Zoek.exe v5.0.0.0 Updated 10-February-2015 Tool run by patri_000 on do 12/02/2015 at 18:06:06,42. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\patri_000\Desktop\zoek (1).exe [Scan all users] [Checkboxes used] ==== Running Processes ====================== C:\WINDOWS\system32\wininit.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\igfxCUIService.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\WLANExt.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\WINDOWS\system32\dashost.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe C:\windows\SysWOW64\NLSSRV32.EXE C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\SearchIndexer.exe C:\Windows\System32\WUDFHost.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\windows\system32\rundll32.exe C:\WINDOWS\System32\WinLogon.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\LogonUI.exe C:\WINDOWS\System32\dwm.exe C:\WINDOWS\system32\taskhostex.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\igfxEM.exe C:\WINDOWS\system32\igfxHK.exe C:\WINDOWS\system32\igfxTray.exe C:\Windows\System32\skydrive.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe C:\Windows\System32\SettingSyncHost.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skdh8821.exe C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe C:\Program Files\Lenovo\Password Manager\password_manager.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Lenovo\Communications Utility\vcamsvchlpr.exe C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\opwareSE2.exe C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe C:\Program Files\CCleaner\CCleaner64.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Windows\SysWOW64\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files (x86)\Lenovo\PowerMgr\SCHTASK.exe C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\bdwtxapps.exe C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe C:\WINDOWS\system32\wwahost.exe C:\Users\patri_000\Desktop\zoek (1).exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\System32\svchost.exe -k WerSvcGroup C:\WINDOWS\system32\wbem\wmiprvse.exe ==== System Restore Info ====================== 12/02/2015 18:08:36 Zoek.exe System Restore Point Created Succesfully. ==== Windows Installer Info ====================== Adobe AIR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E22677B709EDAE842B7C22B7D15EA810]c:\windows\Installer\4c2cd.msi Bitdefender Internet Security 2015 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A61875F6A19795147AF5FC0D7CAEF4FB]C:\Program Dolby Advanced Audio v2 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7C07E9B58F993A44A3AFB3A3CFB6731]C:\WINDOWS\Installer\bf8d60.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E]C:\WINDOWS\Installer\b17bb.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\WINDOWS\Installer\447eaf1.msi Intel(R) Network Connections [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3BB6B5B440AD65B4EA71DDFBF3448688]C:\WINDOWS\Installer\25ef08.msi Intel(R) PRO/Wireless Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7CAE4331FE6D77147808509C3658C33D]C:\windows\Installer\16a1572.msi Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\13C874988EC5A1640948A9A00F958FF4]C:\windows\Installer\5fab0.msi Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1C006203FDB61DF43190419892CC3158]C:\windows\Installer\d7a27.msi Intel(R) Rapid Storage Technology [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4D296F39D4C0DEE4B9EF56C7D19595EF]C:\WINDOWS\Installer\25ef0e.msi Intel(R) Update Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\16041921B9BE7EA4CAE7B0A806C7D74F]C:\WINDOWS\Installer\1fd01a.msi Intel(R) WiDi [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\11A4660B94FEFB548B5066CFE7E1B7D5]C:\windows\Installer\442a9.msi Intel© PROSet/Wireless WiFi Software [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AD84F16DB726E4043951236A151BB846]C:\windows\Installer\16a1576.msi Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\350BFA98343AFE64794E5D39DA17486E]C:\WINDOWS\Installer\25ee46.msi Lenovo QuickLaunch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3E1F208A8C4348C499841C4C3ED7F09A]C:\windows\Installer\4437c.msi Lenovo Slim USB Keyboard [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4C08D494755337D41A3556EFB4E3DC3C]C:\windows\Installer\5faa1.msi Lenovo Solution Center [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\69F6B2C4DEA3F3E4D8EC1987361D6E1B]C:\windows\Installer\4c2b4.msi Lenovo System Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\74846C52009BDA841A46B1F4B9776405]C:\WINDOWS\Installer\32087e8.msi Lenovo User Guide [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\83995F31595CC9744B971F17BAA96FF4]C:\windows\Installer\44337.msi Lenovo Warranty Information [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\872CE4DF1B1C694499DE0CEBB1A05A12]C:\windows\Installer\4436d.msi Metric Collection SDK [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F887AADD6E25AE44DA8B2938B711FB62]C:\WINDOWS\Installer\74402.msi Metric Collection SDK 35 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0B5B5B2C545249E44BAB45D8B40F1B69]C:\windows\Installer\4c2ed.msi Microsoft Silverlight [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D7314F9862C648A4DB8BE2A5B47BE100]c:\WINDOWS\Installer\71b7998.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3e43b73803c7c394f8a6b2f0402e19c2]C:\windows\Installer\44361.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\windows\Installer\4434d.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1007C6B46D7C017319E3B52CF3EC196E]c:\windows\Installer\44328.msi Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\67D6ECF5CD5FBA732B8B22BAC8DE1B4D]c:\windows\Installer\442b7.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]C:\windows\Installer\4433e.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CFD2C1F142D260E3CB8B271543DA9F98]c:\windows\Installer\4432f.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6E815EB96CCE9A53884E7857C57002F0]c:\windows\Installer\442b0.msi Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1926E8D15D0BCE53481466615F760A7F]c:\windows\Installer\5e9f1.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\windows\Installer\5d197.msi Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\22BEFC8F7E2A1793E9ADB411DEFE1C58]C:\WINDOWS\Installer\82ccfdc.msi Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\21EE4A31AE32173319EEFE3BD6FDFFE3]C:\WINDOWS\Installer\82ccfd8.msi Nitro Pro 7 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EDB35513FDCBA784E8EF9A11ADD331BD]C:\windows\Installer\44374.msi OmniPage SE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E7995D9797FBBB84B814B95EC9512C7D]C:\WINDOWS\Installer\cc8c7.msi Power2Go [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\38E1FB04BE028D11795C00905C206085]C:\windows\Installer\44342.msi PowerDVD [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DE532CED4A8571542A874CE1D8EABAB3]C:\windows\Installer\44365.msi PowerDVD Create [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CE358E6D069844D4FA303716BB3922C7]C:\windows\Installer\44351.msi PowerProducer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\60EC0A7BE8606D1179DF0005ABBC8F16]C:\windows\Installer\44346.msi ThinkVantage Password Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AAB2EE07A28FA8B459E046E9DF465D9B]C:\windows\Installer\77774.msi TuneUp Utilities 2011 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\65263042BDFB3DC4EBA83A6D61F0E261]C:\WINDOWS\Installer\19b3f52.msi TuneUp Utilities Language Pack (nl-NL) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7DB1CFD71AA91914C8B7CA9DB521B75C]C:\WINDOWS\Installer\19b3f4f.msi WaveEditor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CC67F423DD8D78D47BD74DFAE5A17A3B]C:\windows\Installer\4435a.msi ==== Empty Folders Check ====================== C:\Program Files\Common Files\Symantec Shared deleted successfully C:\PROGRA~3\SSScanAppDataDir deleted successfully C:\PROGRA~3\SSScanWizard deleted successfully C:\Users\patri_000\AppData\Roaming\CyberLink deleted successfully C:\Users\patri_000\AppData\Roaming\QuickScan deleted successfully C:\Users\patri_000\AppData\Local\Intel WiDi deleted successfully C:\Users\patri_000\AppData\Local\LSC deleted successfully ==== Checking Systemdrive for Symlinks ====================== Volume in drive C is Windows8_OS Volume Serial Number is 86BF-F208 Directory of C:\ 22/08/2013 15:45 Documents and Settings [C:\Users] 0 File(s) 0 bytes Directory of C:\$Recycle.Bin\S-1-5-21-3218135916-3078716367-3142756994-1001 14/04/2014 12:08 (1˙450˙193) $R43N9SQ.exe 09/02/2015 23:18 (285) $R59NJ7I.rtf 06/02/2015 12:39 (44) $RIT62I3.txt 03/02/2015 08:29 (120) $ROUM1UT.docx# 03/02/2015 08:31 (120) $RUGEFX3.docx# 5 File(s) 1˙450˙762 bytes Directory of C:\Program Files\Windows NT 15/01/2015 06:25 Bureau-accessoires [C:\Program Files\Windows NT\Accessories] 0 File(s) 0 bytes Directory of C:\ProgramData 22/08/2013 15:45 Application Data [C:\ProgramData] 15/01/2015 06:25 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 15:45 Desktop [C:\Users\Public\Desktop] 15/01/2015 06:25 Documenten [C:\Users\Public\Documents] 22/08/2013 15:45 Documents [C:\Users\Public\Documents] 15/01/2015 06:25 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 15/01/2015 06:25 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 15:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 15:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\ProgramData\Microsoft\Windows\Start Menu 15/01/2015 06:25 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users 22/08/2013 15:45 All Users [C:\ProgramData] 22/08/2013 15:45 Default User [C:\Users\Default] 0 File(s) 0 bytes Directory of C:\Users\All Users 22/08/2013 15:45 Application Data [C:\ProgramData] 15/01/2015 06:25 Bureaublad [C:\Users\Public\Desktop] 22/08/2013 15:45 Desktop [C:\Users\Public\Desktop] 15/01/2015 06:25 Documenten [C:\Users\Public\Documents] 22/08/2013 15:45 Documents [C:\Users\Public\Documents] 15/01/2015 06:25 Menu Start [C:\ProgramData\Microsoft\Windows\Start Menu] 15/01/2015 06:25 Sjablonen [C:\ProgramData\Microsoft\Windows\Templates] 22/08/2013 15:45 Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu] 22/08/2013 15:45 Templates [C:\ProgramData\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\All Users\Microsoft\Windows\Start Menu 15/01/2015 06:25 Programma's [C:\ProgramData\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default 22/08/2013 15:45 Application Data [C:\Users\Default\AppData\Roaming] 22/08/2013 15:45 Cookies [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCookies] 22/08/2013 15:45 Local Settings [C:\Users\Default\AppData\Local] 15/01/2015 06:25 Menu Start [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 15/01/2015 06:25 Mijn documenten [C:\Users\Default\Documents] 22/08/2013 15:45 My Documents [C:\Users\Default\Documents] 22/08/2013 15:45 NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 15/01/2015 06:25 Netwerkprinteromgeving [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 15:45 PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 22/08/2013 15:45 Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent] 22/08/2013 15:45 SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo] 15/01/2015 06:25 Sjablonen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 22/08/2013 15:45 Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu] 22/08/2013 15:45 Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local 22/08/2013 15:45 Application Data [C:\Users\Default\AppData\Local] 15/01/2015 06:25 Geschiedenis [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 15:45 History [C:\Users\Default\AppData\Local\Microsoft\Windows\History] 22/08/2013 15:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Local\Microsoft\Windows 22/08/2013 15:45 Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu 15/01/2015 06:25 Programma's [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\Default\Documents 15/01/2015 06:25 Mijn afbeeldingen [C:\Users\Default\Pictures] 15/01/2015 06:25 Mijn muziek [C:\Users\Default\Music] 15/01/2015 06:25 Mijn video's [C:\Users\Default\Videos] 22/08/2013 15:45 My Music [C:\Users\Default\Music] 22/08/2013 15:45 My Pictures [C:\Users\Default\Pictures] 22/08/2013 15:45 My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\Default.migrated\Documents 26/07/2012 08:22 My Music [C:\Users\Default\Music] 26/07/2012 08:22 My Pictures [C:\Users\Default\Pictures] 26/07/2012 08:22 My Videos [C:\Users\Default\Videos] 0 File(s) 0 bytes Directory of C:\Users\patri_000 15/01/2015 06:13 Application Data [C:\Users\patri_000\AppData\Roaming] 15/01/2015 06:13 Cookies [C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCookies] 15/01/2015 06:13 Local Settings [C:\Users\patri_000\AppData\Local] 15/01/2015 06:13 Menu Start [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu] 15/01/2015 06:13 Mijn documenten [C:\Users\patri_000\Documents] 15/01/2015 06:13 NetHood [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Network Shortcuts] 15/01/2015 06:13 Netwerkprinteromgeving [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Printer Shortcuts] 15/01/2015 06:13 Recent [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Recent] 15/01/2015 06:13 SendTo [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\SendTo] 15/01/2015 06:13 Sjablonen [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Templates] 0 File(s) 0 bytes Directory of C:\Users\patri_000\AppData\Local 15/01/2015 06:13 Application Data [C:\Users\patri_000\AppData\Local] 15/01/2015 06:13 Geschiedenis [C:\Users\patri_000\AppData\Local\Microsoft\Windows\History] 15/01/2015 06:13 Temporary Internet Files [C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\patri_000\AppData\Local\Microsoft\Windows 15/01/2015 06:13 Temporary Internet Files [C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache] 0 File(s) 0 bytes Directory of C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache 12/02/2015 12:34 Content.IE5 [C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Directory of C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu 15/01/2015 06:13 Programma's [C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs] 0 File(s) 0 bytes Directory of C:\Users\patri_000\Documents 15/01/2015 06:13 Mijn afbeeldingen [C:\Users\patri_000\Pictures] 15/01/2015 06:13 Mijn muziek [C:\Users\patri_000\Music] 15/01/2015 06:13 Mijn video's [C:\Users\patri_000\Videos] 0 File(s) 0 bytes Directory of C:\Users\patri_000\OneDrive 02/02/2013 01:11 (165) Alle Gegevens Belgacom B box 2.txt 16/02/2013 08:35 (1˙823) aswMBR.txt 28/01/2013 19:03 (463) Bericht verstuurd naar Voipbuster 280113.txt 30/07/2013 15:09 (1˙159) Bij nonkel Luc in Frankrijk.txt 20/01/2013 18:41 (10) ChangeIp.com - Velibor + wachtwoord.txt 09/01/2013 21:44 (16) Cyberlink Blu-Ray Disc Suite 6.0 serial number.txt 03/04/2013 10:03 (8) ddnsmembers constanto.txt 03/04/2013 19:22 (13) ddnsmembers diproforma.txt 26/06/2013 19:53 (43) DiSEqC.txt 03/04/2013 09:10 (9) dyndns.org password.txt 23/04/2013 07:38 (8) Eminent Third Party Apps and password.txt 21/01/2013 13:02 (7) Freecall dellabrida.txt 12/01/2013 01:32 (5˙632) Geleverde prestaties maaien gras Jaar 2013.wdb 12/01/2013 01:53 (6) Genie Timeline Inlog.txt 19/07/2013 09:19 (286) Gevraagde bijkomende stukken door de Hospitalisatie verzekering Mutualiteit.txt 24/01/2013 13:11 (361) Gezondheid Elvira.txt 07/02/2013 14:07 (441) Grandstream conferentie over internet.txt 16/02/2013 11:16 (662) Grandstream HT 503 rebooting.txt 13/01/2013 10:13 (10) Grooveshark - velibor 55 - wachtwoord.txt 09/01/2013 17:59 (10) Inlog Website Magix .txt 12/01/2013 22:23 (38) Magix Red uw Digitale Data 'sleutel'.txt 10/01/2013 00:52 (13) Magix wachtwoord.txt 11/04/2014 00:59 (15) Magix website wachtwoord dd 11042014.txt 16/02/2013 08:35 (512) MBR.dat 24/01/2015 10:09 (332˙276) mission_impossible.mp3 01/02/2013 19:47 (8) Nationaal Computer Forum winferdi.txt 20/01/2013 21:01 (24) Nieuws DDNS server.txt 19/12/2014 19:54 (2˙292) Op reis - allerlei opmerkingen.txt 31/07/2013 05:44 (14) password Wikango One.txt 27/01/2013 15:15 (6˙406) Reis Griekenland deel 2.txt 18/07/2013 18:59 (11) Satelliete Aankoop.txt 25/01/2013 15:06 (359) Sip Voipbuster ect.txt 12/06/2013 23:07 (12) Styling Mercedes password.txt 27/01/2013 15:13 (1˙632) Sunjets Reis Griekenland.txt 13/10/2013 21:42 (625) Sync.lnk 13/02/2013 20:19 (100) te bewaren.txt 16/02/2013 10:21 (37) URL.txt 13/02/2013 18:16 (548) Vraag expert Grandstream 503.txt 28/07/2013 11:58 (24) Wachtw voor Genie Time Line Herstel Back Up.txt 06/02/2013 08:15 (10) Wachtwoord Thuis Netwerk.txt 02/09/2013 14:50 (508) WERKEN = CARINA.txt 07/05/2014 17:47 (1˙628˙160) Werkzaamheden (Luc&Carina Jaar 2013).xlr 42 File(s) 1˙984˙756 bytes Directory of C:\Users\patri_000\OneDrive\Afbeeldingen\Camera-album 29/09/2012 14:50 (1˙274˙461) 20120929_155036_Android.jpg 29/09/2012 14:50 (1˙209˙192) 20120929_155050_Android.jpg 29/09/2012 14:51 (1˙261˙167) 20120929_155106_Android.jpg 15/01/2015 23:59 (372˙985) WP_20150115_23_59_05_0_Pro.jpg 15/01/2015 23:59 (576˙968) WP_20150115_23_59_06_1_Pro.jpg 5 File(s) 4˙694˙773 bytes Directory of C:\Users\patri_000\OneDrive\Afbeeldingen\Opgeslagen foto's 27/01/2015 