF7E3}] KPG-90D [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2452C63A-9434-4EC8-BC61-E6B257BE5A95}] MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF3CA45F-A7FC-4FF1-B0BF-3E1283BF42FF}] MAGIX Speed burnR (MSI) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MAGIX_{DF3CA45F-A7FC-4FF1-B0BF-3E1283BF42FF}] MAGIX Video deluxe 2014 Premium [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9AF04633-AA10-49EC-8969-2792531D34BA}] MAGIX Video deluxe 2014 Premium [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MX.{9AF04633-AA10-49EC-8969-2792531D34BA}] MAGIX Video deluxe 2014 Premium Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2EC3F0A7-C79D-4228-84AF-CA0E12389D97}] Microsoft .NET Framework 4.5.1 (Nederlands) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043] Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1A91D86E-3124-3574-A4BF-406761265CFA}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft ASP.NET MVC 4 Runtime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}] Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{196BB40D-1578-3D01-B289-BEFC77A11A1E}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}] Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B175520C-86A2-35A7-8619-86DC379688B9}] Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}] Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ce085a78-074e-4823-8dc1-8a721b94b76d}] Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}] Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}] Microsoft_VC80_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] Microsoft_VC90_CRT_x86 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] Motion Graphics Toolkit for Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}] Motion Graphics Toolkit for Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E5C99F9E-E97D-40B6-BAFC-8BCBFF1031E4}] Mozilla Firefox 34.0.5 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 34.0.5 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSXML 4.0 SP3 Parser (KB2758694) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}] MSXML 4.0 SP3 Parser [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{196467F1-C11F-4F76-858B-5812ADC83B94}] neroxml [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] NetViewer 2.0 v1.1.1172.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetViewer 2.0] NewBlue ColorFast for Magix [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewBlue ColorFast for Magix] NVIDIA-configuratiescherm 344.75 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision controllerstuurprogramma 344.75 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] NVIDIA 3D Vision stuurprogramma 344.75 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA GeForce Experience 2.1.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] NVIDIA GeForce Experience Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] NVIDIA Grafisch stuurprogramma 344.75 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA HD Audio-stuurprogramma 1.3.32.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA LED Visualizer 1.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] NVIDIA Network Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B455E95A-B804-439F-B533-336B1635AE97}] NVIDIA PhysX systeemsoftware 9.14.0702 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] NVIDIA ShadowPlay 16.13.65 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] NVIDIA Update 16.13.65 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Core [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] NVIDIA Virtual Audio 1.2.26 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] OKI Color Swatch Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A344F95E-E51A-450C-8F84-C940BF61903E}] OKI Network Extension [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{38ADB9A6-798C-11D6-A855-00105A80791C}] OnRoute Motor Midden-Europa 1.01 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1711C5D5-15B0-4FED-8A9E-722B63125792}_is1] PDF Settings CS6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}] Picasa 3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Picasa 3] Pinnacle Studio 17 - Install Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F04D92CC-5C3A-46FA-9C98-6EACBDD262FF}] Pinnacle Studio 17 - Standard Content Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BA98BFA8-5EDF-450B-A92E-C096DC135D0E}] Pinnacle Studio 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3DA8F808-72E2-4361-82EC-433081D23005}] Pokki [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki] PRE11 STI Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52246EA3-650C-44B6-84EB-7F6643345946}] Premium Pack Volumes 1-2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88C4D8A6-9954-46A0-965D-92E55DAB8734}] proDAD Heroglyph 4.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\proDAD-Heroglyph-4.0] PSE11 STI Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{98CE8819-87AA-4814-8167-ADDDD513485F}] QNAP NetBak Replicator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NetBak] QNAP Qfinder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\QNAP_FINDER] QNAP Qsync [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Qsync] QuickTime 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}] Samsung Easy Printer Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Printer Manager] Samsung M2070 Series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Samsung M2070 Series] Samsung Printer Live Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Printer Live Update] Samsung Scan Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Scan Assistant] ScoreFitter Volumes 1-2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}] Sena Bluetooth Device Manager 2.0.