Zoek.exe v5.0.0.0 Updated 27-01-2015 Tool run by Wim on vr 30-01-2015 at 18:24:34,98. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: c:\Users\Wim\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\WINDOWS\WindowsMobile\wmdc.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Windows\system32\FsUsbExService.Exe C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\Bin\IncMail.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\system32\IoctlSvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Popcorn Time\Updater.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Windows\System32\svchost.exe -k WerSvcGroup c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k WindowsMobile C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\taskeng.exe c:\Users\Wim\Downloads\zoek (1).exe C:\Windows\system32\conime.exe ==== System Restore Info ====================== 30-1-2015 18:28:05 Zoek.exe System Restore Point Created Succesfully. ==== Windows Installer Info ====================== 32 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\257AF08A194C9DE4BA0F24876513062B]C:\Windows\Installer\871d62.msi Adobe Help Center 2.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C429CFF860DEBC448876C37A87CE9E30]C:\Windows\Installer\1677fb0.msi Adobe Premiere Pro 2.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\627A71AF922B61147B392ABAA1E4EAE2]C:\Windows\Installer\1677fa3.msi Adobe Reader 8 - Nederlands [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA73401B7448A0000000000]C:\Windows\Installer\1e11f.msi Google Earth [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0336A2D4B8F23E11C9048BCAF6798BE8]C:\Windows\Installer\255373.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\Windows\Installer\34a1709.msi IncrediMail [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60CC09FEA49F65443B449754D2F0154F]C:\Windows\Installer\20659b.msi MEDION GoPal Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\31A77C21B13A5654E80694F46DE5BBF2]C:\Windows\Installer\966165.msi Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7D837101508D9A73BB19F1C2537128FB]c:\Windows\Installer\db80bb.msi Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26DDC2EC4210AC63483DF9D4FCC5B59D]c:\Windows\Installer\7181c3.msi Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E68D19A1421347534AFB04761662C5AF]C:\Windows\Installer\3546201.msi Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\271D3094BCCDF293393A43ACD974EFD3]C:\Windows\Installer\3691e36.msi Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3128052F989958E40A8727EB849371FE]c:\Windows\Installer\40ed6.msi Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C7030BC4E565144468EBD02F4EBF28C8]c:\Windows\Installer\40ed0.msi Microsoft Office Access MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109510031400000000000F01FEC]C:\Windows\Installer\2973577.msi Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC]C:\Windows\Installer\1071f4.msi Microsoft Office Excel MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109610031400000000000F01FEC]C:\Windows\Installer\2973539.msi Microsoft Office File Validation Add-In [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00004109500200000000000000F01FEC]C:\Windows\Installer\1e8ae5.msi Microsoft Office Groove MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109AB0031400000000000F01FEC]C:\Windows\Installer\107198.msi Microsoft Office InfoPath MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109440031400000000000F01FEC]C:\Windows\Installer\297354a.msi Microsoft Office OneNote MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\000021091A0031400000000000F01FEC]C:\Windows\Installer\1071b8.msi Microsoft Office Outlook MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109A10031400000000000F01FEC]C:\Windows\Installer\297353f.msi Microsoft Office PowerPoint MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109810031400000000000F01FEC]C:\Windows\Installer\2973545.msi Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109110000000000000000F01FEC]C:\Windows\Installer\297357e.msi Microsoft Office Proof (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10031400000000000F01FEC]C:\Windows\Installer\297354f.msi Microsoft Office Proof (English) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10090400000000000F01FEC]C:\Windows\Installer\2973560.msi Microsoft Office Proof (French) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F100C0400000000000F01FEC]C:\Windows\Installer\297355a.msi Microsoft Office Proof (German) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109F10070400000000000F01FEC]C:\Windows\Installer\2973554.msi Microsoft Office Proofing (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109C20031400000000000F01FEC]C:\Windows\Installer\2973565.msi Microsoft Office Publisher MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109910031400000000000F01FEC]C:\Windows\Installer\297356b.msi Microsoft Office Shared MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109E60031400000000000F01FEC]C:\Windows\Installer\2973534.msi Microsoft Office Word MUI (Dutch) 2007 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109B10031400000000000F01FEC]C:\Windows\Installer\2973571.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\Windows\Installer\5a126d.msi Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0D756077321A70C3E844C138CE981581]c:\Windows\Installer\27453bb.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\Windows\Installer\73364.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\Windows\Installer\d6fec4.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F942F94A19C0F79468FD2B85E5E8677B]C:\Windows\Installer\40edc.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\Windows\Installer\19080.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\Windows\Installer\19087.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\Windows\Installer\db80d8.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\Windows\Installer\1908d.msi MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DDA39468D428E8B4DB27C8D5DC5CA217]c:\Windows\Installer\60ea5c.msi MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E8A266FCD4F2A1409E1C8110F44DBCE]c:\Windows\Installer\60ea56.msi Nero 7 Premium [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0F8DFE89ED80BD849B222ABEBA170134]C:\Windows\Installer\fceb15.msi neroxml [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB940C659E972054EB7A79453A6EF0B9]C:\Windows\Installer\1e132.msi Samsung Kies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1038C85769625584FA5435B4210089A0]C:\Windows\Installer\42c9f.msi SmartSound Quicktracks Plugin [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D4ADF7A47D4F94A439A460D6954AC3E7]C:\Windows\Installer\7181e9.msi Studio 10.8 Patch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FC2841FFB91DDD448B786989BC15FD5D]C:\Windows\Installer\fec63.msi VCRedistSetup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A76A12931BA584E449447C8141FC0372]C:\Windows\Installer\1e125.msi Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6D4B04801DD7781458326ECF0070FE7B]c:\Windows\Installer\40eca.msi Windows Mobile Apparaatcentrum [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\26FCC409D8185764CB673DE73B999F71]C:\Windows\Installer\131c69.msi Windows Mobile Device Center Driver Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\52E4407E830367A4094643A40C8340E3]C:\Windows\Installer\131c59.msi WinZip 15.0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\166F59DC4C5A5F446AAACEDD192C04FB]C:\Windows\Installer\6e3aa4.msi ==== Empty Folders Check ====================== C:\Program Files\Hewlett-Packard deleted successfully C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Origin deleted successfully C:\PROGRA~2\Canon IJ Network Tool deleted successfully C:\PROGRA~2\DAEMON Tools Pro deleted successfully C:\PROGRA~2\HP Product Assistant deleted successfully C:\PROGRA~2\HPSSUPPLY deleted successfully C:\Users\Wim\AppData\Roaming\Atari deleted successfully C:\Users\Wim\AppData\Roaming\DAEMON Tools Pro deleted successfully C:\Users\Wim\AppData\Roaming\HpUpdate deleted successfully C:\Users\Wim\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Wim\AppData\Local\cache deleted successfully ==== Checking Systemdrive for Symlinks ====================== De volumenaam van station C is Partition_1 Het volumenummer is 6493-19BF Map van C:\ 21-01-2012 19:44 Documents and Settings [C:\Users] 0 bestand(en) 0 bytes