16:00 (691˙405) 20120929_155106_Android(1).jpg 27/01/2015 16:00 (691˙405) 20120929_155106_Android.jpg 2 File(s) 1˙382˙810 bytes Directory of C:\Users\patri_000\OneDrive\CyberLink\PowerDVD9 24/03/2013 00:46 (170) Default.PLS 1 File(s) 170 bytes Directory of C:\Users\patri_000\OneDrive\Documenten 24/12/2014 16:55 (1˙740) 1950_angel.mid 24/12/2014 16:50 (21˙963) 1950_labamba.mid 02/01/2014 21:28 (33) Admin - Chief of Operations.txt 11/12/2013 11:28 (20) Adoboe Reader passw.txt 26/08/2014 12:54 (392) Antispam Personnel.bwl 30/10/2014 10:06 (210) Auto 5.rtf 24/12/2014 16:39 (9˙125) Beethoven_moonlightsonata.mid 02/05/2014 17:46 (18) Belgacom Cloud Email adress + Password.txt 29/01/2014 09:01 (1˙824) Betaling Sunjets reis Turkey 5 maart 2014.txt 08/01/2014 13:48 (9) bol.txt 24/12/2014 08:38 (765) Brief Gerard Houbaille.txt 08/02/2015 13:15 (18) BubbleUPnP Server.txt 02/10/2014 08:09 (1˙265) BuyWay brief.rtf 29/09/2014 13:51 (278) BuyWay kredietoplossing en adres.rtf 30/10/2014 20:11 (237) Buyway.rtf 14/01/2015 15:11 (36) Coolblue be.txt 12/08/2014 08:39 (3˙007) CyberGhos settings.c5s 12/01/2015 21:21 (11) Dashlane wachtwoord.txt 10/04/2014 20:04 (204) Document.rtf 11/11/2014 01:05 (272) E services Belgacom.rtf 09/01/2015 08:59 (79) Ethias.txt 24/12/2014 17:00 (46˙784) film_bond.mid 10/11/2013 12:30 (8) garmin be gmail en wachtwoord.txt 23/02/2014 09:04 (253) Garmin Belgie.rtf 17/04/2012 09:15 (3˙503˙684) Generic UG_Acer_1.0_Nl.pdf 08/01/2014 20:57 (565) georeges.txt 07/11/2014 09:11 (319) Humo referenties.rtf 08/01/2015 20:07 (45) Inlog Medion LifeCloud.txt 12/05/2014 07:18 (47) iSEC - Veilig Opnemen.txt 16/02/2014 08:17 (201) jwplayer.rtf 25/01/2014 21:36 (243) linux.rtf 24/12/2014 09:26 (7) Medion be.txt 08/01/2015 19:57 (59) Medion Life Cloud BipBooster Gebruikersnaam Pilsard.txt 02/01/2015 20:12 (27) Medion Life Cloud Torrents.txt 24/12/2014 17:10 (38˙538) Mission_Impossible.mid 03/01/2014 12:10 (47) MSN code.txt 17/09/2014 10:19 (195) MyBitDefender BOX 06/01/2015 10:51 (90) MyEthias.txt 06/01/2015 09:15 (12) MyPeugeot be.txt 07/04/2014 09:57 (203) Mythbuntu name Patrick2.rtf 04/04/2014 19:08 (235) Mythbuntu name Patrick3.rtf 25/12/2013 11:55 (16) new password for microsoft.txt 19/07/2014 08:00 (48) Niew password HLN.BE 05052014.txt 23/01/2014 12:20 (123) NV Aldi-gewestelijk.txt 22/07/2014 07:25 (119) Onderhoud Mercedes 220.txt 19/01/2014 10:09 (8) Openstreetmap Name delsol.txt 02/02/2015 10:25 (42) Opensubtitles.org.txt 23/01/2015 11:30 (246) Opgelet Admin Synology DSM wachtwoord.rtf 11/12/2013 11:59 (424) Opzeg Creditcard ICS op mijn naam.txt 23/12/2014 13:53 (12˙175) order_information_1500452930113.pdf 21/12/2014 09:44 (10˙240) Overzicht werkzaamheden bij Luc & Carina Jaar 2014.wdb 25/01/2013 08:11 (6˙656) Overzicht werkzaamheden.wdb 25/08/2014 18:07 (270) patrick anti spam.bwl 25/08/2014 22:36 (52˙429˙312) Patrick kluisbestand.bvd 08/11/2014 09:00 (13) patrick_vangrembergen@yahoo.txt 01/01/2015 14:19 (29) paypal elvire schollaert.txt 28/01/2015 12:04 (1˙974) Plex Galvino.docx 07/02/2015 21:27 (52) Potatomanager.txt 07/08/2014 08:24 (11) Private Tunnel VPN nam email.txt 21/04/2014 11:03 (10) Qnap Cloud email gmail & Wachtwoord.txt 14/02/2014 13:24 (199) QuickConnect Id.rtf 13/12/2013 23:18 (79) regie.txt 13/12/2013 23:19 (118) regie2.txt 09/02/2015 23:17 (46) Remote Control Tosty (kodi).txt 09/02/2015 19:50 (243) Remote Control Tosty .rtf 31/01/2015 15:19 (5˙698) Reservering Nessebar Hotel, Bulgaria.txt 28/09/2014 16:37 (219) Roboform Hoofdwachtwoord.rtf 04/03/2014 09:00 (204) safe.rtf 01/01/2015 14:57 (207) skynet.be inlog.rtf 31/01/2015 10:31 (342) SoftEther VPN.rtf 12/04/2014 02:29 (201) Symform Back up Cloud System.rtf 10/11/2014 12:32 (16) Synology VPN protocol verbinding.txt 12/04/2014 02:27 (288) tekst blog diskstation.rtf 14/04/2014 23:05 (61) Titel Video.txt 06/05/2014 12:48 (7) TomTom Francoise De Schryver.txt 05/11/2013 11:11 (38) Ubuntu one password.txt 28/03/2014 11:33 (206) ubuntu server name velibor.rtf 10/04/2014 20:29 (205) Ubuntu v 13.10 wachtwoord (zaldua).rtf 10/06/2012 15:11 (71) VREG.txt 04/01/2015 13:08 (208) Wachtwoord voor Dlink device.rtf 29/08/2014 14:26 (14) Zorin OS 9 - forum.txt 81 File(s) 56˙103˙506 bytes Directory of C:\Users\patri_000\OneDrive\Documenten\Bitdefender Safepay 23/12/2014 13:53 (12˙175) order_information_1500452930113.pdf 1 File(s) 12˙175 bytes Directory of C:\Users\patri_000\OneDrive\Documenten\Voor Hospitaalverzekering 19/08/2013 09:21 (21) G.O.M password.txt 19/08/2013 07:49 (1˙029) Hospitalisatieverzekering Elvira.txt 23/06/2013 11:35 (665˙047) scannen0001.pdf 23/06/2013 11:38 (661˙291) scannen0002.pdf 23/06/2013 11:39 (722˙766) scannen0003.pdf 23/06/2013 11:30 (551˙351) scannen0004.jpg 23/06/2013 11:42 (738˙285) scannen0004.pdf 23/06/2013 11:45 (750˙310) scannen0005.pdf 23/06/2013 11:46 (886˙208) scannen0006.pdf 23/06/2013 11:48 (748˙318) scannen0007.pdf 23/06/2013 11:51 (864˙534) scannen0008.pdf 23/06/2013 11:52 (352˙043) scannen0009.pdf 23/06/2013 11:54 (877˙582) scannen0010.pdf 23/06/2013 11:56 (330˙736) scannen0011.pdf 14 File(s) 8˙149˙521 bytes Directory of C:\Users\Public\Documents 15/01/2015 06:25 Mijn afbeeldingen [C:\Users\Public\Pictures] 15/01/2015 06:25 Mijn muziek [C:\Users\Public\Music] 15/01/2015 06:25 Mijn video's [C:\Users\Public\Videos] 22/08/2013 15:45 My Music [C:\Users\Public\Music] 22/08/2013 15:45 My Pictures [C:\Users\Public\Pictures] 22/08/2013 15:45 My Videos [C:\Users\Public\Videos] 0 File(s) 0 bytes Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache 31/01/2015 21:05 Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Directory of C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache 31/01/2015 21:05 Content.IE5 [C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\] 0 File(s) 0 bytes Total Files Listed: 151 File(s) 73˙778˙473 bytes 80 Dir(s) 437˙818˙789˙888 bytes free ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== PowerDVD Create 10 7-Zip 9.38 beta Adobe Acrobat 5.0 Adobe AIR Advanced Uninstaller PRO - Version 11 ArcSoft PhotoStudio 5.5 Bitdefender Internet Security 2015 Canon ScanGear Starter CanoScan Toolbox Ver4.9 CCleaner CyberLink Power2Go 7 CyberLink PowerDVD 10 CyberLink PowerProducer 5.5 Dolby Advanced Audio v2 Google Chrome Google Update Helper Intel AppUp(SM) center Intel(R) Control Center Intel(R) Management Engine Components Intel(R) Network Connections 18.5.54.0 Intel(R) PRO/Wireless Driver Intel(R) Processor Graphics Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) Update Manager Intel(R) WiDi Intel© PROSet/Wireless Software Intel© PROSet/Wireless WiFi Software Intel© Trusted Connect Service Client Isoplex Kodi Lenovo AutoLock Lenovo Dependency Package Lenovo Patch Utility 64 bit Lenovo QuickLaunch Lenovo Settings - Camera Audio Lenovo Settings Dependency Package 1.0.1.5 Lenovo Slim USB Keyboard Lenovo Solution Center Lenovo System Update Lenovo User Guide Lenovo Warranty Information Malwarebytes Anti-Malware versie 2.0.4.1028 Manual CanoScan LiDE 60 Metric Collection SDK Metric Collection SDK 35 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 Mozilla Firefox 35.0.1 (x86 nl) Mozilla Maintenance Service Nitro Pro 7 Power Manager PowerDVD Create PWGen 2.5.2 Realtek Card Reader Realtek High Definition Audio Driver SHAREit SoftEther VPN Client Spotify SugarSync Manager ThinkVantage Password Manager TuneUp Utilities 2011 TuneUp Utilities Language Pack (nl-NL) View Management Utility WaveEditor Windows Driver Package - Intel (e1cexpress) Net (07/12/2012 12.1.77.0) ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 7996 MB CPU Info: Intel(R) Core(TM) i5-3470S CPU @ 2.90GHz CPU Speed: 2897,6 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 720 - 32 bit Network: Network Present Network Adapters: Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Intel(R) Centrino(R) Wireless-N 2230 CD / DVD Drives: 1x (D: | ) D: PLDS DVD-RW DS8A8SH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 444,4GB Hard Disks - Free: C: 407,7GB Manufacturer *: LENOVO BIOS Info: AT/AT COMPATIBLE | | LENOVO - 11F0 Time Zone: Romance (standaardtijd) Motherboard *: LENOVO MAHOBAY Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Bitdefender Antivirus On-access scanning disabled (Outdated) Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Spyware: Bitdefender Antispyware disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Bitdefender Firewall disabled Default Browser: Firefox 35.0.1 Internet Explorer Version: 11.0.9600.17631 Mozilla Firefox version: 35.0.1 (x86 nl) Google Chrome version: 40.0.2214.111 Adobe Reader version: 5.0.5.2001092400 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-01-15 09:12:08 A1158E57057594712E066438F60FBEDC 556 ----a-w- C:\WINDOWS\MAXLINK.INI 2015-01-15 09:10:50 7ED438C44B90AF7B01609A942C7E7196 212480 ----a-w- C:\WINDOWS\PCDLIB32.DLL 2015-01-15 09:09:59 65541F7F9075194CDA176FBAE8977560 308224 ----a-w- C:\WINDOWS\IsUn0413.exe 2015-01-15 08:48:52 C7746503AAE429754D183D1F8B514B04 9043 ----a-w- C:\WINDOWS\hpdj3740.his 2015-01-15 08:48:52 14673BE0804B2D544EA2E0984CA9BE6E 1869 ----a-w- C:\WINDOWS\hpdj3740.ini 2015-01-15 07:26:22 85D47EB257B06094F052E0C8AEFA3BEE 2501368 ----a-w- C:\WINDOWS\explorer.exe 2015-01-15 07:25:38 80E856B1AFAEB6195EADAAD65945147C 1001472 ----a-w- C:\WINDOWS\HelpPane.exe 2015-01-15 07:24:37 959A31D0CD013CEA0C66DB7C03BCBDDF 221184 ----a-w- C:\WINDOWS\notepad.exe 2015-01-15 07:24:14 B67DB709F5FDAA89CA6C2CB6C1E39B3B 154624 ----a-w- C:\WINDOWS\regedit.exe 2015-01-15 07:24:10 727B4519FE9919447108CBEC4768F34A 54272 ----a-w- C:\WINDOWS\twain_32.dll 2015-01-15 07:23:49 B934411DFE7DEACFA95A1255A48133C9 17408 ----a-w- C:\WINDOWS\hh.exe 2015-01-15 07:23:49 335C38783B3F1B383ECAC17DB3705895 9728 ----a-w- C:\WINDOWS\winhlp32.exe 2015-01-15 07:23:48 73E19BE0E0ECD88616B5762F621B0226 11264 ----a-w- C:\WINDOWS\write.exe 2015-01-15 07:19:54 7826082B93262AB6460E77B91C61EA30 128512 ----a-w- C:\WINDOWS\splwow64.exe 2015-01-15 05:13:19 81DD33EC695AB90466031CF430CFA1BD 20958 ----a-w- C:\WINDOWS\diagwrn.xml 2015-01-15 05:13:19 81DD33EC695AB90466031CF430CFA1BD 20958 ----a-w- C:\WINDOWS\diagerr.xml 2015-01-14 21:08:56 9130CCE19B5DB3D2E31F9F789263FC4A 511328 ----a-w- C:\WINDOWS\capicom.dll 2015-01-14 08:31:33 6AD96F00348B5D3F807170DAD8068209 146 ----a-w- C:\WINDOWS\launchpw.cmd 2015-01-14 08:31:14 5679D849D927138223226E9226A4DA6C 1577 ----a-w- C:\WINDOWS\Delfg.cmd 2015-01-14 08:21:50 0E21133A8CD4C1220961DD9ABD3CDF91 414632 ----a-w- C:\WINDOWS\difxapi.dll 2015-01-14 07:22:49 AEDB2DDF335B8000FA34C62FC1A8FB32 151416 ----a-w- C:\WINDOWS\MFGSTAT.zip 2015-01-14 07:21:42 B125C21872B0EEF88AAD6EC1027AAC28 6 ----a-w- C:\WINDOWS\systemtype.txt 2015-01-14 07:16:32 EB86006309C42C65AFBFE80BEB3545CE 196608 ----a-w- C:\WINDOWS\ocsetup_install_NetFx3.etl 2015-01-14 07:16:32 E3E0229E56DE093A63C4284580733A84 32804 ----a-w- C:\WINDOWS\ocsetup_cbs_install_NetFx3.txt 2015-01-14 07:08:30 EC4BC4C02977430154D92A2D6F3CC0FA 12 ----a-w- C:\WINDOWS\CSUP.TXT 2015-01-14 07:06:31 8A804D7A7925157E912B775406F29347 2080472 ----a-w- C:\WINDOWS\RtlExUpd.dll ====== C:\Users\PATRI_~1\AppData\Local\Temp ==== 2015-02-12 09:38:54 3B744F40A0271082FC64A001949DE2D7 5556792 ----a-w- C:\Users\patri_000\AppData\Local\Temp\VPN_55F8\B7091C83.dll 2015-02-12 09:38:53 3B744F40A0271082FC64A001949DE2D7 5556792 ----a-w- C:\Users\patri_000\AppData\Local\Temp\VPN_F662\B7091C83.dll ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-02-11 09:54:54 4FD3763F3917201856B0CBCE310003EA 4300800 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll 2015-02-11 07:26:14 61C74D794C14E9FC94D93F5F0F72A3F9 19740160 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-02-11 07:26:12 78A1A938D51D4F83A772123B93EE1612 12829184 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-02-11 07:26:11 9A91F9B5035F54C2D0BA92CF9B16EE34 2277888 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-02-11 07:26:10 EF05E63ACC834470A07A2E73D519B5FA 418304 ----a-w- C:\WINDOWS\SysWOW64\dxtmsft.dll 2015-02-11 07:26:10 E4D2BC3DA34348662960E5C2A66DD2F4 664064 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll 2015-02-11 07:26:10 9DEE691C8FDBC2DE6957F1AE873C78FC 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-02-11 07:26:10 8E8137569741D3693F88DDF94CC38C20 1307136 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll 2015-02-11 07:26:09 FD6AF61AF029B9BC2CF4EFF57CDD5821 710144 ----a-w- C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-02-11 07:26:09 F285D499EC42969D963CA49EADA63218 1888256 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll 2015-02-11 07:26:09 E06ED042936F8D932748FACCB229A52C 128000 ----a-w- C:\WINDOWS\SysWOW64\iepeers.dll 2015-02-11 07:26:09 AD3F5926EC2C1F21FB45D1CDED6E2A47 2052608 ----a-w- C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-02-11 07:26:09 9947D49276026A96D8ACDE9CBAAFC807 230400 ----a-w- C:\WINDOWS\SysWOW64\webcheck.dll 2015-02-11 07:26:09 94BD6172078CFB71B59A7AF56CF77AF9 880128 ----a-w- C:\WINDOWS\SysWOW64\inetcomm.dll 2015-02-11 07:26:09 8FBC9680719ACDA9351B67D906C682F4 688640 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll 2015-02-11 07:26:09 47893802431547E170D36E033F846882 327168 ----a-w- C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-02-11 07:26:09 3B9EF1B8E154D202D32A7765E2F33554 64000 ----a-w- C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-02-11 07:26:07 332625D3A96613A7CBC66B04F307F2FA 393728 ----a-w- C:\WINDOWS\SysWOW64\scesrv.dll 2015-02-11 07:26:06 A7AA844B8C4F7A5A13D85201877C84E5 1498360 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-02-11 07:26:05 96750B86DA18725EBAE201989AAD9B98 1489072 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2015-02-11 07:26:04 74887EBB4777EC450EF167645C99163E 602776 ----a-w- C:\WINDOWS\SysWOW64\oleaut32.dll 2015-02-11 07:26:04 6705E8543E628DE9877F726C6B4A1E39 324096 ----a-w- C:\WINDOWS\SysWOW64\certcli.dll 2015-02-11 07:26:03 C9E243A14893E41E1EF6D3A31BAEF08A 359424 ----a-w- C:\WINDOWS\SysWOW64\schannel.dll 2015-02-07 11:26:35 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\WINDOWS\SysWOW64\D3DX9_43.dll 2015-02-07 11:26:35 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\WINDOWS\SysWOW64\D3DCompiler_43.dll ====== C:\WINDOWS\SysWOW64\drivers ===== 2015-01-14 07:03:21 143BEC7B77025E79848F46472DB5BACD 21 ----a-w- C:\WINDOWS\SysWOW64\drivers\17AA_Lenovo_ThinkCentre_Edge_92Z_3396_C5G.MRK ====== C:\WINDOWS\Sysnative ===== 2015-02-11 09:54:55 16ACAA0C01F31B39F39446188F6A3593 6041600 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll 2015-02-11 07:26:15 CD726C899BD9A398E8420564A957320B 25056256 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-02-11 07:26:13 E0F76B5B904E4F448641B2B506496351 14401024 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-02-11 07:26:11 A7A3775B0014B165D75A00A1F632E4B5 2885632 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-02-11 07:26:11 505815B1967A504B077497D304239B4A 816128 ----a-w- C:\WINDOWS\Sysnative\jscript.dll 2015-02-11 07:26:10 BF57C911895454A8874E9DFA5716C624 584192 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-02-11 07:26:10 9DFE41A69DF70AAB75CB5BA8C1109EA2 2358272 ----a-w- C:\WINDOWS\Sysnative\wininet.dll 2015-02-11 07:26:10 15842FB41A3BF2A2F5071518B38C957A 2125824 ----a-w- C:\WINDOWS\Sysnative\inetcpl.cpl 2015-02-11 07:26:09 F86097CFDE7624DA2DE246F5B4BE3704 1032704 ----a-w- C:\WINDOWS\Sysnative\inetcomm.dll 2015-02-11 07:26:09 D7922F3AC6BF1EA77240E0061D648174 490496 ----a-w- C:\WINDOWS\Sysnative\dxtmsft.dll 2015-02-11 07:26:09 CF1488FCA487516DB09E797F3AC49E4A 2865152 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll 2015-02-11 07:26:09 CB2528D522FF1F5A7BF9B27D2FB250FF 1548288 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll 2015-02-11 07:26:09 A04F0C4A0B80C92F92E854E7157D6466 92160 ----a-w- C:\WINDOWS\Sysnative\mshtmled.dll 2015-02-11 07:26:09 907B558B742B1E52E9E37E3CAAF6508E 262144 ----a-w- C:\WINDOWS\Sysnative\webcheck.dll 2015-02-11 07:26:09 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe 2015-02-11 07:26:09 7A388AFC6885D22F4D988EE9B8D1291A 800768 ----a-w- C:\WINDOWS\Sysnative\ieapfltr.dll 2015-02-11 07:26:09 76DB5845E168173BBA2D3CCC4B363E42 801280 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll 2015-02-11 07:26:09 49FABD0144A3BBD59D5DA1A0180DCE6E 374272 ----a-w- C:\WINDOWS\Sysnative\iedkcs32.dll 2015-02-11 07:26:09 47162151E35EA0B7152B7C841FA21FDB 88064 ----a-w- C:\WINDOWS\Sysnative\MshtmlDac.dll 2015-02-11 07:26:07 F8A442ABBAB56529B625DB9D916EA46A 538624 ----a-w- C:\WINDOWS\Sysnative\scesrv.dll 2015-02-11 07:26:06 7162FD845D142C542C0D041F3B3D525F 1733440 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-02-11 07:26:06 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe 2015-02-11 07:26:05 9EC0B4E613DB6002DEF0346208E433E7 1762840 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll 2015-02-11 07:26:04 F5BC103612FE72C176C751721B874FA6 445440 ----a-w- C:\WINDOWS\Sysnative\certcli.dll 2015-02-11 07:26:04 6835D94FDAAB39E008E8490BD3E88CA3 788680 ----a-w- C:\WINDOWS\Sysnative\oleaut32.dll 2015-02-11 07:26:04 43647B730E82998201C61CA7FF7B524A 391526 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml 2015-02-11 07:26:04 3D2E3A5CFCE65310134C11A00D6D32D0 430080 ----a-w- C:\WINDOWS\Sysnative\schannel.dll 2015-02-11 07:26:02 FCEE1C08EA416800FAC891DDEB608627 