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sena Bluetooth Device Manager] SHIELD Streaming [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] SHIELD Wireless Controller Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] SkypeT 6.21 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}] SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}] SmartSound Common Data [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}] SmartSound Sonicfire Pro 5.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5184D41-7796-4127-BBE4-46993F9FAAF3}] SmartSound Sonicfire Pro 5.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E5184D41-7796-4127-BBE4-46993F9FAAF3}] SpyHunter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF549236-6258-4AC6-A043-5B5B89C6EB61}] Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46] Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2] Surveillance_client version 1.0.44 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DDC5185C-7C8A-420B-B831-BCE5AAB1F449}_is1] TeamViewer 9 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer 9] Title Extreme [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F7214014-27EE-4237-9978-2F9D1551559B}] Total Commander (Remove or Repair) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Totalcmd] UltraISO Premium V9.53 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\UltraISO_is1] Video Player [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A47656D1-D0BA-4179-A964-152F7A0BB960}] Vinny27 - Adobe Photoshop CS6 32-bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4C722A04-AC0B-41CB-99E4-DC8EBE1C2E9D}] Win7codecs [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8C0CAA7A-3272-4991-A808-2C7559DE3409}] Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (02/03/2011 2.4.0.0) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\88C277C6E63CBDAF35A096E80A5B97A29A619D3A] Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (03/25/2014 2.5.1.1) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ED71EDDFEA0582ADC8E6E98F350A9973F177AD2A] Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/16/2014 2.5.1.2) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\B44F9EFC36BE3F2AEE237FD42C58FF4E1103791B] Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (09/25/2013 2.5.0.4) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\C42A52147A495AB46C8FF83D371DF915C0417EBC] Windows-stuurprogrammapakket - Cambridge Silicon Radio Ltd. (CSRBC) USB (12/30/2013 2.5.0.6) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\26D26416B8357FF24D75947D73C90B67147A59B5] Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\98157A226B40B173301B0F53C8E98C47805D5152] WinFakt PDF (novaPDF 7.4 printer) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinFakt PDF_is1] WinRAR 5.01 (32-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D65674AAB0D97149A4651F2A7B09B06 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A47656D1-D0BA-4179-A964-152F7A0BB960} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1D65674AAB0D97149A4651F2A7B09B06 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RUSB3MON deleted successfully ==== HijackThis Entries ====================== O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ConvertAd] C:\Users\Starcom1\AppData\Local\ConvertAd\ConvertAd.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\RunOnce: [Application Restart #5] C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKCU\..\RunOnce: [Application Restart #4] C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files\Garmin\Express Tray\ExpressTray.exe" (User 'Default user') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\ {++} Application Restart #5 = C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [file not found] Application Restart #4 = C:\Users\Starcom1\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Starcom1\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} egui = "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice [ESET] iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.] QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [Apple Inc.] ConvertAd = C:\Users\Starcom1\AppData\Local\ConvertAd\ConvertAd.exe [file not found] SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [Oracle Corporation] {DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided) -> {HKLM...CLSID} = Java(tm) Plug-In 2 SSV Helper \InProcServer32\(Default) = C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [Oracle Corporation] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1\(Default) = {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} -> {HKLM...CLSID} = AccExtIco1 Class \InProcServer32\(Default) = C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [null data] AccExtIco2\(Default) = {853B7E05-C47D-4985-909A-D0DC5C6D7303} -> {HKLM...CLSID} = AccExtIco2 Class \InProcServer32\(Default) = C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [null data] AccExtIco3\(Default) = {42D38F2E-98E9-4382-B546-E24E4D6D04BB} -> {HKLM...CLSID} = AccExtIco3 