Map van C:\Program Files\Windows NT 21-01-2012 19:44 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 bestand(en) 0 bytes Map van C:\ProgramData 21-01-2012 19:44 Application Data [C:\ProgramData] 21-01-2012 19:44 Bureaublad [C:\Users\Public\Desktop] 21-01-2012 19:44 Documenten [C:\Users\Public\Documents] 21-01-2012 19:44 Favorieten [C:\Users\Public\Favorites] 21-01-2012 19:44 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 21-01-2012 19:44 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\ProgramData\Microsoft\Windows\Start Menu 21-01-2012 19:44 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users 21-01-2012 19:44 All Users [C:\ProgramData] 21-01-2012 19:44 Default User [C:\Users\Default] 0 bestand(en) 0 bytes Map van C:\Users\All Users 21-01-2012 19:44 Application Data [C:\ProgramData] 21-01-2012 19:44 Bureaublad [C:\Users\Public\Desktop] 21-01-2012 19:44 Documenten [C:\Users\Public\Documents] 21-01-2012 19:44 Favorieten [C:\Users\Public\Favorites] 21-01-2012 19:44 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 21-01-2012 19:44 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\All Users\Microsoft\Windows\Start Menu 21-01-2012 19:44 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Default 21-01-2012 19:44 Application Data [C:\Users\Default\AppData\Roaming] 21-01-2012 19:44 Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies] 21-01-2012 19:44 Local Settings [C:\Users\Default\AppData\Local] 21-01-2012 19:44 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 21-01-2012 19:44 Mijn documenten [C:\Users\Default\Documents] 21-01-2012 19:44 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 21-01-2012 19:44 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 21-01-2012 19:44 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 21-01-2012 19:44 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 21-01-2012 19:44 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Local 21-01-2012 19:44 Application Data [C:\Users\Default\AppData\Local] 21-01-2012 19:44 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 21-01-2012 19:44 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 21-01-2012 19:44 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Default\Documents 21-01-2012 19:44 Mijn afbeeldingen [C:\Users\Default\Pictures] 21-01-2012 19:44 Mijn muziek [C:\Users\Default\Music] 21-01-2012 19:44 Mijn video's [C:\Users\Default\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Public\Documents 21-01-2012 19:44 Mijn afbeeldingen [C:\Users\Public\Pictures] 21-01-2012 19:44 Mijn muziek [C:\Users\Public\Music] 21-01-2012 19:44 Mijn video's [C:\Users\Public\Videos] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser 30-10-2012 20:08 Application Data [C:\Users\UpdatusUser\AppData\Roaming] 30-10-2012 20:08 Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies] 30-10-2012 20:08 Local Settings [C:\Users\UpdatusUser\AppData\Local] 30-10-2012 20:08 Menu Start [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu] 30-10-2012 20:08 Mijn documenten [C:\Users\UpdatusUser\Documents] 30-10-2012 20:08 NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 30-10-2012 20:08 Netwerkprinteromgeving [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 30-10-2012 20:08 Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent] 30-10-2012 20:08 SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo] 30-10-2012 20:08 Sjablonen [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\AppData\Local 30-10-2012 20:08 Application Data [C:\Users\UpdatusUser\AppData\Local] 30-10-2012 20:08 Geschiedenis [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History] 30-10-2012 20:08 Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu 30-10-2012 20:08 Programma's [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\UpdatusUser\Documents 30-10-2012 20:08 Mijn afbeeldingen [C:\Users\UpdatusUser\Pictures] 30-10-2012 20:08 Mijn muziek [C:\Users\UpdatusUser\Music] 30-10-2012 20:08 Mijn video's [C:\Users\UpdatusUser\Videos] 0 bestand(en) 0 bytes Map van C:\Users\Wim 21-01-2012 19:47 Application Data [C:\Users\Wim\AppData\Roaming] 21-01-2012 19:47 Cookies [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies] 21-01-2012 19:47 Local Settings [C:\Users\Wim\AppData\Local] 21-01-2012 19:47 Menu Start [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Start Menu] 21-01-2012 19:47 Mijn documenten [C:\Users\Wim\Documents] 21-01-2012 19:47 NetHood [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 21-01-2012 19:47 Netwerkprinteromgeving [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 21-01-2012 19:47 Recent [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Recent] 21-01-2012 19:47 SendTo [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\SendTo] 21-01-2012 19:47 Sjablonen [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Templates] 0 bestand(en) 0 bytes Map van C:\Users\Wim\AppData\Local 21-01-2012 19:47 Application Data [C:\Users\Wim\AppData\Local] 21-01-2012 19:47 Geschiedenis [C:\Users\Wim\AppData\Local\Microsoft\Windows\History] 21-01-2012 19:47 Temporary Internet Files [C:\Users\Wim\AppData\Local\Microsoft\Windows\Temporary Internet Files] 0 bestand(en) 0 bytes Map van C:\Users\Wim\AppData\LocalLow 11-02-2012 10:42 PlayReady [C:\ProgramData\Microsoft\PlayReady] 0 bestand(en) 0 bytes Map van C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Start Menu 21-01-2012 19:47 Programma's [C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 bestand(en) 0 bytes Map van C:\Users\Wim\Documents 21-01-2012 19:47 Mijn afbeeldingen [C:\Users\Wim\Pictures] 21-01-2012 19:47 Mijn muziek [C:\Users\Wim\Music] 21-01-2012 19:47 Mijn video's [C:\Users\Wim\Videos] 0 bestand(en) 0 bytes Totaal aantal weergegeven bestanden: 0 bestand(en) 0 bytes 73 map(pen) 101.775.794.176 bytes beschikbaar ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\SearchScopes\{37671990-DFDD-44FE-8FCE-C34EE864A6DA} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{119FB384-6EAA-41F5-B15C-C624449641CE} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12FD1872-948C-46CD-8943-BA54BE3099B7} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{157831DF-FCE3-4727-B2EB-2997BEC9496C} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16ACB62B-7348-433F-8D4E-B0D1B4EB69A3} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{177454AD-C6DE-4288-A2C9-625DA5572BD1} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17B44244-11DF-4956-90BB-2D6834C5CBC} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A676610-6DD4-423C-845B-1A244442DEC} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ABA2119-E64-46B6-9440-193C6B29543} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C1B7763-D49A-4CA6-ADDF-6176C20CC67} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31A14D35-A185-46D0-877C-484771B7ACFB} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31B41228-D30F-4122-818E-8B16C7823679} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32DB1A6F-7616-4691-963C-D623DAE578D5} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33AF9178-5B8E-4E12-98EB-782DE18A17D} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{346BD0B7-8568-45E7-9EA3-E28933205082} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35E120B9-29B8-42A9-883A-8147DE1E2B33} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3642DF0B-BDB0-4EA8-8416-961CBD77EF7} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{368EABF0-3936-4109-A3C-213E1F5192F} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BF2606E-8B1A-4EF9-B732-E73D22CBA526} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C204C74-882D-4FEF-B328-89C6FE42C1AB} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E15B876-C9FF-4182-953C-25FA2F055C9} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42DE49B0-FFCA-4A0A-8EF1-E5378BDBFD79} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43DCFEDA-42FF-4AFE-942B-1B7CB6ADFA53} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46BC70F2-6906-42DF-9DD5-B020BFD98039} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4A66A00-6635-4BA1-8D60-24397D3CF07F} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4F523898-E060-4230-9CDE-D340CEFC3B4A} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513AA368-3E8C-47C1-A432-C2BB635F51B} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53094758-C098-4EFE-9FB0-865962B3F9D8} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{590B4FFA-BDF7-4936-BDD3-8BA28D4BB026} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