414208 ----a-w- C:\WINDOWS\Sysnative\devinv.dll 2015-02-11 07:26:02 EF2C89AEE3D56860F6CCB8D97374402B 227328 ----a-w- C:\WINDOWS\Sysnative\aepdu.dll 2015-02-11 07:26:02 E357B0D37DB9C4B17923C893CCF75A18 894464 ----a-w- C:\WINDOWS\Sysnative\appraiser.dll 2015-02-11 07:26:02 642A03FB834B4C4BCA8DFEE2EFD4175B 609280 ----a-w- C:\WINDOWS\Sysnative\generaltel.dll 2015-02-11 07:26:02 32DE26000788F35DA344702B44728524 761856 ----a-w- C:\WINDOWS\Sysnative\invagent.dll 2015-02-11 07:26:02 12D4142E4EBFDB6F057B615A0547C4CF 1098752 ----a-w- C:\WINDOWS\Sysnative\aeinv.dll 2015-02-11 07:25:28 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\WINDOWS\Sysnative\win32k.sys 2015-02-11 07:25:16 BA0ED854110D45E5D4A46BD250BAF4E0 1487976 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll 2015-01-31 18:57:36 3C90B3F78C15B3687D2C643D3D5B1102 135736 ----a-w- C:\WINDOWS\Sysnative\vpncmd.exe ====== C:\WINDOWS\Sysnative\drivers ===== 2015-02-11 11:13:36 D0B093DDF5FD05E4D0109159E9153A52 263032 ----a-w- C:\WINDOWS\Sysnative\drivers\avchv.sys 2015-02-11 09:06:53 C8B54E81501386A91B0E0BD596965C9B 155912 ----a-w- C:\WINDOWS\Sysnative\drivers\gzflt.sys 2015-02-11 09:06:53 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\WINDOWS\Sysnative\drivers\trufos.sys 2015-02-11 07:26:04 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2015-02-11 07:26:04 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2015-02-02 16:30:20 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys 2015-02-02 16:30:03 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\WINDOWS\Sysnative\drivers\mbam.sys 2015-02-02 16:30:03 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\WINDOWS\Sysnative\drivers\mwac.sys 2015-02-02 16:30:03 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys 2015-01-31 20:38:59 3E027E177C0FABC1047A3079FD106A8C 38240 ----a-w- C:\WINDOWS\Sysnative\drivers\see.sys 2015-01-31 20:38:07 4EBDCFC46D38B226A5F89F4443CE50B4 38368 ----a-w- C:\WINDOWS\Sysnative\drivers\SeLow_x64.sys 2015-01-31 18:57:54 F0CD28F4BBA7143523CD1A47C09259A8 28640 ----a-w- C:\WINDOWS\Sysnative\drivers\Neo_VPN.sys 2015-01-16 17:51:52 709041B0125EC06F351BE7F6BC5DA1F0 5694760 ----a-w- C:\WINDOWS\Sysnative\drivers\rtvienna.dat 2015-01-16 17:51:52 2BEE14AC102CF1259AC99ABF53291A8B 3591000 ----a-w- C:\WINDOWS\Sysnative\drivers\RTKVHD64.sys 2015-01-16 17:51:52 1AD345105CB0D2CACC245B504D7E58AB 633381 ----a-w- C:\WINDOWS\Sysnative\drivers\RTAIODAT.DAT 2015-01-16 14:07:24 79A0E9735B144660512198C3F5F48623 469264 ----a-w- C:\WINDOWS\Sysnative\drivers\e1c64x64.sys 2015-01-16 14:01:35 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-01-16 14:01:24 18B9AD128EC84E8D16A83F70CF36594F 99288 ----a-w- C:\WINDOWS\Sysnative\drivers\TeeDriverx64.sys 2015-01-15 07:26:39 65454187E0F8B6C0DCECB0287D06EC43 14144 -c--a-w- C:\WINDOWS\Sysnative\drivers\swenum.sys 2015-01-15 07:26:23 00C594D5A1DBD22AD8B2902B9F6EFF94 14528 -c--a-w- C:\WINDOWS\Sysnative\drivers\drmkaud.sys 2015-01-15 07:26:21 7F68063A5A0461E02BC860CE0E6BFDDC 2025792 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-01-15 07:25:55 21FE65E2E67C4E31EE95CBD1F91C4B24 1114432 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2015-01-15 07:25:47 E1BB0B6F00F470B451AB45EA13EBA0B3 1552704 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2015-01-15 07:25:38 E796AE43DDD1844281DB4D57294D17C0 533824 -c--a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys 2015-01-15 07:25:38 982B9495F70FEEA269C48F18E960EFDE 389952 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2015-01-15 07:25:34 00D8AC8E3053290BDE6EA2FB6810D2FC 678400 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys 2015-01-15 07:25:25 31233271EDE50D1BBB220F78AFA60486 405504 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys 2015-01-15 07:25:11 D24B1945ED1F9C96DA786DBBF1E983CE 415040 -c--a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2015-01-15 07:25:11 9DBC32A45CFA67074432D2AF6C2832B6 559104 ----a-w- C:\WINDOWS\Sysnative\drivers\csc.sys 2015-01-15 07:25:09 2787A73C848128C950385CB3A63A6B91 337728 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys 2015-01-15 07:25:06 6276AC2AA203CF47811F6EFBBD214FBF 202752 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys 2015-01-15 07:25:04 C1FB505A73FA2E9019D32444AB33B75A 354112 ----a-w- C:\WINDOWS\Sysnative\drivers\fltMgr.sys 2015-01-15 07:24:59 D7B4859227B02BCC1055B279A63C937F 226304 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFRd.sys 2015-01-15 07:24:56 FAA564A13576F9284546BF016D27B551 467776 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-01-15 07:24:50 13EFD41E351F31E087283CF66C29A25E 373568 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2015-01-15 07:24:44 C37F4930795B771400C63C3C87E7A6C2 1198080 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2015-01-15 07:24:36 481286719402E4BAEFEA0604AB1B5113 113664 ----a-w- C:\WINDOWS\Sysnative\drivers\WUDFPf.sys 2015-01-15 07:24:34 C76097CA941FA7CAFEDB1E557969025C 272384 -c--a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys 2015-01-15 07:24:27 4E829B18D5BAEC29893792A3C671A847 100672 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys 2015-01-15 07:24:25 BAFF6122CFC9F95CA175AD8C348179A4 88896 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys 2015-01-15 07:24:19 41F631007A158FEBB67F0E2AD1601BBA 93696 ----a-w- C:\WINDOWS\Sysnative\drivers\rassstp.sys 2015-01-15 07:24:16 FC0141B4A5AD6D637D883C1A89FC45C5 151040 ----a-w- C:\WINDOWS\Sysnative\drivers\pacer.sys 2015-01-15 07:24:15 F00B189ECA74DDF408AD934ADDC72477 89088 -c--a-w- C:\WINDOWS\Sysnative\drivers\drmk.sys 2015-01-15 07:24:15 D1D82F007A079A4D623DBD1F36EF30A1 102208 ----a-w- C:\WINDOWS\Sysnative\drivers\mountmgr.sys 2015-01-15 07:24:15 008F7CED69FD5B30CBDE1E03C6F36A27 445440 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2015-01-15 07:24:14 A7C31B168F371E8E6796219F23E354DB 61248 ----a-w- C:\WINDOWS\Sysnative\drivers\fsdepends.sys 2015-01-15 07:24:12 A53E798C06D729CCF8459968B4372F6E 89368 ----a-w- C:\WINDOWS\Sysnative\drivers\vmbkmcl.sys 2015-01-15 07:24:09 615DFD97DEA56CE1C3A52185A3038FF8 921920 ----a-w- C:\WINDOWS\Sysnative\drivers\refs.sys 2015-01-15 07:24:04 BC8A79C625568DDB7DCA49D0C2741A64 27456 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys 2015-01-15 07:24:04 511AD3FF957A0127E6BD336FF6F89C38 97048 ----a-w- C:\WINDOWS\Sysnative\drivers\vmbus.sys 2015-01-15 07:24:03 EF31713EE4C7CCFE4049F7E7F15645A2 69952 ----a-w- C:\WINDOWS\Sysnative\drivers\vpci.sys 2015-01-15 07:24:03 8B9486B64E5FC17FB9CC04CA10B77A34 49944 ----a-w- C:\WINDOWS\Sysnative\drivers\vmstorfl.sys 2015-01-15 07:24:03 269882812E9A68FFF1AFE1283D428322 126464 ----a-w- C:\WINDOWS\Sysnative\drivers\NdisImPlatform.sys 2015-01-15 07:24:03 10A78656BF6126245631705E45F9B9CF 61208 ----a-w- C:\WINDOWS\Sysnative\drivers\winhv.sys 2015-01-15 07:24:02 6FC047578785B0435F4E2660946D1ADC 74240 ----a-w- C:\WINDOWS\Sysnative\drivers\mpsdrv.sys 2015-01-15 07:24:00 F3C060444777A59FC63D920719E43CCD 115712 ----a-w- C:\WINDOWS\Sysnative\drivers\bridge.sys 2015-01-15 07:24:00 A2468CC3509394A33C4C32F99563D845 54784 ----a-w- C:\WINDOWS\Sysnative\drivers\wpcfltr.sys 2015-01-15 07:24:00 807F8CF3E973305FC435C61CBBEE2A49 189248 -c--a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS 2015-01-15 07:24:00 1A20F03700D2B2ED775E38D751EF2F63 324928 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS 2015-01-15 07:24:00 0E046FF5823B95326D10CF1B4AF23541 39424 ----a-w- C:\WINDOWS\Sysnative\drivers\nsiproxy.sys 2015-01-15 07:23:59 A57A897E3F87B8E9F30A627C42779A76 21824 ----a-w- C:\WINDOWS\Sysnative\drivers\tbs.sys 2015-01-15 07:23:59 5F66B7BB330AA80067FC66149A692620 33600 ----a-w- C:\WINDOWS\Sysnative\drivers\wimmount.sys 2015-01-15 07:23:57 5C8F604F6DC74177CDD8372D7B1ADFF0 212736 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbvideo.sys 2015-01-15 07:23:50 D4DCE03870314D3354F3501F9DDD4123 87040 ----a-w- C:\WINDOWS\Sysnative\drivers\netvsc63.sys 2015-01-15 07:23:50 415DD71628795197F7AFC176CBADC74E 82944 ----a-w- C:\WINDOWS\Sysnative\drivers\appid.sys 2015-01-15 07:23:49 42FF4975D032CAE558AE4BB8448F6E5A 48128 ----a-w- C:\WINDOWS\Sysnative\drivers\netbios.sys 2015-01-15 07:23:47 D7A41959BB3A8510F1BAC36F5CEC1874 144384 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-01-15 07:23:47 B337B1F1E82A83E20A1743E008E25C0F 17408 ----a-w- C:\WINDOWS\Sysnative\drivers\rasacd.sys 2015-01-15 07:23:47 9746BA79DE0CA5EB5104406A9ED62D01 11776 ----a-w- C:\WINDOWS\Sysnative\drivers\rootmdm.sys 2015-01-15 07:23:47 8CECC8DA55F3274181FD1EA28AD76664 43008 ----a-w- C:\WINDOWS\Sysnative\drivers\ndiscap.sys 2015-01-15 07:23:47 83868EB2924E6BC21A54337C65D614D1 47104 ----a-w- C:\WINDOWS\Sysnative\drivers\qwavedrv.sys 2015-01-15 07:23:47 67343511D80BF3D6D9EEDB5BA8D0B06B 57856 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthhfenum.sys 2015-01-15 07:23:47 51B3AC0560848CD6D65AC2033E293113 66560 ----a-w- C:\WINDOWS\Sysnative\drivers\mslldp.sys 2015-01-15 07:23:47 3083926D1CC5B56EA0786527B557DD1B 103424 ----a-w- C:\WINDOWS\Sysnative\drivers\Ndu.sys 2015-01-15 07:23:47 20185BEB7512EDE4EFECDFA148AC9F99 29696 -c--a-w- C:\WINDOWS\Sysnative\drivers\TsUsbGD.sys 2015-01-15 07:23:47 13BEA6C882D4D877A5A85CA149C86BC1 40960 ----a-w- C:\WINDOWS\Sysnative\drivers\scfilter.sys 2015-01-15 07:23:47 1104A31260CCF4318C884E0AE6C513BF 53248 -c--a-w- C:\WINDOWS\Sysnative\drivers\bthenum.sys 2015-01-15 07:23:47 08EA90955AED2D959EE67DF6EDF0E2B6 81920 -c--a-w- C:\WINDOWS\Sysnative\drivers\BTHUSB.SYS 2015-01-15 07:23:47 0139248F6B95CF0D837B5B46A2722D40 98304 -c--a-w- C:\WINDOWS\Sysnative\drivers\usbcir.sys 2015-01-15 07:19:56 3C2DF97A21A9BBE6355B0A51F288EFFF 2485056 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2015-01-15 07:19:55 F6ECFD6128A16A4851CFE98D4E01B011 551232 -c--a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2015-01-15 07:19:55 7EC9376D245D734791AD46738712E7D8 473408 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys 2015-01-15 07:19:54 ED54A75050211DC77F9B98C41E026858 86336 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys 2015-01-15 07:19:54 DC64B02CD5E21D16215AC20D393D5CE4 153920 -c--a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2015-01-15 07:19:54 DC1D9F692C2AD84C214584C28501C1F7 24576 ----a-w- C:\WINDOWS\Sysnative\drivers\ndistapi.sys 2015-01-15 07:19:54 B41F3E5780D97CFD44A717153AD9CF2C 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\wanarp.sys 2015-01-15 07:19:54 AD7F69237480F6CB6294EFD9EE4CD04C 428864 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2015-01-15 07:19:54 8CD840A062F6BDF41DDE3ACB96164B72 32256 -c--a-w- C:\WINDOWS\Sysnative\drivers\kbdhid.sys 2015-01-15 07:19:54 7AA01AB1C110916825E6E1389F1B9AF2 39744 -c--a-w- C:\WINDOWS\Sysnative\drivers\intelpep.sys 2015-01-15 07:19:54 715ABA3DD164D06457A2A3C92F6EA9D5 136512 ----a-w- C:\WINDOWS\Sysnative\drivers\wfplwfs.sys 2015-01-15 07:19:54 5FCBAB60598AE119E02B4C27DE6B99EA 30208 -c--a-w- C:\WINDOWS\Sysnative\drivers\mouhid.sys 2015-01-15 07:19:54 5917AFE4A3F695A54B99C1849C8207FE 59712 -c--a-w- C:\WINDOWS\Sysnative\drivers\kbdclass.sys 2015-01-15 07:19:54 49EE0AE9E5B64FFBBD06D55C4984B598 108544 -c--a-w- C:\WINDOWS\Sysnative\drivers\i8042prt.sys 2015-01-15 07:19:54 3EE5097945A7F680E320953271EB2D4F 96768 ----a-w- C:\WINDOWS\Sysnative\drivers\agilevpn.sys 2015-01-15 07:19:54 389C998C64319CD97625B0550E52ECFA 58176 ----a-w- C:\WINDOWS\Sysnative\drivers\dam.sys 2015-01-15 07:19:54 27FF998504DEF8D29A771FBB41707C5E 238912 -c--a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2015-01-15 07:19:54 1BD3022FD6E450B00DE560265638FD2A 112640 ----a-w- C:\WINDOWS\Sysnative\drivers\rasl2tp.sys 2015-01-15 07:19:54 148195AE95D9BC7375A08846439FDAC1 26112 -c--a-w- C:\WINDOWS\Sysnative\drivers\sermouse.sys 2015-01-15 07:19:54 0BBE2FA30BAD58C9ADC01E4F84A3D2A1 72192 ----a-w- C:\WINDOWS\Sysnative\drivers\ndproxy.sys 2015-01-15 07:19:54 08374E4E5B8914DE6067CBA99F61E930 51008 -c--a-w- C:\WINDOWS\Sysnative\drivers\mouclass.sys 2015-01-15 06:45:19 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf 2015-01-15 05:06:56 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2015-01-14 22:26:39 8DF1254093B5C354CE725EB6B9B0DE19 146752 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys 2015-01-14 22:23:06 65ED7B9CFEA893DF7748D5FF692690DE 38912 ----a-w- C:\WINDOWS\Sysnative\drivers\vwifimp.sys 2015-01-14 22:23:06 35BF5C5F5E3C9902C98978C7640574DA 71680 ----a-w- C:\WINDOWS\Sysnative\drivers\vwififlt.sys 2015-01-14 22:08:35 F7F20DFE87C425221D8FCE77C5ED46AC 79192 ----a-w- C:\WINDOWS\Sysnative\drivers\bdvedisk.sys 2015-01-14 21:09:03 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf 2015-01-14 21:08:59 3701D3BF4AC12EAACB1F58847C1D32FC 23568 ----a-w- C:\WINDOWS\Sysnative\drivers\bdelam.sys 2015-01-14 21:08:56 9FDA6E9379C3434625B06B192E37C1B6 82824 ----a-w- C:\WINDOWS\Sysnative\drivers\bdsandbox.sys 2015-01-14 21:08:56 5CE1C5BB9ABAC8871D39E7AEBD127797 98768 ----a-w- C:\WINDOWS\Sysnative\drivers\bdfndisf6.sys 2015-01-14 21:08:54 70CCDD9BCBAA5A918A7D135E28A824E2 1288472 ----a-w- C:\WINDOWS\Sysnative\drivers\avc3.sys 2015-01-14 21:08:54 0956716D5565680DC83992C11BBDB2C2 647752 ----a-w- C:\WINDOWS\Sysnative\drivers\avckf.sys 2015-01-14 19:56:57 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys 2015-01-14 19:56:57 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\WINDOWS\Sysnative\drivers\WdNisDrv.sys 2015-01-14 19:56:57 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys 2015-01-14 19:47:43 DB32958F0E704EFBF7F15161A569E39F 140800 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2015-01-14 19:47:21 66732C13628BDB1AB0D6FD46027327C2 148800 -c--a-w- C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS 2015-01-14 19:46:34 F0CB6DB513CAC393D04A0FCE0A59E1BF 75776 ----a-w- C:\WINDOWS\Sysnative\drivers\ahcache.sys 2015-01-14 08:40:24 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf 2015-01-14 08:21:54 D2B8A95B6DEC1625A15B03B5F4D373FC 11776 ----a-w- C:\WINDOWS\Sysnative\drivers\PELVENDR.SYS 2015-01-14 08:21:54 ADC5D126ABAB5AB5B806AE32B12125E7 34816 ----a-w- C:\WINDOWS\Sysnative\drivers\pelusblf.sys 2015-01-14 08:21:54 50AD172D2DDF898FC1705199B60C3264 23040 ----a-w- C:\WINDOWS\Sysnative\drivers\PELMOUSE.SYS 2015-01-14 08:21:53 F82E16FF000D9A514A71AE5A2C19BB86 16384 ----a-w- C:\WINDOWS\Sysnative\drivers\PELBTM.SYS 2015-01-14 08:21:53 D1BF079D549202478E22106C0E3FEE4D 12288 ----a-w- C:\WINDOWS\Sysnative\drivers\pvendrlf.SYS 2015-01-14 08:21:53 BB5E1FC2992772CA90EDDA97B3388B52 34816 ----a-w- C:\WINDOWS\Sysnative\drivers\phidmice.SYS 2015-01-14 08:21:53 589AC4E13A33084FAA4E5E3563B01920 23040 ----a-w- C:\WINDOWS\Sysnative\drivers\pmouself.SYS 2015-01-14 08:21:53 26B7929870C50506D76BC2A7523B3F2F 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\PELMOUBT.SYS 2015-01-14 07:15:24 F5495B38BFB9149925F54F65AB40EFBF 342528 ----a-w- C:\WINDOWS\Sysnative\drivers\IntcDAud.sys 2015-01-14 07:14:31 28B356BAB74470786867BF4DC261E17C 329944 ----a-w- C:\WINDOWS\Sysnative\drivers\RtsUVStor.sys 2015-01-14 07:13:29 772A1DEEDFDBC244183B5C805D1B7D85 62784 ----a-w- C:\WINDOWS\Sysnative\drivers\HECIx64.sys 2015-01-14 07:12:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_Kernel_btmaux_01009.Wdf 2015-01-14 07:06:11 DF65E2FEC65DE961C631F3B933B2B4B1 16344 ----a-w- C:\WINDOWS\Sysnative\drivers\IntelMEFWVer.dll ====== C:\WINDOWS\Tasks ====== 2015-02-02 22:07:41 E1AA8D8AC7AF58B0698FBD9B74A4C88A 1092 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-02 22:07:41 C4F5F911843220B2F71A45E6ED876534 3828 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-02-02 22:07:41 B26D29EF28F70E9478FAE16E29E12F76 4064 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-02-02 22:07:41 9A10811E797502A61461B8AA2F69BEF5 1088 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-16 17:52:40 B428E086DC809C0DE8CA043FC067F68D 3316 ----a-w- C:\WINDOWS\Sysnative\Tasks\Dolby Selector 2015-01-15 07:49:55 D8910735536095076EA7BB672EC85C09 2640 ----a-w- C:\WINDOWS\Sysnative\Tasks\Health-Check-auto 2015-01-15 07:49:55 279A01A22B8B7E9086E0BC6A496556F6 378 ----a-w- C:\WINDOWS\Tasks\Health-Check-auto.job 2015-01-15 07:49:54 A012BBDA2C3CDFD76988403562B3536A 2944 ----a-w- C:\WINDOWS\Sysnative\Tasks\Health-Check-deep 2015-01-15 07:49:54 54FFE972752F225BF4A5FCCB9DF5DBCB 2936 ----a-w- C:\WINDOWS\Sysnative\Tasks\Health-Check 2015-01-15 07:49:54 2C064CED38ABD5CC458589848A3E5F11 380 ----a-w- C:\WINDOWS\Tasks\Health-Check-deep.job 2015-01-15 07:49:54 290D08CEEA67FF8F507A173CF038F159 372 ----a-w- C:\WINDOWS\Tasks\Health-Check.job 2015-01-15 00:30:18 97F5E4B349A32211F4BC00FC7E00E230 3718 ----a-w- C:\WINDOWS\Sysnative\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2015-01-14 08:09:57 B7F88A5B294E1D2DCA0F7131D9D008C4 3600 ----a-w- C:\WINDOWS\Sysnative\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3218135916-3078716367-3142756994-1001 2015-01-14 08:00:00 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Intel(R) Small Business Advantage 2015-01-14 07:58:14 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\WPD 2015-01-14 07:21:07 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Intel 2015-01-14 07:20:41 03862D76FCA9E0A489F2899C9588FCBA 2890 ----a-w- C:\WINDOWS\Sysnative\Tasks\StartPowerDVDService 2015-01-14 07:18:26 C436D767580128CD106B26A6BC6A58C5 3148 ----a-w- C:\WINDOWS\Sysnative\Tasks\CLMLSvc 2015-01-14 07:16:17 