Class \InProcServer32\(Default) = C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [null data] QsyncEx_Icon1\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] QsyncEx_Icon2\(Default) = {EA099D0C-B08A-4802-854D-FBF7B86DF50C} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] QsyncEx_Icon3\(Default) = {978988E4-F814-4051-9350-BAC219423171} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] "DropboxExt1"\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt2"\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt3"\(Default) = {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt4"\(Default) = {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt5"\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt6"\(Default) = {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt7"\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] "DropboxExt8"\(Default) = {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll [file not found] HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ <> BootExecute = autocheck autochk *| [file not found]|sdnclean.exe [file not found] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}\(Default) = LogMeInCredProv -> {HKLM...CLSID} = LogMeInCredProv \InProcServer32\(Default) = LMIinit.dll [LogMeIn, Inc.] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294} -> {HKLM...CLSID} = HxProtocol Class \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS] <> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -> {HKLM...CLSID} = IEProtocolHandler Class \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [Skype Technologies] HKCU\Software\Classes\*\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ AccExt\(Default) = {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} -> {HKLM...CLSID} = AccExt Class \InProcServer32\(Default) = C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [null data] ESET Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D} -> {HKLM...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [ESET] Foxit_ConvertToPDF_Reader\(Default) = {A94757A0-0226-426F-B4F1-4DF381C630D3} -> {HKLM...CLSID} = ConvertToPDF Class \InProcServer32\(Default) = C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [Foxit Corporation] PhotoStreamsExt\(Default) = {89D984B3-813B-406A-8298-118AFA3A22AE} -> {HKLM...CLSID} = ContextMenuHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [Apple Inc.] QsyncExt\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ QsyncExt\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] UltraISO\(Default) = {AD392E40-428C-459F-961E-9B147782D099} -> {HKLM...CLSID} = UIContextMenu Class \InProcServer32\(Default) = C:\Program Files\UltraISO\isoshell.dll [EZB Systems, Inc.] HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\ FileZilla3CopyHook\(Default) = {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} -> {HKLM...CLSID} = FileZilla 3 Shell Extension \InProcServer32\(Default) = C:\Program Files\FileZilla FTP Client\fzshellext.dll [null data] QsyncExt\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\ DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -> {HKCU...CLSID} = DropboxExt \InProcServer32\(Default) = C:\Users\Starcom1\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll [Dropbox, Inc.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] QsyncExt\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] Search\(Default) = {2559A1F0-21D7-11D4-BDAF-00C04F60B9F0} -> {HKLM...CLSID} = Search \InProcServer32\(Default) = C:\Windows\System32\shdocvw.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ AccExt\(Default) = {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} -> {HKLM...CLSID} = AccExt Class \InProcServer32\(Default) = C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll [null data] ESET Smart Security - Context Menu Shell Extension\(Default) = {B089FE88-FB52-11D3-BDF1-0050DA34150D} -> {HKLM...CLSID} = ESET Smart Security - Context Menu Shell Extension \InProcServer32\(Default) = C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [ESET] QsyncExt\(Default) = {9EF65B94-EC0D-49F7-B46D-006B388EB03E} -> {HKLM...CLSID} = QsyncShellExt Class \InProcServer32\(Default) = C:\Program Files\QNAP\Qsync\QsyncExt.dll [null data] UltraISO\(Default) = {AD392E40-428C-459F-961E-9B147782D099} -> {HKLM...CLSID} = UIContextMenu Class \InProcServer32\(Default) = C:\Program Files\UltraISO\isoshell.dll [EZB Systems, Inc.] WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ WinRAR\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA} -> {HKLM...CLSID} = WinRAR \InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ NoLowDiskSpaceChecks = (REG_DWORD) dword:0x00000001 {unrecognized setting} LinkResolveIgnoreLinkInfo = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoResolveSearch = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoResolveTrack = (REG_DWORD) dword:0x00000001 {unrecognized setting} NoInternetOpenWith = (REG_DWORD) dword:0x00000001 {unrecognized setting} HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ ConsentPromptBehaviorAdmin = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Administrators In Admin Approval Mode} ConsentPromptBehaviorUser = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Behavior Of The Elevation Prompt For Standard Users} EnableLUA = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Run All Administrators In Admin Approval