B0A070B-138-48C5-B7EF-7C40B3B82988} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5F212BDA-4B4C-4A6E-93E9-9B36688BF46} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6010D53D-E7E0-4FDE-AD66-FA4A7115C74C} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{620E3C8B-5CA0-4D7D-B35C-C1F7BD1F9FA} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67F30243-577F-4992-8ACB-AA72F8EEE0D0} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A679D3E-41D9-4409-BF7B-A43835995BDC} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6B9A65E8-CB7D-4A3D-B967-D7B3C5E11A13} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{706DCFB4-717A-4E8B-B750-25BEB1FCD2B} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71EA63B8-806D-42E4-81E3-3FE794465F2} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72AC95CC-2E20-42B3-85E-4417F8AAEF23} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74209CFF-A45B-491B-A940-44F3DFE2DF2} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{787A93EC-2E6B-4E8A-B985-94769836D8F0} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7B793AD0-EA9F-4915-A959-6F7A0D412AE} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E0337A8-D457-4F7A-8B3-85A3A7B3130} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7efa358e-7a10-45ba-8840-92857fc2e601} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8843B685-5CC1-489D-8133-40B95511CC8C} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B72E386-C8C2-4B1C-ACDF-7C80B25E40C7} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CF69F55-94A7-42F2-82CF-37AA2A241374} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EBD382C-7BDA-4CC3-8D30-AF56F669459A} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{926129A9-A135-49AD-B9BB-BAAD715231} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B573AFC-FCEA-44A4-A2B8-52F46605E28} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D9AC9B6-AF37-434D-A154-E80787AB1DD} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A29EC4DE-561A-4A53-B0A3-D6CCEFEF62FA} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A36BCAE5-6083-4827-B87D-60C370BEB051} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3D06027-3AD6-40A4-93FB-F14957BD549} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C7ACB9-7F87-4960-963D-F76D68F3F61} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8CB1EE2-AC10-429E-8860-4EDC8A554F61} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A96B7D3-8998-4390-91F2-1B6A1D765C35} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB4683B-C6D9-43CA-A733-4AD773B91759} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B115411A-D0A5-4099-BDE9-2ECD93D03A73} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B13B4353-3F22-4007-A24F-F535EC6B742} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b23a65a1-e2e6-4356-9f1d-368a79f3967f} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B3E74EB1-514-4064-B31-2FBE24EE1E51} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B56BFFAD-D84-4461-942C-37B2E87C4475} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6D590BB-EB06-40C6-AC2B-D3633FB1CC45} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD58ECF6-6183-450B-9C74-10E32CA9E49} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0BF00E8-6834-427A-B0E6-F8EFE71F2E2} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C1CA1CA1-15D-444B-9A50-E2D3FB4ED55E} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CBD6732B-7135-48DC-AA7B-A7FE72C4126E} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE40987F-6469-4358-8612-2D516A79B710} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D16A6A13-111F-437D-8D2F-4DEE745A739C} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1764038-F92D-48E2-A0A5-39889B1D9D2} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1C0578A-2D3A-4438-807E-9E4D0E363B8} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6933C4E-10FF-4935-94C9-C2B48DE6F261} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6C08F52-B6C7-4A6B-AEF0-C4CC34E9C525} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7245238-96FF-43AE-844E-E81BEE8D9B} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D76B516D-21C0-4EAD-8BF4-123136C599} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D77B6334-9533-4194-ACFF-EB5A53466CAC} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7C22D04-E634-4042-A1CE-D8642C88D23F} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8B06322-18CE-43F2-A95-8F70827F9C8} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DE2CB766-70CE-4C3A-BEE2-A7D23E6188E6} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DEFE32B5-15C3-443F-85F9-96E868D1F32} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0BF9A07-264-4280-97DD-3BFF7241B826} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6EE96A8-7BF8-4CA5-9A1F-535E7E836CA} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E89355E2-AF78-4A8F-8AC6-6148C13D4F2A} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E95770FA-E16C-4DD8-8A5A-A64F40404B2F} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA71D918-84FE-44C3-914A-9FD5FEB8B327} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA7D52DC-B2C4-4EB1-BE8E-43924F49D3A} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED60A5DD-969E-457E-8CF6-5D26BA38BA90} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F081E191-FDFD-4E0C-B07B-99CD338DFB1C} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0F23E7B-D5B7-431F-8C35-FE30E31A9CE8} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F15AADD-122F-4738-9A5C-D95B8586DCC0} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3BC525D-8113-4641-BBEA-8B4B3A4D29B3} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F52136FB-2C05-4391-93C0-E1F99BB349C9} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F60D7968-DFAD-4D01-82D7-C0D2CC9A2B81} deleted successfully HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE3B12A1-C0A2-4436-87C3-DF1D6F6B462D} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) æTorrent 32 Bit HP CIO Components Installer Aangifte inkomstenbelasting 2012 Aangifte inkomstenbelasting 2013 Adobe Common File Installer Adobe Flash Player 16 ActiveX Adobe Help Center 2.0 Adobe Premiere Pro 2.0 Adobe Reader 8 - Nederlands Avast Free Antivirus Canon Easy-WebPrint EX Canon IJ Network Scanner Selector EX Canon IJ Network Tool Canon IJ Scan Utility Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MG3200 series MP Drivers Canon MG3200 series On-screen Manual Canon My Image Garden Canon My Image Garden Design Files Canon My Printer Canon Quick Menu CCleaner CdCoverCreator 2.5.3 Cisco Connect DVDFab 9.0.2.2 (17/01/2013) Qt File Signature Verification Freemake Video Converter versie 3.0.2 Gebruikersregistratie voor Canon MG3200 series Google Chrome Google Earth Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HPDiagnosticAlert IncrediMail IncrediMail 2.0 Malwarebytes Anti-Malware versie 2.0.4.1028 MEDION GoPal Assistant Medion GoPal Assistant 4.03.006 Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MiniTool Partition Wizard Home Edition 7.8 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyFreeCodec Nero 7 Premium neroxml NVIDIA-configuratiescherm 311.06 NVIDIA 3D Vision stuurprogramma 311.06 NVIDIA Drivers NVIDIA Grafisch stuurprogramma 311.06 NVIDIA Install Application NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.11.3 NVIDIA Update Components OpenAL Pinnacle Hollywood FX for Studio Pinnacle Instant DVD Recorder Popcorn Time proDAD Heroglyph 2.0 QuickTime Realtek High Definition Audio Driver Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2) Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft .NET Framework 4.5.1 (KB2972107) Security Update for Microsoft .NET Framework 4.5.1 (KB2972216) Security Update for Microsoft .NET Framework 4.5.1 (KB2978128) Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596927) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920790) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2920792) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2984942) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2920793) 32-Bit Edition SmartSound Quicktracks Plugin Studio 10 Studio 10 Bonus DVD Studio 10.5 Patch Studio 10.5.2 Patch Studio 10.8 Patch Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TeamViewer 8 UnderCoverXP 1.06 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2920789) 32-Bit Edition Update for Microsoft Office PowerPoint 2007 (KB2597972) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) VCRedistSetup VLC media player 2.1.3 WinAVI All in One Converter Windows Live ID Sign-in Assistant Windows Mobile Apparaatcentrum Windows Mobile Device Center Driver Update WinZip 15.0 ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\d659f3af-74e8-452d-9aec-3c9738c5efca deleted C:\user.js deleted C:\found.000 deleted C:\found.001 deleted C:\Users\Wim\AppData\Roaming\GetRightToGo deleted C:\Users\Wim\AppData\Local\CRE deleted C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhidhffpdlhleocklmjbncdngoobjdli.crx deleted C:\Users\Wim\Downloads\iLividSetup (1).exe deleted C:\Users\Wim\Downloads\iLividSetup.exe deleted C:\Users\Wim\Downloads\iLividSetupV1 (1).exe deleted C:\Users\Wim\Downloads\iLividSetupV1 (2).exe deleted C:\Users\Wim\Downloads\iLividSetupV1.exe deleted C:\Users\Wim\Downloads\FileConverter_1_4.