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\TVT 2015-01-14 07:15:40 -------- d-----w- C:\WINDOWS\Sysnative\Tasks\Lenovo 2015-01-14 07:15:11 1942F3726A5D881DD60FCE3BEE97083F 2996 ----a-w- C:\WINDOWS\Sysnative\Tasks\PMTask ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-02-12 13:42:24 -------- d-----w- C:\Program Files\trend micro 2015-01-31 20:38:08 -------- d-----w- C:\Program Files\SoftEther VPN Client 2015-01-19 17:34:09 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-01-15 05:06:48 -------- d-----w- C:\Program Files\Realtek 2015-01-15 05:05:41 -------- d-----w- C:\Program Files\Intel 2015-01-14 21:05:04 -------- d-----w- C:\Program Files\Bitdefender 2015-01-14 20:43:54 -------- d-----w- C:\Program Files\Common Files\Bitdefender 2015-01-14 19:43:43 -------- d-----w- C:\Program Files\Reference Assemblies 2015-01-14 19:43:43 -------- d-----w- C:\Program Files\MSBuild 2015-01-14 07:21:17 -------- d-----w- C:\Program Files\Common Files\Nitro PDF 2015-01-14 07:14:00 -------- d-----w- C:\Program Files\Intel Corporation 2015-01-14 07:06:51 -------- d-----w- C:\Program Files\Lenovo 2015-01-14 07:05:29 -------- d-----w- C:\Program Files\Common Files\Intel 2015-01-14 07:02:43 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2015-02-07 11:25:26 -------- d-----w- C:\PROGRA~2\Kodi 2015-02-02 22:17:45 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2015-01-19 17:34:09 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2015-01-16 17:52:39 -------- d-----w- C:\PROGRA~2\Dolby Advanced Audio v2 2015-01-16 14:09:59 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel Corporation 2015-01-15 09:13:51 -------- d-----w- C:\PROGRA~2\Canon 2015-01-15 09:12:07 -------- d-----w- C:\PROGRA~2\ScanSoft 2015-01-15 09:12:07 -------- d-----w- C:\PROGRA~2\COMMON~1\ScanSoft Shared 2015-01-15 09:10:50 -------- d-----w- C:\PROGRA~2\ArcSoft 2015-01-15 09:10:07 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2015-01-15 07:49:52 -------- d-----w- C:\PROGRA~2\COMMON~1\Innovative Solutions 2015-01-15 07:49:49 -------- d-----w- C:\PROGRA~2\Innovative Solutions 2015-01-15 07:31:04 -------- d-----w- C:\PROGRA~2\TuneUp Utilities 2011 2015-01-15 06:54:58 -------- d-----w- C:\PROGRA~2\PWGen 2015-01-15 06:49:34 -------- d-----w- C:\PROGRA~2\7-Zip 2015-01-15 05:05:37 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2015-01-14 21:54:16 -------- d-----w- C:\PROGRA~2\Google 2015-01-14 19:43:43 -------- d-----w- C:\PROGRA~2\Reference Assemblies 2015-01-14 19:43:43 -------- d-----w- C:\PROGRA~2\MSBuild 2015-01-14 15:11:41 -------- d-----w- C:\PROGRA~2\Cisco 2015-01-14 08:21:41 -------- d-----w- C:\PROGRA~2\COMMON~1\LENOVO 2015-01-14 07:22:43 -------- d-----w- C:\PROGRA~2\SymSilent 2015-01-14 07:21:17 -------- d-----w- C:\PROGRA~2\Nitro PDF 2015-01-14 07:21:17 -------- d-----w- C:\PROGRA~2\COMMON~1\Nitro PDF 2015-01-14 07:19:53 -------- d-----w- C:\PROGRA~2\SugarSync 2015-01-14 07:18:07 -------- d-----w- C:\PROGRA~2\CyberLink 2015-01-14 07:15:36 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe AIR 2015-01-14 07:15:36 -------- d-----w- C:\PROGRA~2\Adobe 2015-01-14 07:14:38 -------- d-----w- C:\PROGRA~2\Lenovo 2015-01-14 07:06:31 -------- d--h--w- C:\PROGRA~2\Temp 2015-01-14 07:06:31 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information 2015-01-14 07:06:31 -------- d-----w- C:\PROGRA~2\Realtek 2015-01-14 07:06:28 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2015-01-14 07:05:50 -------- d-----w- C:\PROGRA~2\COMMON~1\postureAgent 2015-01-14 07:05:03 -------- d-----w- C:\PROGRA~2\Intel ======= C: ===== 2015-01-14 07:26:03 10FAC3BA91F86DE0145ACFB52D4C9EE6 14 ----a-w- C:\SYSLEVEL.IBM ====== C:\Users\patri_000\AppData\Roaming ====== 2015-02-07 11:34:19 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Kodi 2015-02-06 17:12:19 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Google 2015-02-02 22:17:53 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Mozilla 2015-02-02 22:17:53 -------- d-----w- C:\Users\patri_000\AppData\Local\Mozilla 2015-02-02 22:13:33 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps 2015-02-02 22:07:29 -------- d-----w- C:\Users\patri_000\AppData\Local\Deployment 2015-02-01 23:06:34 12703915BDC68D497E3C778665AE951F 600 ----a-w- C:\Users\patri_000\AppData\Roaming\PUTTY.RND 2015-02-01 23:05:03 -------- d-----w- C:\Users\patri_000\AppData\Local\Isoplex 2015-02-01 23:04:53 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Isoplex 2015-02-01 23:04:53 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Isoplex 2015-02-01 22:57:47 C2A6AF05369B3E90C3FDA3F1DB9E2835 600 ----a-w- C:\Users\patri_000\AppData\Local\PUTTY.RND 2015-01-31 20:43:50 -------- d-----w- C:\Users\patri_000\AppData\Local\Popcorn-Time 2015-01-31 20:43:42 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2015-01-31 20:43:18 -------- d-----w- C:\Users\patri_000\AppData\Local\Popcorn Time 2015-01-31 20:05:33 -------- d-----w- C:\Users\patri_000\AppData\Local\PopcornTimeDesktop 2015-01-16 17:35:56 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Nitro PDF 2015-01-16 14:09:13 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Intel Corporation 2015-01-16 14:06:58 -------- d-----w- C:\Users\patri_000\AppData\Locallow\Intel 2015-01-16 13:59:52 -------- d-----w- C:\Users\patri_000\AppData\Local\Tvsukernel 2015-01-15 09:12:10 -------- d-----w- C:\Users\patri_000\AppData\Roaming\ScanSoft 2015-01-15 09:10:07 -------- d-----w- C:\Users\patri_000\AppData\Roaming\InterTrust 2015-01-15 09:04:28 -------- d-----w- C:\Users\patri_000\AppData\Local\ElevatedDiagnostics 2015-01-15 07:49:53 -------- d-----w- C:\Users\patri_000\AppData\Local\Innovative Solutions 2015-01-15 07:31:08 -------- d-----w- C:\Users\patri_000\AppData\Roaming\TuneUp Software 2015-01-15 06:45:23 -------- d-s---w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2015-01-15 06:22:24 -------- d-sh--w- C:\Users\patri_000\AppData\Locallow\EmieUserList 2015-01-15 06:22:24 -------- d-sh--w- C:\Users\patri_000\AppData\Locallow\EmieBrowserModeList 2015-01-15 06:22:19 -------- d-sh--w- C:\Users\patri_000\AppData\Local\EmieUserList 2015-01-15 06:22:19 -------- d-sh--w- C:\Users\patri_000\AppData\Local\EmieSiteList 2015-01-15 06:22:19 -------- d-sh--w- C:\Users\patri_000\AppData\Local\EmieBrowserModeList 2015-01-15 06:21:16 -------- d-sh--w- C:\Users\patri_000\AppData\Locallow\EmieSiteList 2015-01-15 05:48:55 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Identities 2015-01-15 05:24:30 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Locallow\Microsoft 2015-01-15 05:24:10 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Adobe 2015-01-15 05:23:26 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft 2015-01-15 05:21:31 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2015-01-15 05:21:13 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Intel 2015-01-15 05:21:09 -------- d-s---w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Microsoft 2015-01-15 05:16:53 -------- d-----w- C:\Users\Default\AppData\Roaming\Intel 2015-01-15 05:16:53 -------- d-----w- C:\Users\Default User\AppData\Roaming\Intel 2015-01-15 05:13:26 -------- d-s---w- C:\Users\patri_000\AppData\Roaming\Microsoft 2015-01-15 05:13:26 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-01-15 05:13:26 -------- d-----w- C:\Users\patri_000\AppData\Local\Temp 2015-01-15 05:13:26 -------- d-----w- C:\Users\patri_000\AppData\Local\Microsoft 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-01-15 01:30:17 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\Bitdefender 2015-01-15 01:12:33 -------- d-----w- C:\Users\patri_000\AppData\Local\Spotify 2015-01-15 01:12:00 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Spotify 2015-01-15 00:29:52 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft 2015-01-15 00:25:22 -------- d-s---w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft 2015-01-15 00:19:59 -------- d-----w- C:\Users\patri_000\AppData\Local\Intel 2015-01-15 00:19:35 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Intel WiDi 2015-01-14 22:55:34 -------- d-----w- C:\Users\patri_000\AppData\Local\Lenovo 2015-01-14 22:01:55 -------- d--h--w- C:\Users\patri_000\AppData\Roaming\.Lenovo 2015-01-14 21:54:15 -------- d-----w- C:\Users\patri_000\AppData\Local\Google 2015-01-14 21:53:50 -------- d-----w- C:\Users\patri_000\AppData\Local\Apps 2015-01-14 21:36:52 7077CE2471E52F6F8804291C70DB2774 1723880 ----a-w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2015-01-14 21:07:30 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Bitdefender 2015-01-14 20:35:29 -------- d-sh--w- C:\Users\patri_000\AppData\Roaming\.# 2015-01-14 08:21:38 -------- d-----w- C:\Users\patri_000\AppData\Local\Programs 2015-01-14 08:16:04 -------- d-----w- C:\Users\patri_000\AppData\Local\Adobe 2015-01-14 08:15:12 -------- d-----w- C:\Users\patri_000\AppData\Local\Diagnostics 2015-01-14 08:12:57 -------- d-----w- C:\Users\patri_000\AppData\Roaming\LSC 2015-01-14 08:04:42 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\PnrpSqm 2015-01-14 08:00:42 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Nitro PDF 2015-01-14 08:00:17 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2015-01-14 07:58:32 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Lenovo 2015-01-14 07:58:03 -------- d-----w- C:\Users\patri_000\AppData\Local\Power2Go 2015-01-14 07:57:57 -------- d-----r- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2015-01-14 07:57:57 -------- d-----r- C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-01-14 07:57:55 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Adobe 2015-01-14 07:57:24 -------- d-----w- C:\Users\patri_000\AppData\Local\VirtualStore 2015-01-14 07:57:19 -------- d-s---w- C:\Users\patri_000\AppData\Locallow\Microsoft 2015-01-14 07:57:19 -------- d-----w- C:\Users\patri_000\AppData\Local\Packages 2015-01-14 07:57:14 -------- d-----w- C:\Users\patri_000\AppData\Roaming\Intel ====== C:\Users\patri_000 ====== 2015-02-12 13:41:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\patri_000\Downloads\RSITx64.exe 2015-02-11 09:08:59 8584F3FBB04BD3CF9064E38BBFB76C69 476227 ----a-w- C:\ProgramData\1423645580.bdinstall.bin 2015-02-11 09:07:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 2015-02-08 17:11:49 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\patri_000\Downloads\adwcleaner_4.110.exe 2015-02-08 12:07:11 F1FD30549D19958FFF6F5D37DF9EC7FF 2417212 ----a-w- C:\Users\patri_000\Downloads\BubbleUPnPServer-installer.exe 2015-02-07 11:23:42 BAD4FF4D81E4865ADDB09F58692308BD 71128407 ----a-w- C:\Users\patri_000\Downloads\kodi-14.1-Helix.exe 2015-02-02 22:32:46 C132AC1946DCDFFD6C62E9D87EEA2659 2725992 ----a-w- C:\Users\patri_000\Desktop\psiphon3.exe 2015-02-02 22:17:46 -------- d-----w- C:\ProgramData\Mozilla 2015-02-02 22:08:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-02 19:01:18 5605F1FEB98A4830DCEC4B7B39AEBDC5 2723944 ----a-w- C:\Users\patri_000\Documents\psiphon3.exe 2015-01-31 20:38:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client 2015-01-29 18:00:00 -------- d-----w- C:\WINDOWS\serviceprofiles\Localservice\winhttp 2015-01-19 17:34:10 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-01-18 11:02:20 -------- d-----w- C:\Users\Public\CyberLink 2015-01-16 17:52:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2015-01-16 14:09:10 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\Intel 2015-01-16 14:09:05 -------- d-----w- C:\Users\patri_000\Intel 2015-01-15 09:12:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0 2015-01-15 09:10:56 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5 2015-01-15 09:09:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon 2015-01-15 07:49:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 2015-01-15 07:49:53 -------- d-----w- C:\ProgramData\Innovative Solutions 2015-01-15 07:24:22 -------- d-----w- C:\ProgramData\TuneUp Software 2015-01-15 06:54:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen 2015-01-15 06:49:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-01-15 05:52:50 -------- d---a-w- C:\Users\patri_000\OneDrive 2015-01-15 05:48:41 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\patri_000\ntuser.ini 2015-01-15 05:16:53 -------- d-----w- C:\Users\Default\Roaming 2015-01-15 05:13:26 -------- d--h--w- C:\Users\patri_000\AppData 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\Favorites 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\Documents 2015-01-15 05:13:26 -------- d-----r- C:\Users\patri_000\Desktop 2015-01-15 00:30:18 -------- d-----w- C:\ProgramData\Intel(R) Update Manager 2015-01-14 21:09:55 F9AB919A23A148A1E290D177C8393616 579520 ----a-w- C:\ProgramData\1421269395.bdinstall.bin 2015-01-14 21:05:05 -------- d-----w- C:\ProgramData\Bitdefender 2015-01-14 18:27:15 -------- d-sh--w- C:\Users\patri_000\IntelGraphicsProfiles 2015-01-14 15:11:58 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2015-01-14 08:22:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mouse Suite 2015-01-14 07:57:57 -------- d-----r- C:\Users\patri_000\Searches 2015-01-14 07:57:57 -------- d-----r- C:\Users\patri_000\Contacts 2015-01-14 07:55:45 -------- d-----w- C:\Users\patri_000\Roaming 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Videos 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Saved Games 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Pictures 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Music 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Links 2015-01-14 07:55:45 -------- d-----r- C:\Users\patri_000\Downloads 2015-01-14 07:49:36 -------- d--h--r- C:\Users\Public\AccountPictures 2015-01-14 07:21:39 -------- d-----w- C:\Users\Public\Documents\UserGuides 2015-01-14 07:21:17 -------- d-----w- C:\ProgramData\Nitro PDF 2015-01-14 07:20:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center 2015-01-14 07:19:19 -------- d-----w- C:\ProgramData\install_clap 2015-01-14 07:18:27 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create 2015-01-14 07:17:44 -------- d-----w- C:\ProgramData\CLSK 2015-01-14 07:17:43 -------- d-----w- C:\ProgramData\CyberLink 2015-01-14 07:17:42 -------- d-----w- C:\ProgramData\Temp 2015-01-14 07:15:36 -------- d-----w- C:\ProgramData\Adobe 2015-01-14 07:15:07 -------- d--h--r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools 2015-01-14 07:15:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-01-14 07:14:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation 2015-01-14 07:12:58 -------- d---a-w- C:\ProgramData\Lenovo 2015-01-14 07:07:29 -------- d-----w- C:\Users\Public\Roaming 2015-01-14 07:07:29 -------- d-----w- C:\ProgramData\Roaming 2015-01-14 07:07:07 -------- d-----w- C:\ProgramData\Intel.sav 2015-01-14 07:06:48 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\ProgramData\DP45977C.lfl 2015-01-14 07:05:51 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-01-14 07:05:35 -------- d-----w- C:\ProgramData\Intel ====== C: exe-files == 2015-02-12 13:42:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\patri_000.exe 2015-02-12 13:41:30 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\patri_000\Downloads\RSITx64.exe 2015-02-11 11:13:35 83A2377B44FF824A120C54BB78C79E5B 302672 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdreinit.exe 2015-02-11 11:13:31 F94C4F57BA07A700699AACD296BFA86C 765648 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdsubwiz.exe 2015-02-11 11:13:28 1F88B356918B155F76D875B63FF411BF 25632 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdtkexec.exe 2015-02-11 09:07:23 28D92AB4DD2BED263EE61EEA791346C4 3309376 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\support.exe 2015-02-11 09:07:21 AA0DC27AC57F85F6A41B09DF8C08CE4C 213056 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalregui.exe 2015-02-11 09:07:21 7C4E3A67DD06C2D2F056AC417E180C42 77120 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\lspregistration.exe 2015-02-11 09:07:21 273324628C00B068A32ED192B40F6367 117272 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalsystray.exe 2015-02-11 09:07:21 2160CC2226BCA7B77DC8D1D9E9647771 25632 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\mitm_install_tool_pc.exe 2015-02-11 09:07:21 1E20AEB58EB2D2DF3D43E255771079D7 78144 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe 2015-02-11 09:07:20 D4CA12AB615F99BC1A934E4CAA5B05A9 26704 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\snetcfg.exe 2015-02-11 09:07:20 C1C2C9231EBD263DB9C4F34DBB080B32 67320 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe 2015-02-11 09:07:20 94A2A6ADF1A627A07F4572AD0A5C9BAE 305792 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\wscfix.exe 2015-02-11 09:07:20 1DABB1774580AA6EADA9F34D035164BF 1545376 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe 2015-02-11 09:07:19 914C0436D373C4D1CB64B342F7FA0BF4 146864 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\support\tools\sysdump.exe 2015-02-11 09:07:19 6C2ED1CE34DE7C8F54B90F0AE2EFE880 23552 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\st_launcher.exe 2015-02-11 09:07:19 0E000170530E8C85C2C87C7CA208F04C 568912 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\supporttool.exe 2015-02-11 09:07:17 36AFC08FC79337C92B87930BC1EC1F94 52304 