Mode} PromptOnSecureDesktop = (REG_DWORD) dword:0x00000000 {Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options| User Account Control: Switch to the secure desktop when prompting for elevation} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Starcom1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ AdobePhotoshopElements11ShowPicturesOnArrival\ Provider = Adobe Elements Organizer 11.0 InvokeProgID = PhotoshopElements.Application.11 InvokeVerb = launch HKLM\SOFTWARE\Classes\PhotoshopElements.Application.11\shell\launch\command\(Default) = "C:\Program Files\Adobe\Elements 11 Organizer\PseProxy.exe" -v "%1" [Adobe Systems Incorporated] AdobePremiereElements11.0CameraArrival\ Provider = Adobe Premiere Elements ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files\Adobe\Adobe Premiere Elements 11\Adobe Premiere Elements.exe" HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] BridgeCS6ImportMediaOnArrival\ Provider = Adobe Bridge CS6 InvokeProgID = Adobe.adobebridgeCS6 InvokeVerb = launch HKLM\SOFTWARE\Classes\Adobe.adobebridgeCS6\shell\launch\command\(Default) = C:\Program Files\Adobe\Adobe Bridge CS6\bridgeproxy.exe -v %1 [Adobe Systems, Inc.] BridgeCS6NonVolumeHandler\ Provider = Adobe Bridge CS6 ProgID = Adobe.adobebridgeMTP_1 HKLM\SOFTWARE\Classes\Adobe.adobebridgeMTP_1\CLSID\(Default) = {1E6C711B-6D70-4a65-8AB6-745DC19BE2A6} -> {HKLM...CLSID} = Adobe Bridge CS6 \LocalServer32\(Default) = C:\Program Files\Adobe\Adobe Bridge CS6\bridgeproxy.exe -m [Adobe Systems, Inc.] iTunesBurnCDOnArrival\ Provider = iTunes InvokeProgID = iTunes.BurnCD InvokeVerb = burn HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.] iTunesImportSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ImportSongsOnCD InvokeVerb = import HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.] iTunesPlaySongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.PlaySongsOnCD InvokeVerb = play HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.] iTunesShowSongsOnArrival\ Provider = iTunes InvokeProgID = iTunes.ShowSongsOnCD InvokeVerb = showsongs HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.] MxVideoDeLuxePlayDVDMovieOnArrival\ Provider = MAGIX Video deluxe 2014 Premium InvokeProgID = MAGIX.Videodeluxe20_premium InvokeVerb = APPlayDVDMovie HKLM\SOFTWARE\Classes\MAGIX.Videodeluxe20_premium\shell\APPlayDVDMovie\command\(Default) = "C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe" /Embedding /APPlayDVDMovie "%L" [MAGIX Software GmbH] MxVideoDeLuxeShowPicturesOnArrival\ Provider = MAGIX Video deluxe 2014 Premium InvokeProgID = MAGIX.Videodeluxe20_premium InvokeVerb = APShowPictures HKLM\SOFTWARE\Classes\MAGIX.Videodeluxe20_premium\shell\APShowPictures\command\(Default) = "C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe" /Embedding /APShowPictures "%L" [MAGIX Software GmbH] MxVideoDeLuxeShowVideosOnArrival\ Provider = MAGIX Video deluxe 2014 Premium InvokeProgID = MAGIX.Videodeluxe20_premium InvokeVerb = APPlayVideoFiles HKLM\SOFTWARE\Classes\MAGIX.Videodeluxe20_premium\shell\APPlayVideoFiles\command\(Default) = "C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe" /Embedding /APPlayVideoFiles "%L" [MAGIX Software GmbH] MxVideoDeLuxeVideoCameraArrival\ Provider = MAGIX Video deluxe 2014 Premium ProgID = MAGIX.Videodeluxe20_premium HKLM\SOFTWARE\Classes\MAGIX.Videodeluxe20_premium\CLSID\(Default) = {007E6FA9-B5F4-4FD3-A8A4-89DEB275E051} -> {HKLM...CLSID} = (no title provided) \LocalServer32\(Default) = C:\Program Files\MAGIX\Video deluxe 2014 Premium\Videodeluxe.exe [MAGIX Software GmbH] Picasa2ImportPicturesOnArrival\ Provider = Picasa3 InvokeProgID = picasa2.autoplay InvokeVerb = import HKLM\SOFTWARE\Classes\picasa2.autoplay\shell\import\command\(Default) = "C:\Program Files\Google\Picasa3\Picasa3.exe" "%1" [Google Inc.] PSE110NonVolumeHandler\ Provider = Adobe Elements Organizer 11.0 ProgID = PSE110.AutoPlay_1 HKLM\SOFTWARE\Classes\PSE110.AutoPlay_1\CLSID\(Default) = {9B46CE66-5F35-4ad4-AA37-A641CDAE3C3B} -> {HKLM...CLSID} = Adobe Photoshop Elements 11 \LocalServer32\(Default) = "C:\Program Files\Adobe\Elements 11 Organizer\PseProxy.exe" -m [Adobe Systems Incorporated] WIA_{03D6D7DA-916C-4B49-B9AE-53226F254987}\ Provider = Photoshop CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{2080B0FF-4D8E-449B-A5CD-392EB77137FE}\ Provider = Microsoft Office Word CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /IMG_WIA; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] WIA_{AF125C42-387F-4CCC-845D-B07856DD673E}\ Provider = Photoshop CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Program Files\Adobe\Photoshop Elements 11\PhotoshopElementsEditor.