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_for_slideit-keyboard.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2014 (1).exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2014.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_nero-free.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_samsung-kies.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_utorrent (1).exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_utorrent.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\Users\Wim\Downloads\SoftonicDownloader_voor_vuze.exe deleted C:\Windows\wininit.ini deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\SETB617.tmp deleted C:\Windows\System32\SETB771.tmp deleted C:\Windows\System32\tmp20AA.tmp deleted C:\Windows\System32\tmp48F1.tmp deleted C:\Windows\System32\tmp497F.tmp deleted C:\Windows\System32\tmp8841.tmp deleted C:\Windows\System32\tmpA895.tmp deleted C:\Windows\System32\tmpA932.tmp deleted C:\Windows\System32\tmpF17F.tmp deleted C:\Windows\System32\tmpF1FD.tmp deleted C:\Users\Wim\AppData\Roaming\HXKJFFZA.exe deleted "C:\Users\Wim\AppData\Roaming\Temp" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 3071 MB CPU Info: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz CPU Speed: 2999,0 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: NVIDIA GeForce 8600 GT | NVIDIA GeForce 8600 GT | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: NVIDIA nForce Networking Controller CD / DVD Drives: 3x (G: | I: | J: | ) G: Optiarc DVD RW AD-7201S | I: KLMBU 0TQ349YN09Y | J: PYZM 7WDAZO1AB4 Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 689,7GB Hard Disks - Free: C: 94,7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 07/23/08 | PRDGT - 20080723 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI MS-7366 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Default Browser: Google Chrome 40.0.2214.93 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 40.0.2214.93 Adobe Reader version: 8.0.0.2006102300 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-01-09 17:52:03 B59EF013D567E5746F1DEE2565F747ED 43152 ----a-w- C:\Windows\avastSS.scr 2015-01-09 17:15:07 D5751C9354D81A1C1264ACEB84F657E4 72 ----a-w- C:\Windows\efix.ini ====== C:\Users\Wim\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== 2015-01-24 13:39:28 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-01-24 13:39:10 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-01-24 13:39:10 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-01-14 21:49:02 B0584CA7DEF55929FDB5169BD28B2484 115200 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2015-01-09 17:52:13 4C0ECF1AFA6992904814C74B99DD36F9 57928 ----a-w- C:\Windows\System32\drivers\aswTdi.sys 2015-01-09 17:52:12 0EFBC2962B156E8AC267F96D4D93EF06 206248 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2015-01-09 17:52:11 6544697080421E62E97AAFBD0A8AA391 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2015-01-09 17:52:11 1624D5AD126B8AFE2B2E85E5B8364EB6 423784 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2015-01-09 17:52:10 9D23DE88C3B18BA87CD4587177CA6CEA 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2015-01-09 17:52:10 98F4C60F5C3E77B4A2CD1F06F7198D49 73480 ----a-w- C:\Windows\System32\drivers\aswmonflt.sys 2015-01-09 17:52:10 0926775B8C3B32EE99921CCB0F85378E 55240 ----a-w- C:\Windows\System32\drivers\aswRdr.sys 2015-01-09 17:52:08 E73CBE3420ECFA8FF7D0467E170E335D 787800 ----a-w- C:\Windows\System32\drivers\aswsnx.sys ====== C:\Windows\Tasks ====== 2015-01-09 20:13:25 3E636E0102C0F85A08F5C080CFA4E65D 3178 ----a-w- C:\Windows\system32\Tasks\avastBCLRestartS-1-5-21-2196911203-743071290-3581171268-1000 2015-01-09 17:52:28 23B9C9F82ED9978F6A62F17BA6FDBD86 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-28 18:05:18 -------- d-----w- C:\Program Files\trend micro 2015-01-10 15:17:19 -------- d-----w- C:\Program Files\AVG 2015-01-10 15:04:19 -------- d-----w- C:\Program Files\Ashampoo 2015-01-10 14:50:12 -------- d-----w- C:\Program Files\Software pack20 ======= C: ===== ====== C:\Users\Wim\AppData\Roaming ====== 2015-01-11 17:35:24 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG 2015-01-10 15:23:10 -------- d-----w- C:\Users\Wim\AppData\Roaming\AVG 2015-01-10 15:15:28 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Avg 2015-01-10 15:12:00 -------- d-----w- C:\Users\Wim\AppData\Local\Avg ====== C:\Users\Wim ====== 2015-01-28 18:07:10 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT (2).exe 2015-01-28 18:06:06 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT (1).exe 2015-01-28 18:04:32 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT.exe 2015-01-24 14:33:40 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (3).exe 2015-01-24 14:26:30 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (2).exe 2015-01-24 14:26:00 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (1).exe 2015-01-24 14:24:07 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109.exe 2015-01-24 14:20:11 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\AdwCleaner.exe 2015-01-24 14:10:46 1862BD4289D57AC7B6CD374322CA04A1 1150784 ----a-w- C:\Users\Wim\Downloads\yet_another_cleaner_aed.exe 2015-01-10 15:09:20 -------- d--h--w- C:\ProgramData\Common Files 2015-01-10 15:09:17 -------- d-----w- C:\ProgramData\AVG 2015-01-10 15:04:21 -------- d-----w- C:\ProgramData\Ashampoo ====== C: exe-files == 2015-01-28 18:07:10 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT (2).exe 2015-01-28 18:06:06 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT (1).exe 2015-01-28 18:05:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Wim.exe 2015-01-28 18:04:32 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Wim\Downloads\RSIT.exe 2015-01-27 07:05:30 220A0B7B557EFEF7C399CDC1E9DBDA2D 875088 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome_updater.exe 2015-01-24 14:33:40 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (3).exe 2015-01-24 14:26:30 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (2).exe 2015-01-24 14:26:00 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109 (1).exe 2015-01-24 14:24:07 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\adwcleaner_4.109.exe 2015-01-24 14:20:11 FC77986C2F2B9752EE344FACA1880BA2 2194432 ----a-w- C:\Users\Wim\Downloads\AdwCleaner.exe 2015-01-24 14:10:46 1862BD4289D57AC7B6CD374322CA04A1 1150784 ----a-w- C:\Users\Wim\Downloads\yet_another_cleaner_aed.exe === C: other files == 2015-01-25 13:09:43 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Wim\AppData\Local\Temp\avastBCLTMP\afpabppcibfahafilhkbbgfnlncppdnc.zip 2015-01-24 13:39:28 8E2E9CCD873ABF180F48BCAEEEBE347D 114904 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2015-01-24 13:39:10 9BD41E40039098BF5F8FE878A9A6989E 75480 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys 2015-01-24 13:39:10 6D2DB74A8CF2DDFE372FFF9C73E8F0EF 51928 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys ======== System Restore Points ======== RP1009: 14-1-2015 7:39:07 - Windows Update RP1010: 14-1-2015 22:40:22 - Windows Update RP1011: 15-1-2015 16:37:12 - Gepland herstelpunt RP1012: 16-1-2015 13:54:09 - Gepland herstelpunt RP1013: 20-1-2015 7:37:43 - Windows Update RP1014: 21-1-2015 13:37:49 - Gepland herstelpunt RP1015: 22-1-2015 20:44:40 - Gepland herstelpunt RP1016: 24-1-2015 17:27:56 - Gepland herstelpunt RP1017: 27-1-2015 7:37:05 - Windows Update RP1018: 28-1-2015 16:01:14 - Gepland herstelpunt RP1019: 28-1-2015 18:58:02 - AVG PC TuneUp 2015 is verwijderd RP1020: 28-1-2015 18:59:03 - AVG PC TuneUp 2015 (nl-NL) is verwijderd RP1021: 30-1-2015 18:27:18 