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\signcheck.exe 2015-02-11 09:07:16 EFD70EFF466215678ACC6797056AE630 434000 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\downloader.exe 2015-02-11 09:07:16 C9A5E82CED4ED6FCE458617E941163A3 277416 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\savesettings.exe 2015-02-11 09:07:16 C4358CABF54BCB880510B567ED3DFFE5 321176 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\installer\installer.exe 2015-02-11 09:07:16 B2510D367A9FF806DF885C4ED6F4F218 802728 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\odscanui.exe 2015-02-11 09:07:16 A950283B63CBD96BC2071DB3F08C3FC5 1322360 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\seccenter.exe 2015-02-11 09:07:16 9FAC7D0BD4777F377FF689D7CC61CC05 1140056 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\installer\genptch.exe 2015-02-11 09:07:16 3701CA61CD9D49816093DADDEC0D79BC 700728 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\odsw.exe 2015-02-11 09:07:16 29D61BD7F6A7200963AF6740E4785337 540584 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\odslv.exe 2015-02-11 09:07:16 1FAB2BB511C39BE64B4858ED94C1A8B5 168760 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\ejectcdtray.exe 2015-02-11 09:07:16 17AE15CE994F99DD20D3FEF08A58E60E 27680 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\mitm_install_tool.exe 2015-02-11 09:07:16 137DD6C7F49B264EB109DEAFD4DBA401 532368 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\integratedsupport.exe 2015-02-11 09:07:15 EC94A8693976104273CCD040C0727325 35920 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxieimp.exe 2015-02-11 09:07:15 8B9373C58CEC9DBF419006F79138C2B1 394824 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bootlauncher.exe 2015-02-11 09:07:15 47B1ECA46EF5B42181B284374D9F393D 790880 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe 2015-02-11 09:07:15 449191E9995E8E092220C8671553E6AF 132192 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\certutil.exe 2015-02-11 09:07:15 3A10385A85747595E6192C21E2815F30 26656 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\cleanielow.exe 2015-02-11 09:07:15 244A1398222BFC5AB1DF32AC420A8981 885104 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bootoptimizer.exe 2015-02-11 09:07:15 1CA3C56A7BAFD2D074D1B518522F0470 1130792 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcon.exe 2015-02-11 09:07:15 0E5FF5BAE3123621F5EB2564A5AC0662 351088 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxcr.exe 2015-02-11 09:07:14 F1FD845EF023A7A4FDABBEDCAA038C04 496312 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obkch.exe 2015-02-11 09:07:14 F062CCF5AD58EBA4763948FF8018109F 207376 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdsurvey.exe 2015-02-11 09:07:14 D40B715A989A9F127C49E233DF5ADBFC 2661336 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obk.exe 2015-02-11 09:07:14 CAEEC3FBCE5D543631E2FE34F22F2624 288240 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\obkagent.exe 2015-02-11 09:07:14 B1E8C7117A83AB49C029F6F444CE9320 760528 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdsubwiz.exe 2015-02-11 09:07:14 AA4F526090730344C2DA898D794640A5 32312 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdlaunch.exe 2015-02-11 09:07:14 9733DEB7B619D5C56C001F86DC5B3132 371688 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdreinit.exe 2015-02-11 09:07:14 8FBA07BBCB197646ECB5E475C89A89DF 1686480 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe 2015-02-11 09:07:14 7B4CD013068770128B40818E7D10A6B3 83800 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\avchvinst.exe 2015-02-11 09:07:14 3BA050B88E897E701C2DCF00E5E0BB5D 449968 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwizreg.exe 2015-02-11 09:07:14 3A4D7D545B8F890356AECC31A8677E64 1350176 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdtpwiz.exe 2015-02-11 09:07:14 09F9310C1FAB91B77A0B78921243E23F 968576 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdfvwiz.exe 2015-02-11 09:07:14 08E6840CA0F2F5DDB4C8905F46FC5928 24064 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\avinfo.exe 2015-02-11 09:07:14 030327B2053F0AF024361C2FA3EFC267 71976 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdsandbox_svchost.exe 2015-02-11 09:07:13 B07A88F0C77CD5D59AFD99983ED18FC0 568912 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxffimp.exe 2015-02-11 09:07:13 8C837B958EE9B85BB2566ABD416F36E3 281048 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe 2015-02-11 09:07:12 4E7B304B008D75B380C151A110226EA4 469008 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\about.exe 2015-02-11 09:07:11 B8AF9F0424F32BF856547FE1432E2C56 71248 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\setloadorder.exe 2015-02-11 09:07:11 564DA2CE0C93D2E65DA0981B48D7FD24 74000 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\driverctrl.exe 2015-02-11 09:07:11 40AE67FF0E16D4AF1E58449938131F2B 50768 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\deloeminfs.exe 2015-02-11 09:07:05 F9DFE4A6BE9E2D1290C339DD1A9CB24F 88968 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\bdrescue\bdrinstall.exe 2015-02-11 09:07:05 5F7856850140293766FC53A15246B9AD 50328 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Threat Scanner\gc.exe 2015-02-11 07:26:09 8076BB31004C1D763D5D4AEF9F0BDD4B 718848 ----a-w- C:\Windows\System32\ie4uinit.exe 2015-02-11 07:26:06 3A620A263DA883515786E68BE3CE23AA 7472960 ----a-w- C:\Windows\System32\ntoskrnl.exe 2015-02-11 07:26:02 B62B7F2ACDEDF61F4DAA1FF2A6BB247A 67240 ----a-w- C:\Windows\System32\CompatTel\diagtrackrunner.exe 2015-02-09 07:50:09 B6BA84F908867EC75F99104C1D1F285A 41968 ----a-w- C:\Program Files (x86)\Lenovo\System Update\ConfigService.exe 2015-02-09 07:50:09 1DF68711507D486946FCB58BDE5FE2FF 49648 ----a-w- C:\Program Files (x86)\Lenovo\System Update\SUService.exe 2015-02-08 17:11:49 B5998562E394D9DB672D012D4E670790 2112512 ----a-w- C:\Users\patri_000\Downloads\adwcleaner_4.110.exe 2015-02-08 12:07:11 F1FD30549D19958FFF6F5D37DF9EC7FF 2417212 ----a-w- C:\Users\patri_000\Downloads\BubbleUPnPServer-installer.exe 2015-02-07 11:25:40 ACCEB60D9DF5CA8876477D1E76F410B3 444603 ----a-w- C:\Program Files (x86)\Kodi\Uninstall.exe 2015-02-07 11:23:42 BAD4FF4D81E4865ADDB09F58692308BD 71128407 ----a-w- C:\Users\patri_000\Downloads\kodi-14.1-Helix.exe 2015-02-06 17:12:19 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe 2015-02-06 17:12:19 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe 2015-02-06 17:12:19 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe 2015-02-06 17:12:19 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe 2015-02-06 17:12:19 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe 2015-02-06 17:12:19 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe 2015-02-06 17:12:19 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe 2015-02-06 17:12:19 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe 2015-02-06 17:12:18 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Install\{ACA4A538-A5E3-41D0-B611-282EF263E7E7}\GoogleUpdateSetup.exe 2015-02-06 17:12:18 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe 2015-02-05 23:12:43 1F9A2717F6C6D3440B1F4A59FF96C708 1043024 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe === C: other files == 2015-02-11 11:13:36 D0B093DDF5FD05E4D0109159E9153A52 263032 ----a-w- C:\Windows\System32\drivers\avchv.sys 2015-02-11 11:13:36 C8B54E81501386A91B0E0BD596965C9B 155912 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\gzflt.sys 2015-02-11 09:07:23 F7F20DFE87C425221D8FCE77C5ED46AC 79192 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdvedisk.sys 2015-02-11 09:07:23 3701D3BF4AC12EAACB1F58847C1D32FC 23568 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdelam.sys 2015-02-11 09:07:20 C0247341C1BCD7FF2742821D0AD7AFBC 121928 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys 2015-02-11 09:07:20 5CE1C5BB9ABAC8871D39E7AEBD127797 98768 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys 2015-02-11 09:07:14 EE2A4C551270A5608A2F230C81306DF5 31870 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtecr.crx 2015-02-11 09:07:14 D0B093DDF5FD05E4D0109159E9153A52 263032 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\avchv.sys 2015-02-11 09:07:14 8E36BAD24C8961A8895C2B5F6C6BCC3E 1260120 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\avc3.sys 2015-02-11 09:07:14 0956716D5565680DC83992C11BBDB2C2 647752 ----a-w- C:\Program Files\Bitdefender\Bitdefender 2015\avckf.sys 2015-02-11 09:07:11 923E8216382E2F64EC8AADBA3C2CFFEE 107008 ----a-w- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys 2015-02-11 09:06:53 C8B54E81501386A91B0E0BD596965C9B 155912 ----a-w- C:\Windows\System32\drivers\gzflt.sys 2015-02-11 09:06:53 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\Windows\System32\drivers\trufos.sys 2015-02-11 07:26:04 3930E508DDA46C1FF68FD963F350AA0A 563504 ----a-w- C:\Windows\System32\drivers\cng.sys 2015-02-11 07:26:04 15C8C65CEA018C02EA0F648448C491C5 177984 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2015-02-11 07:25:28 E6905909E7334990033CFDAF56920004 4175872 ----a-w- C:\Windows\System32\win32k.sys 2015-02-10 21:26:09 1BD085A0F3CDBD74D6C27A5927CCDE77 30524 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.module.beautifulsoup-3.2.1.zip 2015-02-10 21:26:07 900F0B1893249D71FCEA78885270F62C 58109 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\service.subtitles.nlondertitels-1.0.1.zip 2015-02-10 21:25:59 99FCD401225EDD3DEB6A0E8E7649F0DD 25323 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\service.subtitles.opensubtitles-5.0.11.zip 2015-02-10 21:20:16 AAE5F9F13F0837D1C3A82FD6D7ACA2EF 197691 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\weather.yahoo-3.0.5.zip 2015-02-10 20:36:06 25C0C2AD3C32781E21C8F6131076EFB6 86701 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.module.beautifulsoup4-4.3.2.zip 2015-02-10 20:36:05 1A95AA6D60A4D7FBF69115C63626468B 886555 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.tvtunes-4.6.6.zip 2015-02-10 20:36:03 CB9488541061051262E8A136F5FE3788 1041441 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.tv.show.next.aired-6.0.13.zip 2015-02-10 20:36:03 5EC8957C1BA7C1C927026AA1A2C14761 17901 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.randomandlastitems-2.2.2.zip 2015-02-10 20:36:01 7E878AC89C15877C5A23B07AA9C88F9F 94475 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.favourites-6.0.1.zip 2015-02-10 20:36:00 BD6E07A3DFA0A44A690210CB2ECBA4B5 58019 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.common.plugin.cache-2.5.5.zip 2015-02-10 20:35:59 29FAD224E58442D28BAC1776772942E8 573297 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.artwork.downloader-12.0.29.zip 2015-02-10 20:35:58 3D1DA8010955BA2D67CBE6D9D666EFD7 54978 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.module.simplejson-3.3.0.zip 2015-02-10 20:35:57 1B0BA47D32AFC555AE9E0AE1B845B2FC 463886 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.module.requests-2.4.3.zip 2015-02-10 20:35:56 9198FFE4D9CC49248F5345628FCDC9BE 248799 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\script.artistslideshow-1.8.2.zip 2015-02-10 20:35:01 8BDDC9FCE83180DEC3A796E4E5993312 87794758 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\skin.back-row-6.0.5.zip 2015-02-07 11:34:33 B34F2E8E4AC99BBF27F4A48E588AE778 80219 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\metadata.album.universal-2.3.1.zip 2015-02-07 11:34:33 A9570F356690C1C85A6205E2ACC43862 62721 ----a-w- C:\Users\patri_000\AppData\Roaming\Kodi\addons\packages\metadata.musicvideos.theaudiodb.com-1.2.7.zip ======== System Restore Points ======== RP7: 31/01/2015 20:09:16 - After installing Advanced Uninstaller PRO RP8: 2/02/2015 0:04:35 - Installed Isoplex RP9: 5/02/2015 22:35:34 - Windows Update RP10: 7/02/2015 12:25:57 - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 RP11: 7/02/2015 12:26:17 - DirectX is geďnstalleerd. RP12: 11/02/2015 8:26:18 - Windows Update RP13: 12/02/2015 18:08:22 - zoek.exe restore point ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3218135916-3078716367-3142756994-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" "Spotify Web Helper"="C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "Power Manager Startup Utility"="C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe" "OpwareSE2"="C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" "OPSE reminder"="C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe -r C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" "Spotify Web Helper"="C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "Skd8821"="C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe" "ALCKRESI.EXE"="C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE" "LENOVO.TPKNRRES"="C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe" "Daemon for Mouse Suite"="C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 30" "PasswordManager"="C:\Program Files\Lenovo\Password Manager\password_manager.exe" "BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp" "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60" "SoftEther VPN Client UI Helper"="C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /uihelp" "Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" ==== Startup Folders ====================== 2015-01-31 20:38:19 2022 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2015 23:07] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2015 23:07] C:\WINDOWS\tasks\Health-Check-auto.job --a-------- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [] C:\WINDOWS\tasks\Health-Check-deep.job --a-------- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [] C:\WINDOWS\tasks\Health-Check.job --a-------- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CLMLSvc" [C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe] "C:\WINDOWS\SysNative\tasks\Dolby Selector" [C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Health-Check" [C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe] "C:\WINDOWS\SysNative\tasks\Health-Check-auto" [C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe] "C:\WINDOWS\SysNative\tasks\Health-Check-deep" [C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\WSCStub.exe"] "C:\WINDOWS\SysNative\tasks\PMTask" [C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe] "C:\WINDOWS\SysNative\tasks\StartPowerDVDService" ["C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"] "C:\WINDOWS\SysNative\tasks\Intel\Intel Service Manager" ["C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program" ["%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Customer Feedback Program 64 35" ["%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe"] "C:\WINDOWS\SysNative\tasks\Lenovo\Lenovo Solution Center Launcher" [%programfiles%\lenovo\lenovo solution center\App\LSCService.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Lenovo Solution Center Notifications" [%programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\LSCHardwareScan" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\RebootCountTask" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount] "C:\WINDOWS\SysNative\tasks\Lenovo\LSC\Time72Task" ["C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe] "C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe] "C:\WINDOWS\SysNative\tasks\TVT\TVSUUpdateTask" ["C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "bdwteff@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff" [31/10/2014 07:47] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{F74D5734-46F5-4B16-96F0-1E7FBF41B750}"="C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12" [14/01/2015 09:31] ==== Firefox Extensions ====================== ProfilePath: C:\Users\PATRI_~1\AppData\Roaming\Mozilla\Firefox\Profiles\qwm14hp7.default - Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff - Undetermined - client@anonymox.net - Undetermined - bdwteff@bitdefender.com - anonymoX - %ProfilePath%\extensions\client@anonymox.net.xpi - Dark YouTube Theme - %ProfilePath%\extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fabcmochhfpldjekobfaaggijgohadih - No path found[] lpdfbkehegfmedglgemnhbnpmfmioggj - No path found[] Google Slides - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Drive - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Cast - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd Translator - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceppdlokdegnikoobnnemniielappbmc selector is not a valid CSS selector - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Videostream for Google Chromecast™ - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl Google Search - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Christmas Lights Theme - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dojhihmbofgblnnjkgilnggdbkabdpbf Gmail Offline - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk Bitdefender Wallet - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih Google Sheets - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap HTTPS Everywhere - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp Full Movies - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcnklkphpkeohjnlnmcpnbeboidifemk Flash Player - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdpbajmogfhlafbipjjklkdhloplicgc ThinkVantage Password Manager - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj Google Wallet - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://msn.