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks AdobeAAMUpdater-1.0-Starcom1-PC-Starcom1 -> launches: C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled [Adobe Systems Incorporated] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] GarminUpdaterTask -> launches: C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [null data] GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] iSCSIAgentAutoStartup -> launches: "C:\Program Files\QNAP\Qfinder\iSCSIAgent.exe" [QNAP] NetBakAutoStartup -> launches: "C:\Program Files\QNAP\NetBak\Enclosure.exe" /launch_netbak_min [QNAP Systems, Inc.] SpyHunter4Startup -> launches: "C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe" /s [Enigma Software Group USA, LLC.] {4E9B830A-49E7-4A75-9812-70E699CF2021} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Starcom1\Downloads\sp56164.exe -d C:\Users\Starcom1\Downloads [MS] {A0BDD129-AE2D-467B-9D1E-D7431C2E8C7E} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Starcom1\Downloads\sp57873.exe -d C:\Users\Starcom1\Downloads [MS] {AB08C37A-4AEB-44CA-9C6C-F9C28827B572} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\Starcom1\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=exp [MS] C:\Windows\System32\Tasks\Apple AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D} -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Media Center ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS] ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS] DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS] ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS] mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS] MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS] ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS] PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS] PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS] PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS] PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS] PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS] RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS] ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS] SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS] StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2} -> {HKLM...CLSID} = MemoryDiagnosticCustomHandler \InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MUI LPRemove -> launches: %windir%\system32\lpremove.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\Windows\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan [MS] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-186408431-812368755-1050484228-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] 000000000008\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 21 Toolbars, Explorer Bars, Extensions: ------------------------------------ Explorer Bars HKLM\SOFTWARE\Classes\CLSID\{F37C7F06-0B23-4AD1-9160-1CC285A5E9EC}\(Default) = Easy Capture Manager Print Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\Program Files\Samsung\Easy Printer Manager\SmartScreenPrint\W2PDeskband.dll [Samsung Electronics Co., Ltd.] HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM...CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [MS] Miscellaneous IE Hijack Points ------------------------------ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\ <> InPrivate = res://ieframe.dll/inprivate_win7.htm [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Adobe Active File Monitor V11, AdobeActiveFileMonitor11.0, C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [Adobe Systems Incorporated] Apple Mobile Device, Apple Mobile Device, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.] Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.] ESET Service, ekrn, "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" [ESET] FABS - Helping agent for MAGIX media database, Fabs, C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI [MAGIX© AG] Intel(R) Dynamic Application Loader Host Interface Service, jhi_service, "C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [Intel Corporation] Intel(R) Management and Security Application Local Management Service, LMS, "C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" [Intel Corporation] iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.] NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA GeForce Experience Service, GfExperienceService, "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" [NVIDIA Corporation] NVIDIA Network Service, NvNetworkService, "C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe" [NVIDIA Corporation] NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation] NVIDIA Streamer Service, NvStreamSvc, "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" [NVIDIA Corporation] SpyHunter 4 Service, SpyHunter 4 Service, C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [Enigma Software Group USA, LLC.] TeamViewer 9, TeamViewer9, "C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe" [TeamViewer GmbH] UMVPFSrv, UMVPFSrv, C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [Logitech Inc.] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ LogMeIn Printer Port Monitor\Driver = LMIport.dll [LogMeIn, Inc.] novaPDF 7 Monitor\Driver = novamnk7.dll [Softland] OKI HiperC Language Monitor9 2K\Driver = OPMFM104.DLL [Oki Data Corporation] ssm4m Langmon\Driver = ssm4mlm.dll [empty string] <>: Suspicious data at a browser hijack point. ==== Empty IE Cache ====================== C:\Users\Starcom1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Starcom1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Starcom1\AppData\Local\Mozilla\Firefox\Profiles\xnju54dw.default-1419962495715\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Starcom1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=20660 folders=760 6571131814 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Temp emptied successfully C:\Users\Starcom1\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Starcom1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 08/01/2015 at 15:15:02,74 ======================