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -automount" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" "LaunchList"="C:\Program Files\Pinnacle\Studio 10\LaunchList.exe" "Skytel"="Skytel.exe" "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "CanonQuickMenu"="C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon" "IJNetworkScannerSelectorEX"="C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe /c" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -automount" "KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload" "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesPDLR.exe"="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=".DLL" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WebCake Desktop Updater] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" ==== Startup Folders ====================== 2013-01-26 14:12:26 1181 ----a-w- C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk 2012-01-21 18:03:02 1963 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk 2012-04-14 09:50:15 1799 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24-01-2015 21:27] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-10-2014 16:53] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [19-10-2014 16:53] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\avastBCLRestartS-1-5-21-2196911203-743071290-3581171268-1000" [C:\Program Files\Google\Chrome\Application\chrome.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\WINDOWS\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{01671E69-F54A-44FD-B4DF-5450F76E221A}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [09-01-2015 18:52] ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Wim\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[09-01-2015 18:51] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Wim\AppData\Local\CRE\cjofdnhdkbflacojpfpkchgafjahijbb.crx[] Google Docs - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo uTorrentBar_NL - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Google Search - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki mpajngnpcmjjeoflljdjpnehcfaldcia - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpajngnpcmjjeoflljdjpnehcfaldcia Google Wallet - Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_offers.boostsaves.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_offers.boostsaves.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.specsavers.nl_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.specsavers.nl_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_avg-anti-virus.nl.softonic.com_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_avg-anti-virus.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0.localstorage deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_cjofdnhdkbflacojpfpkchgafjahijbb_0 deleted successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Unknown Url="Not_Found" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_nlNL467" ==== Reset Google Chrome ====================== C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2196911203-743071290-3581171268-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\UpdatusUser\Desktop\UnderCoverXP.lnk - C:\Program Files\UnderCoverXP\UnderCoverXP.exe C:\Users\Wim\Desktop\Assistant - Snelkoppeling.lnk - C:\Program Files\Medion GoPal Assistant\Assistant.exe C:\Users\Wim\Desktop\CdCoverCreator.lnk - C:\Program Files\CdCoverCreator\CdCoverCreator.exe C:\Users\Wim\Desktop\Dowmloads Torrents.lnk - C:\Gebruikers\Wim\Dowmloads C:\Users\Wim\Desktop\DVDFab.exe - Snelkoppeling.lnk - C:\Program Files\DVDFab 9\DVDFab.exe C:\Users\Wim\Desktop\UnderCoverXP.lnk - C:\Program Files\UnderCoverXP\UnderCoverXP.exe C:\Users\Wim\Desktop\WinAVI All in One Converter.lnk - C:\Program Files\WinAVI\All in One Converter\WinAVI.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe C:\Users\Public\Desktop\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Alcohol 52%.lnk - C:\Program Files\Alcohol Soft\Alcohol 52\Alcohol.exe C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Public\Desktop\Canon MG3200 series Online handleiding.lnk - C:\Program Files\Canon\IJ Manual\Easy Guide Viewer\cmview.exe "C:\PROGRAM FILES\Canon\IJ Manual\CANON MG3200 SERIES\Dutch\Info.egv" C:\Users\Public\Desktop\Canon Quick Menu.lnk - C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Users\Public\Desktop\Freemake Video Converter.lnk - C:\Program Files\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\IncrediMail.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\WINDOWS\System32\browserchoice.exe /launch C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\MEDION GoPal Assistant.lnk - C:\Program Files\Medion GoPal Assistant\GoPal_Assistant.exe C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.CF2532B5.6122.4A29.AB57.8A9DF22FB7FE.exe C:\Users\Public\Desktop\Microsoft Office Outlook 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.B6928123.E07E.4308.811F.9A33EC5791C2.exe C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\Icon.21966830.C7A7.456A.948E.A51E3FFE2D5C.exe C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk - K:\MiniTool Partition Wizard Home Edition 7.8\PartitionWizard.exe C:\Users\Public\Desktop\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8 C:\Users\Public\Desktop\Nero Online Upgrade.lnk - C:\Program Files\Common Files\Ahead\Lib\NeroUpgrade.exe -ScParameter=8 ShowOffer C:\Users\Public\Desktop\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8 C:\Users\Public\Desktop\Popcorn Time.lnk - C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe C:\Users\Public\Desktop\Studio Launcher.lnk - C:\Program Files\Pinnacle\Shared Files\Starter\Starter.exe C:\Users\Public\Desktop\TeamViewer 8.lnk - C:\Program Files\TeamViewer\Version8\TeamViewer.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files\WinZip\WINZIP32.EXE C:\Users\Public\Desktop\µTorrent.lnk - ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion GoPal Assistant\MEDION GoPal Assistant.lnk - C:\Windows\Installer\{12C77A13-A31B-4565-8E60-494FD65EBB2F}\StartMenuIcon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion GoPal Assistant\Uninstall.lnk - C:\Program Files\Medion GoPal Assistant\Assistant_Uninstaller.exe {12C77A13-A31B-4565-8E60-494FD65EBB2F} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe --no-proxy-server C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IncrediMail 2.0.lnk - C:\Program Files\IncrediMail\Bin\IncMail.exe C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe -ScParameter=8 C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe -ScParameter=8 C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe /lite C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files\Samsung\Kies\KiesAgent.exe C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Wim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - ==== Uninstall List x86 ====================== æTorrent [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] 32 Bit HP CIO Components Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A80FA752-C491-4ED9-ABF0-4278563160B2}] Aangifte inkomstenbelasting 2012 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2012] Aangifte inkomstenbelasting 2013 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Aangifte inkomstenbelasting 2013] Adobe Common File Installer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8EDBA74D-0686-4C99-BFDD-F894678E5102}] Adobe Flash Player 16 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Help Center 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8FFC924C-ED06-44CB-8867-3CA778ECE903}] Adobe Premiere Pro 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FA17A726-B229-4116-B793-A2AB1A4EAE2E}] Adobe Premiere Pro 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Premiere Pro 2.0] Adobe Reader 8 - Nederlands [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-A80000000000}] Avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast] Canon Easy-WebPrint EX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Easy-WebPrint EX] Canon IJ Network Scanner Selector EX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_Scanner_Selector_EX] Canon IJ Network Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Network_UTILITY] Canon IJ Scan Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon_IJ_Scan_Utility] Canon Inkjet Printer/Scanner/Fax Extended Survey Program [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CANONIJPLM100] Canon MG3200 series MP Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series] Canon MG3200 series On-screen Manual [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon MG3200 series On-screen Manual] Canon My Image Garden [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon My Image Garden] Canon My Image Garden Design Files [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Canon My Image Garden Design Files] Canon My Printer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonMyPrinter] Canon Quick Menu [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CanonQuickMenu] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CdCoverCreator 2.5.