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://msn.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {F560F1DC-0E47-4B71-A3E2-7194B1B63131} Unknown Url="Not_Found" ==== Reset Google Chrome ====================== C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3218135916-3078716367-3142756994-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F560F1DC-0E47-4B71-A3E2-7194B1B63131} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\patri_000\Desktop\Advanced Uninstaller PRO 11.lnk - C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe C:\Users\patri_000\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\patri_000\Desktop\Kodi.lnk - C:\Program Files (x86)\Kodi\Kodi.exe C:\Users\patri_000\Desktop\Media Servers\Isoplex.lnk - C:\Users\patri_000\AppData\Roaming\Isoplex\Isoplex\Isoplex.exe C:\Users\patri_000\Desktop\Media Servers\Popcorn Time.lnk - C:\Users\patri_000\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe . C:\Users\patri_000\Desktop\Media Servers\Spotify.lnk - C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe C:\Users\patri_000\Desktop\Technische software\Acrobat Reader 5.0.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\Users\patri_000\Desktop\Technische software\Advanced Uninstaller PRO 11.lnk - C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe C:\Users\patri_000\Desktop\Technische software\Bitdefender Internet Security 2015.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\bdagent.exe /seccenter C:\Users\patri_000\Desktop\Technische software\CanoScan Toolbox 4.9.lnk - C:\Program Files (x86)\Canon\CanoScan Toolbox Ver4.9\CSTBox.exe C:\Users\patri_000\Desktop\Technische software\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\patri_000\Desktop\Technische software\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\patri_000\Desktop\Technische software\Manual CanoScan LiDE 60.lnk - C:\Program Files (x86)\Canon\CanoScan LiDE 60\CanoScan.htm C:\Users\patri_000\Desktop\Technische software\PWGen.lnk - C:\Program Files (x86)\PWGen\PWGen.exe C:\Users\patri_000\Desktop\Technische software\SHAREit.lnk - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe C:\Users\patri_000\Desktop\Technische software\Start Emsisoft Emergency Kit.lnk - C:\EEK\bin\a2emergencykit.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Bitdefender Internet Security 2015.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\bdagent.exe /seccenter C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe ==== shortcuts in Users Start Menu ====================== C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk - C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Videostream for Google Chromecast™.lnk - C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Isoplex\Isoplex.lnk - C:\Users\patri_000\AppData\Roaming\Isoplex\Isoplex\Isoplex.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Isoplex\Uninstall.lnk - C:\Windows\SysWOW64\msiexec.exe /x {23487FCF-0122-435B-8182-620552C22981} C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\patri_000\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe . C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\patri_000\AppData\Local\Popcorn Time\Uninstall.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\AcroRd32.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 11.lnk - C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk - C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Cloud Storage by SugarSync.lnk - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Slim USB Keyboard.lnk - C:\Program Files (x86)\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe -show C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 7.lnk - C:\windows\Installer\{31553BDE-BCDF-487A-8EFE-A911DA3D13DB}\Professional.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO\Advanced Uninstaller PRO 11.lnk - C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO\Uninstall.lnk - C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5\PhotoStudio 5.5.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio 5.5\PhotoStudio.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5\ReadMe.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio 5.5\readme.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5\Registratie.lnk - C:\Program Files (x86)\ArcSoft\PhotoStudio 5.5\SUPPORT\Registration\registration.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Bitdefender Internet Security 2015.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\bdagent.exe /seccenter C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Bitdefender Safepay.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\antispam32\obk.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Help.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\support\offlinemanual\html\index.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Herstellen of de-installeren.lnk - C:\Program Files (x86)\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\installer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015\Leesmij.lnk - C:\Program Files (x86)\Bitdefender\Bitdefender 2015\_enHTML\readme.html C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\CanoScan LiDE 60\Manual CanoScan LiDE 60 Uninstall.lnk - C:\Program Files (x86)\InstallShield Installation Information\{23B72D50-1C7E-491C-8086-9E060051D316}\Setup.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\CanoScan LiDE 60\Manual CanoScan LiDE 60.lnk - C:\Program Files (x86)\Canon\CanoScan LiDE 60\CanoScan.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\CanoScan Toolbox 4.9\CanoScan Toolbox 4.9 verwijderen.lnk - C:\Program Files (x86)\InstallShield Installation Information\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}\Setup.exe anything C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\CanoScan Toolbox 4.9\CanoScan Toolbox 4.9.lnk - C:\Program Files (x86)\Canon\CanoScan Toolbox Ver4.9\CSTBox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\CanoScan Toolbox 4.9\Leesmij.lnk - C:\WINDOWS\system32\NOTEPAD.EXE "C:\Program Files (x86)\Canon\CanoScan Toolbox Ver4.9\README.TXT" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\ScanGear Starter\Installatie van ScanGear Starter ongedaan maken.lnk - C:\Program Files (x86)\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\Setup.exe anything C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon\ScanGear Starter\ScanGear Starter.lnk - C:\WINDOWS\twain_32\CNQSG\SGST.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Demo.lnk - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4d.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Profile.lnk - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4e.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel Control Center.lnk - C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Management Engine Components\Intel(R) Management and Security Status.lnk - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Update Manager\Intel(R) Update Manager.lnk - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --showui C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation\Intel(R) WiDi\Intel(R) WiDi.lnk - C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Advanced Statistics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Advanced Statistics C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Event Viewer.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Event Viewer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Manual Diagnostics.lnk - C:\Program Files (x86)\Common Files\Intel\WirelessCommon\imFrmwrk.exe /sf Wireless Diagnostics C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Auto Lock.lnk - C:\Program Files\Lenovo\AutoLock\AutoLock.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power Manager.lnk - C:\Program Files (x86)\Lenovo\PowerMgr\PWMUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\SHAREit.lnk - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\System Update.lnk - C:\Program Files (x86)\Lenovo\System Update\tvsu.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\View Management Utility.lnk - C:\Program Files\Lenovo\View Management Utility\ViewManagement.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Mouse Suite\Mouse Suite.lnk - C:\Program Files (x86)\Lenovo\Lenovo Mouse Suite\PELMICED.EXE LaunchUI C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo QuickLaunch.lnk - C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo Solution Center.lnk - C:\Program Files (x86)\Lenovo\Lenovo Solution Center\LSC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Lenovo User Guide.lnk - C:\ProgramData\Lenovo\userguides\viewer\LenovoUserGuide.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Power Manager.lnk - C:\Program Files (x86)\Lenovo\PowerMgr\PWMUI.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\System Update.lnk - C:\Program Files (x86)\Lenovo\System Update\tvsu.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\View Management Utility.lnk - C:\Program Files\Lenovo\View Management Utility\ViewManagement.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools\Warranty Information.lnk - C:\Program Files (x86)\Lenovo\Warranty Viewer\WarrantyViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\PowerDVD Create.lnk - C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\PowerDVD.lnk - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\CyberLink PowerProducer 5.5\CyberLink PowerProducer 5.5.lnk - C:\Program Files (x86)\CyberLink\PowerProducer\Producer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\Power2Go\ISO Viewer.lnk - C:\Program Files (x86)\CyberLink\Power2Go\IsoViewer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerDVD Create\Power2Go\Power2Go.lnk - C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen\PWGen.lnk - C:\Program Files (x86)\PWGen\PWGen.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen\Uninstall PWGen.lnk - C:\Program Files (x86)\PWGen\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen\User Manual.lnk - C:\Program Files (x86)\PWGen\manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0\OmniPage SE.lnk - C:\WINDOWS\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\_EFD9081D7444_4E05_8D70_F72696432A51.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0\Scanner Wizard.lnk - C:\WINDOWS\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\_EFD9081D7444_4E05_8D70_F72696432A51.exe /w /a [OmniPage SE 2.0] /l [eng] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0\Manual\Benutzerhandbuch.lnk - C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\Guide GER.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0\Manual\Manuale d’uso.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 2.0\Manual\User’s Guide.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Manage Remote Computer's SoftEther VPN Client.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe /remote C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\SoftEther VPN Client Manager.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\SoftEther VPN Command Line Utility (vpncmd).lnk - C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Administrative Tools\Debugging Information Collecting Tool.lnk - C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe /debug C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Administrative Tools\Easy Installer Creator.lnk - C:\Program Files\SoftEther VPN Client\vpnsetup.exe /easy:true C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Administrative Tools\Network Traffic Speed Test Tool.lnk - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /traffic C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Administrative Tools\Web Installer Creator.lnk - C:\Program Files\SoftEther VPN Client\vpnsetup.exe /web:true C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Configuration Tools\Services Running on this Computer.lnk - C:\Windows\System32\services.msc C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Configuration Tools\TCP Optimization Utility.lnk - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe /tcp C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Configuration Tools\Uninstall SoftEther VPN Client.lnk - C:\Program Files (x86)\SoftEther VPN Client\vpnsetup.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client\Language Settings\Configure Display Language.lnk - C:\Program Files\SoftEther VPN Client\vpnsetup.exe /language:yes C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\SoftEther VPN Client Manager Startup.lnk - C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe /startup ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lenovo QuickLaunch.lnk - C:\Program Files (x86)\Lenovo\LenovoQuickLaunch\LenovoQuickLaunch.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\patri_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== Uninstall List x64 ====================== 7-Zip 9.38 beta [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\7-Zip] Adobe Acrobat 5.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Acrobat 5.0] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7B77622E-DE90-48EA-B2C7-227B1DE58A01}] Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR] Advanced Uninstaller PRO - Version 11 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AU11_is1] ArcSoft PhotoStudio 5.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{85309D89-7BE9-4094-BB17-24999C6118FC}] Bitdefender Internet Security 2015 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bitdefender] Canon ScanGear Starter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}] CanoScan Toolbox Ver4.9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CyberLink Power2Go 7 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}] CyberLink PowerDVD 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] CyberLink PowerDVD 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}] CyberLink PowerProducer 5.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B7A0CE06-068E-11D6-97FD-0050BACBF861}] Dolby Advanced Audio v2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}] Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Intel AppUp(SM) center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Intel AppUp(SM) center 33057] Intel(R) Control Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}] Intel(R) Management Engine Components [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] Intel(R) Network Connections 18.5.54.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}] Intel(R) Network Connections 18.5.54.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PROSetDX] Intel(R) PRO/Wireless Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1334eac7-d6ef-4177-8780-05c963853cd3}] Intel(R) Processor Graphics [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89478C31-5CE8-461A-9084-9A0AF059F84F}] Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{302600C1-6BDF-4FD1-1309-148929CC1385}] Intel(R) Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] Intel(R) Rapid Storage Technology [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}] Intel(R) SDK for OpenCL - CPU Only Runtime Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}] Intel(R) Update Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}] Intel(R) WiDi [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B0664A11-EF49-45BF-B805-66FC7E1E7B5D}] Intel© PROSet/Wireless Software [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}] Intel© PROSet/Wireless WiFi Software [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D61F48DA-627B-404E-9315-32A651B18B64}] Intel© Trusted Connect Service Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89AFB053-A343-46EF-97E4-D593AD7184E6}] Isoplex [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Isoplex 2.0.0] Isoplex [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23487FCF-0122-435B-8182-620552C22981}] Kodi [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Kodi] Lenovo AutoLock [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1] Lenovo Dependency Package [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1] Lenovo Patch Utility 64 bit [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ABE4638D-D208-4061-9F26-E3E11E3A1E0C}] Lenovo QuickLaunch [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}] Lenovo Settings - Camera Audio [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1] Lenovo Settings Dependency Package 1.0.1.5 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1] Lenovo Slim USB Keyboard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{494D80C4-3557-4D73-A153-65FE4B3ECDC3}] Lenovo Solution Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4C2B6F96-3AED-4E3F-8DCE-917863D1E6B1}] Lenovo System Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{25C64847-B900-48AD-A164-1B4F9B774650}] Lenovo User Guide [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13F59938-C595-479C-B479-F171AB9AF64F}] Lenovo Warranty Information [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}] Malwarebytes Anti-Malware versie 2.0.4.1028 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] Manual CanoScan LiDE 60 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{23B72D50-1C7E-491C-8086-9E060051D316}] Metric Collection SDK [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}] Metric Collection SDK 35 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}] Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}] Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ce085a78-074e-4823-8dc1-8a721b94b76d}] Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}] Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}] Mozilla Firefox 35.