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CdCoverCreator] Cisco Connect [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Cisco Connect] DVDFab 9.0.2.2 (17/01/2013) Qt [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DVDFab 9_is1] File Signature Verification [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\chklogo] Freemake Video Converter versie 3.0.2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Freemake Video Converter_is1] Gebruikersregistratie voor Canon MG3200 series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gebruikersregistratie voor Canon MG3200 series] Google Chrome [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Earth [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] HPDiagnosticAlert [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}] IncrediMail [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EF90CC06-F94A-4456-B344-79452D0F51F4}] IncrediMail 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\IncrediMail] Malwarebytes Anti-Malware versie 2.0.4.1028 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] MEDION GoPal Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12C77A13-A31B-4565-8E60-494FD65EBB2F}] Medion GoPal Assistant 4.03.006 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Medion GoPal Assistant] Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{101738D7-D805-37A9-BB91-1F2C351782BF}] Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}] Microsoft .NET Framework 4.5.1 (Nederlands) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043] Microsoft .NET Framework 4.5.1 (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1A91D86E-3124-3574-A4BF-406761265CFA}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}] Microsoft .NET Framework 4.5.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033] Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F2508213-9989-4E85-A078-72BE483917EF}] Microsoft Games for Windows Marketplace [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}] Microsoft Office Enterprise 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ENTERPRISE] Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A49F249F-0C91-497F-86DF-B2585E8E76B7}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] MiniTool Partition Wizard Home Edition 7.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] MyFreeCodec [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec] Nero 7 Premium [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{98EFD8F0-08DE-48DB-B922-A2EBAB711043}] neroxml [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] NVIDIA-configuratiescherm 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] NVIDIA 3D Vision stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] NVIDIA Drivers [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers] NVIDIA Grafisch stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo] NVIDIA Update 1.11.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update] OpenAL [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL] Pinnacle Hollywood FX for Studio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Hollywood FX for Studio] Pinnacle Instant DVD Recorder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}] Popcorn Time [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Popcorn Time_is1] proDAD Heroglyph 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\proDAD-Heroglyph-2.0] QuickTime [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickTime] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Samsung Kies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{758C8301-2696-4855-AF45-534B1200980A}] Samsung Kies [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\01_Simmental] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\02_Siberian] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\03_Swallowtail] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\04_semseyite] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\07_Schorl] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\09_Hsp] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\11_HSP_Plus_Default] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\16_Shrewsbury] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\20_NXP_Driver] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\24_flashusbdriver] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}\25_escape] SAMSUNG USB Driver for Mobile Phones [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] SmartSound Quicktracks Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}] SmartSound Quicktracks Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}] Studio 10 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}] Studio 10 Bonus DVD [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6A012D9C-2E2E-405A-B87C-E909F5297C3F}] Studio 10.5 Patch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{08E2EC5A-9C9D-4472-AB52-4165774BB8D8}] Studio 10.5.2 Patch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ED775CE1-E9F7-41C4-BE91-C925E6D5F513}] Studio 10.8 Patch [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF1482CF-D19B-44DD-B887-9698CB51DFD5}] TeamViewer 8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TeamViewer 8] UnderCoverXP 1.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnderCoverXP_is1] VCRedistSetup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3921A67A-5AB1-4E48-9444-C71814CF3027}] VLC media player 2.1.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] WinAVI All in One Converter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinAVI All in One Converter] Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}] Windows Mobile Apparaatcentrum [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{904CCF62-818D-4675-BC76-D37EB399F917}] Windows Mobile Device Center Driver Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E7044E25-3038-4A76-9064-344AC038043E}] WinZip 15.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BF}] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 10\LaunchList.exe O4 - HKLM\..\Run: [Skytel] Skytel.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesPDLR.exe] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://192.168.1.131 O15 - ESC Trusted IP range: http://192.168.1.131 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: Update service - Company - C:\Program Files\Popcorn Time\Updater.exe ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS] IncrediMail = C:\Program Files\IncrediMail\bin\IncMail.exe /c [IncrediMail, Ltd.] ehTray.exe = C:\Windows\ehome\ehTray.exe [MS] DAEMON Tools Lite = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [DT Soft Ltd] AlcoholAutomount = "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount [Alcohol Soft Development Team] KiesPreload = C:\Program Files\Samsung\Kies\Kies.exe /preload [null data] uTorrent = "C:\Program Files\uTorrent\uTorrent.exe" [BitTorrent, Inc.] (Default) = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [Samsung] KiesPDLR.exe = C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run [Samsung] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} Windows Defender = C:\Program Files\Windows Defender\MSASCui.exe -hide RtHDVCpl = RtHDVCpl.exe [Realtek Semiconductor] LaunchList = C:\Program Files\Pinnacle\Studio 10\LaunchList.exe [Pinnacle Systems] Skytel = Skytel.exe [Realtek Semiconductor Corp.] NeroFilterCheck = C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [Nero AG] Windows Mobile Device Center = C:\Windows\WindowsMobile\wmdc.exe KiesTrayAgent = C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [Samsung Electronics Co., Ltd.] CanonQuickMenu = C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon [CANON INC.] IJNetworkScannerSelectorEX = C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [CANON INC.] AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {3785D0AD-BFFF-47F6-BF5B-A587C162FED9}\(Default) = Canon Easy-WebPrint EX BHO -> {HKLM...CLSID} = Canon Easy-WebPrint EX BHO \InProcServer32\(Default) = C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [CANON INC.] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = avast! Online Security -> {HKLM...CLSID} = avast! Online Security \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {00020d75-0000-0000-c000-000000000046} = Microsoft Office Outlook Desktop Icon Handler -> {HKLM...CLSID} = Microsoft Office Outlook \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL [MS] {A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class -> {HKLM...CLSID} = DesktopContext Class \InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation] {79BC0345-1015-11D2-A299-006008312725} = blue.shell -> {HKLM...CLSID} = Studio.Project \InProcServer32\(Default) = C:\Program Files\Pinnacle\Studio 10\programs\BlueShellExt.dll [null data] {0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler -> {HKLM...CLSID} = Outlook File Icon Extension \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL [MS] {42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS] {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler -> {HKLM...CLSID} = Microsoft Office Metadata Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler -> {HKLM...CLSID} = Microsoft Office Thumbnail Handler \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS] {B327765E-D724-4347-8B16-78AE18552FC3} = NeroDigitalIconHandler -> {HKLM...CLSID} = NeroDigitalIconHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG] {7F1CF152-04F8-453A-B34C-E609530A9DC8} = NeroDigitalPropSheetHandler -> {HKLM...CLSID} = NeroDigitalPropSheetHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG] {E0D79307-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79304-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79305-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {E0D79306-84BE-11CE-9641-444553540000} = WinZip -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} = NeroCoverEd Live Icons -> {HKLM...CLSID} = NeroCoverEdLiveIcons Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] {472083B0-C522-11CF-8763-00608CC02F24} = avast -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\ <> AppInit_DLLs = .DLL [file not found] HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\ <> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945} -> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter \InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS] HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\ <> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294} -> {HKLM...CLSID} = HxProtocol Class \InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] Cover Designer\(Default) = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} -> {HKLM...CLSID} = NeroCoverEdContextMenu Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided) -> {HKLM...CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\*\shellex\DragDropHandlers\ NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} -> {HKLM...CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\ 00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} -> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension \InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation] HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\ {7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler -> {HKLM...CLSID} = NeroDigitalColumnHandler Class \InProcServer32\(Default) = C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll [Nero AG] {F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info -> {HKLM...CLSID} = PDF Shell Extension \InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24} -> {HKLM...CLSID} = avast \InProcServer32\(Default) = C:\Program Files\AVAST Software\Avast\ashShell.dll [AVAST Software] WinZip\(Default) = {E0D79304-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208}\(Default) = (no title provided) -> {HKLM...CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\ NBShellHook\(Default) = {EB4D3CFE-E2AA-4C6E-B2FE-2A749F95D208} -> {HKLM...CLSID} = NBShellHook Class \InProcServer32\(Default) = C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] WinZip\(Default) = {E0D79305-84BE-11CE-9641-444553540000} -> {HKLM...CLSID} = WinZip \InProcServer32\(Default) = C:\Program Files\WinZip\wzshlstb.dll [WinZip Computing, S.L.] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ SoftwareSASGeneration = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop enabled and wallpaper not set by Group Policy: HKCU\Software\Microsoft\Internet Explorer\Desktop\General\ Wallpaper = C:\Windows\system32\config\systemprofile\Pictures\Seat_Cupra_GT_Fire.jpg Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\Wim\Pictures\Seat_Cupra_GT_Fire.jpg Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\Windows\system32\logon.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ AdobePremiereCameraArrival\ Provider = Adobe Premiere Pro ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files\Adobe\Adobe Premiere Pro 2.0\Adobe Premiere Pro.exe" HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] AlcoholAutoPlayV2.ReadDisc\ Provider = Alcohol 52% InvokeProgID = AlcoholAutoPlayV2 InvokeVerb = ReadDisc HKLM\SOFTWARE\Classes\AlcoholAutoPlayV2\shell\ReadDisc\command\(Default) = "C:\Program Files\Alcohol Soft\Alcohol 52\alcohol.exe" %1 [Alcohol Soft Development Team] DVDFab5OnDVDArrival\ Provider = DVDFab 8 InvokeProgID = DVDFab5Open InvokeVerb = Open HKLM\SOFTWARE\Classes\DVDFab5Open\shell\Open\command\(Default) = "C:\Program Files\DVDFab 9\DVDFab.exe" "%1" [Fengtao Software Inc.] NeroAutoPlay7AudioToNeroDigital\ Provider = Nero Burning ROM InvokeProgID = Nero.AutoPlay7 InvokeVerb = AudioToNeroDigital_PlayCDAudioOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\AudioToNeroDigital_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG] NeroAutoPlay7CDAudio\ Provider = Nero Express InvokeProgID = Nero.AutoPlay7 InvokeVerb = CDAudio_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CDAudio_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:AudioCD [Nero AG] NeroAutoPlay7CopyCD\ Provider = Nero Burning ROM InvokeProgID = Nero.AutoPlay7 InvokeVerb = CopyCD_PlayMusicFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\CopyCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:DiscCopy %L [Nero AG] NeroAutoPlay7DataDisc\ Provider = Nero Express InvokeProgID = Nero.AutoPlay7 InvokeVerb = DataDisc_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\DataDisc_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe -w /New:ISODisc [Nero AG] NeroAutoPlay7LaunchNeroStartSmart\ Provider = Nero StartSmart InvokeProgID = Nero.AutoPlay7 InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG] NeroAutoPlay7PlayAudioCD\ Provider = Nero ShowTime InvokeProgID = Nero.AutoPlay7 InvokeVerb = PlayAudioCD_PlayMusicFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay7PlayDVD\ Provider = Nero ShowTime InvokeProgID = Nero.AutoPlay7 InvokeVerb = PlayDVD_PlayVideoFilesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe /Play %L [Nero AG] NeroAutoPlay7RipCD\ Provider = Nero Burning ROM InvokeProgID = Nero.AutoPlay7 InvokeVerb = RipCD_PlayCDAudioOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\RipCD_PlayCDAudioOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Core\nero.exe /Dialog:SaveTracks %L [Nero AG] NeroAutoPlay7TranscodeVideo\ Provider = Nero Recode InvokeProgID = Nero.AutoPlay7 InvokeVerb = TranscodeVideo_PlayDVDMovieOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero Recode\Recode.exe /New:CopyDVDVideo [Nero AG] NeroAutoPlay7VideoCapture\ Provider = Nero Vision ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files\Nero\Nero 7\Nero Vision\NeroVision.exe" /New:VideoCapture HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] NeroAutoPlay7ViewPhotos\ Provider = Nero PhotoSnap Viewer InvokeProgID = Nero.AutoPlay7 InvokeVerb = ViewPhotos_ShowPicturesOnArrival HKLM\SOFTWARE\Classes\Nero.AutoPlay7\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = C:\Program Files\Nero\Nero 7\Nero PhotoSnap\PhotoSnapViewer.exe / [Nero AG] VLCPlayCDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.CDAudio InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN] VLCPlayDVDAudioOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlayDVDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.DVDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN] VLCPlayMusicFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] VLCPlaySVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.SVCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVCDMovieOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.VCDMovie InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN] VLCPlayVideoFilesOnArrival\ Provider = VideoLAN VLC media player InvokeProgID = VLC.OPENFolder InvokeVerb = Open HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN] WIA_{3B3AC23F-0B60-478B-9AA5-A839430F126F}\ Provider = WinZip CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\PROGRA~1\WINZIP\WINZIP32.EXE /wia; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS] Startup items in "Wim" & "All Users" startup folders: ----------------------------------------------------- C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++} Adobe Gamma -> shortcut to: C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [Adobe Systems, Inc.] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup {++} Adobe Reader Synchronizer -> shortcut to: C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [Adobe Systems Incorporated] WinZip Quick Pick -> shortcut to: C:\Program Files\WinZip\WZQKPICK.EXE [WinZip Computing, S.L.] Windows Sidebar Gadgets: {++} ------------------------ C:\Users\Wim\AppData\Local\Microsoft\Windows Sidebar\Settings.ini "C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CaswSidebar.gadget" Non-disabled Scheduled Tasks: {++} ----------------------------- C:\WINDOWS\System32\Tasks Adobe Flash Player Updater -> launches: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated] avast! Emergency Update -> (HIDDEN!) launches: C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [AVAST Software] avastBCLRestartS-1-5-21-2196911203-743071290-3581171268-1000 -> (HIDDEN!) launches: C:\Program Files\Google\Chrome\Application\chrome.exe [Google Inc.] CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CreateChoiceProcessTask -> launches: C:\WINDOWS\System32\browserchoice.exe /launch [MS] GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] User_Feed_Synchronization-{01671E69-F54A-44FD-B4DF-5450F76E221A} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS] {B9406BE7-BD75-476F-9A14-849239AE0BBE} -> launches: C:\Windows\system32\pcalua.exe -a "I:\Nieuw 21-01-2012\Documents\Pinnacle 10\Pin 2\Pin CD2\Setup\HollywoodFX\hfx60StudioSilent.exe" -d "I:\Nieuw 21-01-2012\Documents\Pinnacle 10\Pin 2\Pin CD2\Setup\HollywoodFX" [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Defrag ManualDefrag -> launches: %windir%\system32\defrag.exe \\?\Volume{f37873e8-444e-11e1-b107-806e6f6e6963}\ [MS] ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i -g [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS] mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS] OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS] OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS] UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} -> {HKLM...CLSID} = HotStart User Agent \InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS] TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61} -> {HKLM...CLSID} = Transient Multi-Monitor Manager \InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\MUI LPRemove -> launches: %windir%\system32\lpremove.exe [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\NetworkAccessProtection NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f} -> {HKLM...CLSID} = Nap ITask Handler Implementation \InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\RAC RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Shell CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2} -> {HKLM...CLSID} = CrawlStartPages Task Handler \InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} -> {HKLM...CLSID} = GadgetsManager Class \InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Tcpip IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS] IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS] WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Wired GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data] C:\WINDOWS\System32\Tasks\Microsoft\Windows\Wireless GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data] C:\WINDOWS\System32\Tasks\Microsoft\Windows Defender MP Scheduled Scan -> (HIDDEN!) launches: c:\program files\windows defender\MpCmdRun.exe Scan -RestrictPrivileges [MS] C:\WINDOWS\System32\Tasks\WPD SqmUpload_S-1-5-21-2196911203-743071290-3581171268-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 20 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} = Canon Easy-WebPrint EX -> {HKLM...CLSID} = Canon Easy-WebPrint EX \InProcServer32\(Default) = C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [CANON INC.] Explorer Bars HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\ {21347690-EC41-4F9A-8887-1F4AEE672439}\(Default) = (no title provided) -> {HKLM...CLSID} = Canon Easy-WebPrint EX \InProcServer32\(Default) = C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [CANON INC.] HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar] InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS] Extensions (Tools menu items, main toolbar menu buttons) HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\ {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\ ButtonText = @C:\Windows\WindowsMobile\INetRepl.dll,-222 CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -> {HKLM...CLSID} = Create Mobile Favorite \InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS] {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\ MenuText = @C:\Windows\WindowsMobile\INetRepl.dll,-223 CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} -> {HKLM...CLSID} = Create Mobile Favorite \InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS] {92780B25-18CC-41C8-B9BE-3C9C571A8263}\ ButtonText = Research BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503} -> {HKLM...CLSID} = &Onderzoeken \InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL [MS] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ avast! Antivirus, avast! Antivirus, "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [AVAST Software] AvastVBox COM Service, AvastVBoxSvc, C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [Avast Software] Canon Inkjet Printer/Scanner/Fax Extended Survey Program, IJPLMSVC, C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [null data] FsUsbExService, FsUsbExService, C:\Windows\system32\FsUsbExService.Exe [Teruten] Net Driver HPZ12, Net Driver HPZ12, C:\Windows\System32\svchost.exe -k HPZ12 {C:\Windows\system32\HPZinw12.dll [Hewlett-Packard]} NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation] NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation] PLFlash DeviceIoControl Service, PLFlash DeviceIoControl Service, C:\Windows\system32\IoctlSvc.exe [Prolific Technology Inc.] Pml Driver HPZ12, Pml Driver HPZ12, C:\Windows\System32\svchost.exe -k HPZ12 {C:\Windows\system32\HPZipm12.dll [Hewlett-Packard]} StarWind AE Service, StarWindServiceAE, C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [StarWind Software] TeamViewer 8, TeamViewer8, "C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" [TeamViewer GmbH] Update service, Update service, C:\Program Files\Popcorn Time\Updater.exe [Company] Windows Live ID Sign-in Assistant, wlidsvc, "c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS] Windows Mobile-based device connectivity, RapiMgr, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\rapimgr.dll [MS]} Windows Presentation Foundation-lettertypecache 4.0.0.0, WPFFontCache_v0400, C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [MS] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ Canon BJ Language Monitor MG3200 series\Driver = CNMLMB8.DLL [CANON INC.] Canon BJNP Port\Driver = CNMNPPM.DLL [CANON INC.] LIDIL hpzlllhn\Driver = hpzlllhn.dll [Hewlett-Packard Company] ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Wim\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Wim\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=668 folders=158 983556693 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Users\Wim\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Wim\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Wim\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on vr 30-01-2015 at 19:55:41,58 ======================