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 35.0.1 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] Nitro Pro 7 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{31553BDE-BCDF-487A-8EFE-A911DA3D13DB}] Power Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}_is1] PowerDVD Create [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DE485075-8CD3-4A1E-9ABC-6412EBA44872}] PowerDVD Create 10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6E853EC-8960-4D44-AF03-7361BB93227C}] PWGen 2.5.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1] Realtek Card Reader [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] SHAREit [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1] SoftEther VPN Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\softether_sevpnclient] Spotify [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Spotify] SugarSync Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SugarSync] ThinkVantage Password Manager [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}] TuneUp Utilities 2011 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}] TuneUp Utilities Language Pack (nl-NL) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7DFC1BD7-9AA1-4191-8C7B-ACD95B127BC5}] View Management Utility [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\View Management Utility_is1] WaveEditor [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}] Windows Driver Package - Intel (e1cexpress) Net (07/12/2012 12.1.77.0) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\6ECB8A9FA8616AD74FDFA12A3BE0F7EA5A7C2F96] ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [Power Manager Startup Utility] C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [OPSE reminder] "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini" O4 - HKCU\..\Run: [Bitdefender Wallet Agent] "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Spotify] "C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - Global Startup: SoftEther VPN Client Manager Startup.lnk = C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe O23 - Service: Bitdefender Desktop Parental Control (BdDesktopParental) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe O23 - Service: ThinkVantage Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Corporation - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: NitroPDFDriverCreatorReadSpool2 (NitroDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\windows\SysWOW64\NLSSRV32.EXE O23 - Service: Session Launcher Service (PelService) - Unknown owner - C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE O23 - Service: Cisco EnergyWise Enabler (PwmEWSvc) - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\PowerMgr\PWMEWSVC.EXE O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: SoftEther VPN Client (SEVPNCLIENT) - SoftEther VPN Project at University of Tsukuba, Japan. - C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe O23 - Service: Skdaemon Service (Sks8821) - Unknown owner - C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: System Update (SUService) - Unknown owner - C:\Program Files (x86)\Lenovo\System Update\SUService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ==== Silent Runners ====================== "Silent Runners.vbs", revision 69.2, http://www.silentrunners.org/ Output limited to non-default values, except where indicated by "{++}" Startup items buried in registry: --------------------------------- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++} Bitdefender Wallet Agent = "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe" [Bitdefender] Spotify Web Helper = "C:\Users\patri_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [Spotify Ltd] Spotify = "C:\Users\patri_000\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart [Spotify Ltd] CCleaner Monitoring = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [Piriform Ltd] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} RtHDVBg_Dolby = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 [Realtek Semiconductor] Skd8821 = C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Skd8821.exe [LITE-ON TECHNOLOGY CORP.] ALCKRESI.EXE = C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [Lenovo Group Limited] LENOVO.TPKNRRES = C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [Lenovo Corporation] Daemon for Mouse Suite = C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE 30 [Primax Electronics Ltd.] PasswordManager = "C:\Program Files\Lenovo\Password Manager\password_manager.exe" [Lenovo Group Limited] BTMTrayAgent = rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp [MS] IAStorIcon = "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [Intel Corporation] SoftEther VPN Client UI Helper = "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp [SoftEther VPN Project at University of Tsukuba, Japan.] Bdagent = "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe" [Bitdefender] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++} IMSS = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [Intel Corporation] Power Manager Startup Utility = C:\Program Files (x86)\Lenovo\PowerMgr\DPMHost.exe [null data] OpwareSE2 = "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [ScanSoft, Inc.] OPSE reminder = "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe" -r "C:\Program Files (x86)\ScanSoft\OmniPageSE2.0\EregEng\ereg.ini" [ScanSoft, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided) -> {HKLM...Wow...CLSID} = AcroIEHlprObj Class \InProcServer32\(Default) = C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [empty string] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SugarSyncBackedUp\(Default) = {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} -> {HKLM...CLSID} = BackedUpOverlay Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] SugarSyncPending\(Default) = {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} -> {HKLM...CLSID} = PendingOverlay Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] SugarSyncRoot\(Default) = {A759AFF6-5851-457D-A540-F4ECED148351} -> {HKLM...CLSID} = RootFolderOverlay Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] SugarSyncShared\(Default) = {1574C9EF-7D58-488F-B358-8B78C1538F51} -> {HKLM...CLSID} = SharedOverlay Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {AE20061D-C1E1-4292-972E-16B91D9BD401} = CPL Mouse Manager Extension -> {HKLM...CLSID} = CPL Mouse Manager \InProcServer32\(Default) = C:\Program Files\Lenovo\Lenovo Mouse Suite\xManager.DLL [null data] {9D843851-50AA-46EE-829A-784DEBA4716C} = Bluetooth Property Page Extension -> {HKLM...CLSID} = CPropertySheetExtension Object \InProcServer32\(Default) = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [Motorola Solutions, Inc.] {B8DA2B41-7468-4E82-B62C-CB4A0C9158FE} = Bluetooth Context Menu Extension -> {HKLM...CLSID} = CContextMenuHandler Object \InProcServer32\(Default) = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [Motorola Solutions, Inc.] {0A7D34C2-E9DA-48A1-9E34-0CDFC2DE3B44} = Bluetooth Send To Wizard -> {HKLM...CLSID} = Send To Bluetooth \InProcServer32\(Default) = C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [Motorola Solutions, Inc.] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\ {23170F69-40C1-278A-1000-000100020000} = 7-Zip Shell Extension -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\ {1ee7337f-85ac-45e2-a23c-37c753209769}\(Default) = Smartcard WinRT Provider -> {HKLM...CLSID} = Smartcard WinRT Provider \InProcServer32\(Default) = C:\WINDOWS\system32\SmartcardCredentialProvider.dll [MS] HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] NPShellExtension\(Default) = {D7ECBD0E-B8E3-4a0c-9E84-514298EFA583} -> {HKLM...CLSID} = NPShellExtension ContextMenu Shell Extension \InProcServer32\(Default) = C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll [null data] SHAREit.FileContextMenuExt\(Default) = {430BD134-576D-4E75-87CD-0F5C6221A82B} -> {HKLM...CLSID} = SHAREit.FileContextMenuExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [Lenovo] SugarSync\(Default) = {305BC11B-5175-492B-B569-866547FCDA40} -> {HKLM...CLSID} = SimpleShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] {4CE485DD-C395-46C4-A929-7B771D8A5655}\(Default) = (no title provided) -> {HKLM...CLSID} = FileShredderCtxMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\fshredctx.dll [Bitdefender] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM...CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\bdshellext.dll [Bitdefender] HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] SHAREit.FileContextMenuExt\(Default) = {430BD134-576D-4E75-87CD-0F5C6221A82B} -> {HKLM...CLSID} = SHAREit.FileContextMenuExt Class \InProcServer32\(Default) = C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [Lenovo] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] {4CE485DD-C395-46C4-A929-7B771D8A5655}\(Default) = (no title provided) -> {HKLM...CLSID} = FileShredderCtxMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\fshredctx.dll [Bitdefender] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM...CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\bdshellext.dll [Bitdefender] HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ igfxDTCM\(Default) = {9B5F5829-A529-4B12-814A-E81BCB8D93FC} -> {HKLM...CLSID} = TheDeskTopContextMenu Class \InProcServer32\(Default) = C:\WINDOWS\system32\igfxDTCM.dll [Intel Corporation] WorkFolders\(Default) = {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} -> {HKLM...CLSID} = Work Folders Context Menu Handler \InProcServer32\(Default) = C:\Windows\System32\WorkfoldersShell.dll [MS] HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\ 7-Zip\(Default) = {23170F69-40C1-278A-1000-000100020000} -> {HKLM...Wow...CLSID} = 7-Zip Shell Extension \InProcServer32\(Default) = C:\Program Files (x86)\7-Zip\7-zip.dll [Igor Pavlov] SugarSync\(Default) = {305BC11B-5175-492B-B569-866547FCDA40} -> {HKLM...CLSID} = SimpleShlExt Class \InProcServer32\(Default) = C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [SugarSync, Inc.] {4CE485DD-C395-46C4-A929-7B771D8A5655}\(Default) = (no title provided) -> {HKLM...CLSID} = FileShredderCtxMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\fshredctx.dll [Bitdefender] {D653647D-D607-4df6-A5B8-48D2BA195F7B}\(Default) = (no title provided) -> {HKLM...CLSID} = BDMenu Class \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\bdshellext.dll [Bitdefender] Default executables: -------------------- .exe HKLM\SOFTWARE\Classes\.exe\shell\ZAU11\command\(Default) = [file not found] Group Policies {GPedit.msc branch and setting}: ----------------------------------------------- Note: detected settings may not have any effect. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ EnableCursorSuppression = (REG_DWORD) dword:0x00000001 {unrecognized setting} Active Desktop and Wallpaper: ----------------------------- Active Desktop may be disabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Displayed if Active Desktop disabled and wallpaper not set by Group Policy: HKCU\Control Panel\Desktop\ Wallpaper = C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ SCRNSAVE.EXE = C:\windows\system32\ssText3d.scr [MS] Windows Portable Device AutoPlay Handlers ----------------------------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ MSFhConfigBackup\ Provider = @C:\WINDOWS\system32\fhautoplay.dll,-100 InvokeProgID = FHConfig.AutoPlayHandler InvokeVerb = config HKLM\SOFTWARE\Classes\FHConfig.AutoPlayHandler\shell\config\command\(Default) = fhmanagew -autoplay [MS] MSPlayCDAudioOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.AudioCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS] MSPlayDVDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.DVD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS] MSPlaySuperVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPlayVideoCDMovieOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.VCD InvokeVerb = play HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS] MSPromptEachTime\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTime HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSPromptEachTimeNoContent\ Provider = @C:\WINDOWS\system32\shell32.dll,-17411 ProgID = Shell.Autoplay InitCmdLine = PromptEachTimeNoContent HKLM\SOFTWARE\Classes\Shell.Autoplay\CLSID\(Default) = {995C996E-D918-4a8c-A302-45719A6F4EA7} -> {HKLM...CLSID} = Shell Hardware Mixed Content Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} [MS] MSWMPBurnCDOnArrival\ Provider = @wmploc.dll,-6502 InvokeProgID = WMP.BurnCD InvokeVerb = Burn HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS] P2GCDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankCD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] P2GDVDBurningOnArrival\ Provider = Power2Go InvokeProgID = BlankDVD InvokeVerb = OpenWithPower2Go HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.] PDVD10PlayCDAudioOnArrival\ Provider = PowerDVD 10 InvokeProgID = AudioCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayDVDMovieOnArrival\ Provider = PowerDVD 10 InvokeProgID = DVD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayMusicFilesOnArrival\ Provider = PowerDVD 10 InvokeProgID = MusicFiles InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\MusicFiles\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe" /Music "%L" [CyberLink Corp.] PDVD10PlaySVCDOnArrival\ Provider = PowerDVD 10 InvokeProgID = SVCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\SVCD\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayVCDMovieOnArrival\ Provider = PowerDVD 10 InvokeProgID = VCD InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVDLaunchPolicy.exe" "%L" [CyberLink Corp.] PDVD10PlayVideoFilesOnArrival\ Provider = PowerDVD 10 InvokeProgID = VideoFiles InvokeVerb = PlayWithPowerDVD10 HKLM\SOFTWARE\Classes\VideoFiles\shell\PlayWithPowerDVD10\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.exe" /Video "%L" [CyberLink Corp.] Power2GoPlayCDAudioOnArrival\ Provider = Power2Go InvokeProgID = AudioCD InvokeVerb = PlayWithPower2Go HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPower2Go\Command\(Default) = "C:\Program Files (x86)\CyberLink\Power2Go\Power2Go.exe" /AudioRipper "%L" [CyberLink Corp.] PowerDVD Create10.0HandleCDBurningOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = BlankCD InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\BlankCD\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PowerDVD Create10.0HandleDVDBurningOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = BlankDVD InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\BlankDVD\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PowerDVD Create10.0MixedContentOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = MixedContent InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\MixedContent\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PowerDVD Create10.0PlayMusicFilesOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = MusicFiles InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\MusicFiles\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PowerDVD Create10.0PlayVideoFilesOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = VideoFiles InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\VideoFiles\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PowerDVD Create10.0ShowPicturesOnArrival\ Provider = PowerDVD Create 10 InvokeProgID = Picture InvokeVerb = PlayWithPowerDVD Create10.0 HKLM\SOFTWARE\Classes\Picture\shell\PlayWithPowerDVD Create10.0\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerDVD Create\PDVDCreate.exe" "%L" [CyberLink Corp.] PPCDBurningOnArrival\ Provider = PowerProducer InvokeProgID = BlankCD InvokeVerb = OpenWithPowerProducer HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPowerProducer\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerProducer\Producer.exe" "%L" [CyberLink Corporation] PPDCameraArrival\ Provider = PowerProducer InvokeProgID = Picture InvokeVerb = OpenWithPowerProducer HKLM\SOFTWARE\Classes\Picture\shell\OpenWithPowerProducer\Command\(Default) = "C:\Program Files (x86)\CyberLink\PowerProducer\Producer.exe" "%L" [CyberLink Corporation] PPDVArrival\ Provider = PowerProducer ProgID = Shell.HWEventHandlerShellExecute InitCmdLine = "C:\Program Files (x86)\CyberLink\PowerProducer\Producer.exe" HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} -> {HKLM...CLSID} = Shell Execute Hardware Event Handler \LocalServer32\(Default) = C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS] WIA_{3BDC8442-4D0F-47BF-9932-769012B6E45C}\ Provider = ScanGear Starter CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24} InitCmdLine = /WiaCmd;C:\Windows\twain_32\CNQSG\SGST.exe /StiDevice:%1 /StiEvent:%2; -> {HKLM...CLSID} = WPDShextAutoplay \LocalServer32\(Default) = C:\WINDOWS\system32\WPDShextAutoplay.exe [MS] Startup items in "patri_000" & "All Users" startup folders: ----------------------------------------------------------- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp {++} SoftEther VPN Client Manager Startup -> shortcut to: C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe /startup [SoftEther VPN Project at University of Tsukuba, Japan.] Non-disabled Scheduled Tasks: {++} ----------------------------- C:\Windows\System32\Tasks CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd] CLMLSvc -> (HIDDEN!) launches: C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [CyberLink] Dolby Selector -> launches: C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart [null data] GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.] GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.] Health-Check -> launches: C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -scan [file not found] Health-Check-auto -> launches: C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -startup [file not found] Health-Check-deep -> launches: C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe -deepscan [file not found] IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 -> launches: C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic [null data] IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon -> launches: "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe" --automatic [null data] Norton WSC Integration -> (HIDDEN!) launches: "C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\WSCStub.exe" /taskschd [file not found] PMTask -> launches: C:\Program Files (x86)\Lenovo\PowerMgr\PwmIdTsv.exe [Lenovo Group Limited] StartPowerDVDService -> launches: "C:\PROGRAM FILES (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [CyberLink Corp.] C:\Windows\System32\Tasks\Intel Intel Service Manager -> launches: "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [Intel Corporation] C:\Windows\System32\Tasks\Lenovo Lenovo Customer Feedback Program -> launches: "%ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe" [null data] Lenovo Customer Feedback Program 64 -> launches: "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe" [null data] Lenovo Customer Feedback Program 64 35 -> launches: "%ProgramFiles(x86)%\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe" [null data] Lenovo Solution Center Launcher -> (HIDDEN!) launches: %programfiles%\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus [null data] C:\Windows\System32\Tasks\Lenovo\LSC Lenovo Solution Center Notifications -> (HIDDEN!) launches: %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show [Lenovo] LSCHardwareScan -> launches: "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan [null data] RebootCountTask -> launches: "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -rebootcount [null data] Time72Task -> launches: "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -canupdate [null data] C:\Windows\System32\Tasks\Microsoft\Windows\.NET Framework .NET Framework NGEN v4.0.30319 -> (HIDDEN!) launches: {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] .NET Framework NGEN v4.0.30319 64 -> (HIDDEN!) launches: {429BC048-379E-45E0-80E4-EB1977941B5C} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = mscoree.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} -> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] -> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msdrm.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\AppID SmartScreenSpecific -> launches: {9f2b0085-9218-42a1-88b0-9f0e65851666} -> {HKLM...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] -> {HKLM...Wow...CLSID} = Windows SmartScreen Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\apprepsync.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience AitAgent -> launches: aitagent /increment [MS] Microsoft Compatibility Appraiser -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy [MS] ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS] StartupAppTask -> launches: %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\ApplicationData CleanupTemporaryState -> launches: %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Autochk Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS] C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060} -> {HKLM...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] -> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\dimsjob.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Chkdsk ProactiveScan -> launches: {cf4270f5-2e43-4468-83b3-a8c45bb33ea1} -> {HKLM...CLSID} = Proactive Scan \InProcServer32\(Default) = C:\Windows\System32\pstask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program BthSQM -> (HIDDEN!) launches: {c8367320-6f85-11e0-a1f0-0800200c9a66} -> {HKLM...CLSID} = BthSQM \InProcServer32\(Default) = C:\WINDOWS\System32\BthSQM.dll [MS] Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS] KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c} -> {HKLM...CLSID} = KernelCeipCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\kernelceip.dll [MS] Uploader -> launches: %windir%\system32\WSqmCons.exe -u [MS] UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} -> {HKLM...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] -> {HKLM...Wow...CLSID} = UsbCeip \InProcServer32\(Default) = C:\WINDOWS\System32\usbceip.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Data Integrity Scan Data Integrity Scan for Crash Recovery -> (HIDDEN!) launches: {DCFD3EA8-D960-4719-8206-490AE315F94F} -> {HKLM...CLSID} = Data Integrity Scan \InProcServer32\(Default) = C:\Windows\System32\discan.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Defrag ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -h -o -$ [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Device Setup Metadata Refresh -> (HIDDEN!) launches: {23C1F3CF-C110-4512-ACA9-7B6174ECE888} -> {HKLM...CLSID} = DsmRefreshTask Class \InProcServer32\(Default) = C:\WINDOWS\System32\DeviceSetupManagerAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3} -> {HKLM...CLSID} = ScheduledDiagnosticCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\sdiagschd.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskCleanup SilentCleanup -> launches: %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive% [MS] C:\Windows\System32\Tasks\Microsoft\Windows\DiskFootprint Diagnostics -> launches: {5b6b6834-34f0-49b9-ad4e-81d4994c7a74} -> {HKLM...CLSID} = Disk Footprint Diagnostics Task \InProcServer32\(Default) = C:\WINDOWS\system32\DfpCommon.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\FileHistory File History (maintenance mode) -> launches: {89917B7C-A1A6-11DF-8BF6-18A90531A85A} -> {HKLM...CLSID} = FhTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\fhtask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Location Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance WinSAT -> launches: A9A33436-678B-4c9c-A211-7CC38785E79D -> {HKLM...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] -> {HKLM...Wow...CLSID} = WinSAT Task Manger Task \InProcServer32\(Default) = C:\WINDOWS\system32\WinSATAPI.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic ProcessMemoryDiagnosticEvents -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] RunFullMemoryDiagnostic -> (HIDDEN!) launches: {8168e74a-b39f-46d8-adcd-7bed477b80a3} -> {HKLM...CLSID} = MemoryDiagnosticTaskHandler \InProcServer32\(Default) = C:\WINDOWS\System32\MemoryDiagnostic.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts MNO Metadata Parser -> launches: %SystemRoot%\System32\MbaeParserTask.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\MUI Lpksetup -> launches: C:\windows\System32\lpksetup.exe -v [MS] LPRemove -> launches: %windir%\system32\lpremove.exe [MS] Mcbuilder -> launches: C:\windows\System32\mcbuilder.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543} -> {HKLM...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] -> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class \InProcServer32\(Default) = C:\WINDOWS\System32\PlaySndSrv.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetCfg BindingWorkItemQueueHandler -> launches: {5AA199A0-1CED-43A5-9B85-3226086738A3} -> {HKLM...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\System32\netcfgx.dll [MS] -> {HKLM...Wow...CLSID} = Binding Engine Task Handler \InProcServer32\(Default) = C:\Windows\SysWOW64\netcfgx.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data] C:\Windows\System32\Tasks\Microsoft\Windows\PerfTrack BackgroundConfigSurveyor -> (HIDDEN!) launches: {EA9155A3-8A39-40B4-8963-D3C761B18371} -> {HKLM...CLSID} = PerfTrack TaskHandler class \InProcServer32\(Default) = C:\Windows\System32\perftrack.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PI Secure-Boot-Update -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] Sqm-Tasks -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\PLA LSC Memory -> (HIDDEN!) launches: C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Plug and Play Device Install Group Policy -> (HIDDEN!) launches: {60400283-b242-4fa8-8c25-caf695b88209} -> {HKLM...CLSID} = Device Installation Group Policy Task Handler \InProcServer32\(Default) = C:\Windows\System32\pnppolicy.dll [MS] Device Install Reboot Required -> (HIDDEN!) launches: {48794782-6a1f-47b9-bd52-1d5f95d49c1b} -> {HKLM...CLSID} = Device Installation Reboot Dialog Task \InProcServer32\(Default) = C:\Windows\System32\pnpui.dll [MS] Plug and Play Cleanup -> launches: {DEF03232-9688-11E2-BE7F-B4B52FD966FF} -> {HKLM...CLSID} = Plug and Play Maintenance Task \InProcServer32\(Default) = C:\Windows\System32\pnpclean.dll [MS] Sysprep Generalize Drivers -> launches: %SystemRoot%\System32\drvinst.exe 6 [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics AnalyzeSystem -> launches: {927ea2af-1c54-43d5-825e-0074ce028eee} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\energytask.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RAC RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6} -> {HKLM...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] -> {HKLM...Wow...CLSID} = ReliabilityAnalysisCustomHandler \InProcServer32\(Default) = C:\WINDOWS\system32\RacEngn.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Ras MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa} -> {HKLM...CLSID} = RasMobilityManager \InProcServer32\(Default) = C:\WINDOWS\system32\rasmbmgr.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Registry RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2} -> {HKLM...CLSID} = RegistryIdleBackupHandler \InProcServer32\(Default) = C:\WINDOWS\System32\regidle.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS] C:\Windows\System32\Tasks\Microsoft\Windows\RemovalTools MRT_HB -> launches: C:\WINDOWS\system32\MRT.exe /EHB /Q [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Servicing StartComponentCleanup -> launches: 752073A1-23F2-4396-85F0-8FDB879ED0ED [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SettingSync BackgroundUploadTask -> (HIDDEN!) launches: {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} -> {HKLM...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Delayed Background Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] BackupTask -> (HIDDEN!) launches: {60A4C78C-E2B8-4E6E-876F-DA203B02C05E} -> {HKLM...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Backup Upload Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] NetworkStateChangeTask -> (HIDDEN!) launches: {A4173A49-F373-4475-9A0F-2D615204DC20} -> {HKLM...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] -> {HKLM...Wow...CLSID} = Network State Change Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\SettingSyncCore.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Shell CreateObjectTask -> (HIDDEN!) launches: {990a9f8f-301f-45f7-8d0e-68c5952dba43} -> {HKLM...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] -> {HKLM...Wow...CLSID} = Shell Create Object Task Delegate \InProcServer32\(Default) = C:\WINDOWS\system32\shell32.dll [MS] FamilySafetyMonitor -> launches: %windir%\System32\wpcmon.exe [MS] FamilySafetyRefresh -> launches: {EBF00FCB-0769-4b81-9BEC-6C05514111AA} -> {HKLM...CLSID} = FamilySafety.WebSync \InProcServer32\(Default) = C:\Windows\System32\WpcWebSync.dll [MS] IndexerAutomaticMaintenance -> launches: {3FBA60A6-7BF5-4868-A2CA-6623B3DFFEA6} -> {HKLM...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] -> {HKLM...Wow...CLSID} = Automatic Maintenance task to enable Windows Search to make progress while in Connected Standby \InProcServer32\(Default) = C:\WINDOWS\System32\srchadmin.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SideShow GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SkyDrive Idle Sync Maintenance Task -> launches: {bf6c1e47-86ec-4194-9ce5-13c15dcb2001} [InProcServer32 entry not found] Routine Maintenance Task -> launches: {1b1f472e-3221-4826-97db-2c2324d389ae} [InProcServer32 entry not found] C:\Windows\System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform SvcRestartTask -> (HIDDEN!) launches: {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC} -> {HKLM...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] -> {HKLM...Wow...CLSID} = SppSvcRestartTaskHandler Class \InProcServer32\(Default) = C:\WINDOWS\System32\sppcext.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SpacePort SpaceAgentTask -> launches: %windir%\system32\SpaceAgent.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Sysmain WsSwapAssessmentTask -> launches: %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask [MS] C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore SR -> launches: %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4} -> {HKLM...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] -> {HKLM...Wow...CLSID} = RunTask \InProcServer32\(Default) = C:\WINDOWS\system32\wdc.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TaskScheduler Idle Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Maintenance Configurator -> launches: {645E29EA-4B0A-464C-8B7D-1A6B9F9D92A8} -> {HKLM...CLSID} = Maintenance Configurator \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Manual Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] Regular Maintenance -> launches: {57BFCFDD-EEE4-4DBB-A751-3CDEB169FF44} -> {HKLM...CLSID} = Maintenance Launcher Handler \InProcServer32\(Default) = C:\WINDOWS\system32\msched.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} -> {HKLM...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] -> {HKLM...Wow...CLSID} = MsCtfMonitor task handler \InProcServer32\(Default) = C:\WINDOWS\system32\MsCtfMonitor.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization ForceSynchronizeTime -> launches: {A31AD6C2-FF4C-43D4-8E90-7101023096F9} -> {HKLM...CLSID} = Time Synchronization Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TimeSyncTask.dll [MS] SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Time Zone SynchronizeTimeZone -> launches: %windir%\system32\tzsync.exe [MS] C:\Windows\System32\Tasks\Microsoft\Windows\TPM Tpm-Maintenance -> launches: {5014B7C8-934E-4262-9816-887FA745A6C4} -> {HKLM...CLSID} = TPM Maintenance Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\TpmTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\UPnP UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WDI ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} -> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] -> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler \InProcServer32\(Default) = C:\WINDOWS\System32\wdi.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup ConfigNotification -> launches: %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WindowsUpdate Scheduled Start -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] Scheduled Start With Network -> launches: C:\WINDOWS\system32\sc.exe start wuauserv [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Wininet CacheTask -> launches: {0358b920-0ac7-461f-98f4-58e32cd89148} -> {HKLM...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] -> {HKLM...Wow...CLSID} = Wininet Cache task object \InProcServer32\(Default) = C:\WINDOWS\system32\wininet.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WOF WIM-Hash-Management -> launches: {B7BFFB5A-EFA8-4D8C-BBDE-C8D5FAAF54A1} -> {HKLM...CLSID} = WOF Task Handler \InProcServer32\(Default) = C:\WINDOWS\system32\WofTasks.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\Work Folders Work Folders Logon Synchronization -> launches: {97d47d56-3777-49fb-8e8f-90d7e30e1a1e} -> {HKLM...CLSID} = Work Folder Logon Trigger Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] Work Folders Maintenance Work -> launches: {63260bce-a3fb-4a34-aa51-d4d8e877b62b} -> {HKLM...CLSID} = Work Folder Maintenance Task Class \InProcServer32\(Default) = C:\Windows\System32\WorkFoldersShell.dll [MS] C:\Windows\System32\Tasks\Microsoft\Windows\WS Badge Update -> launches: {00CCDDF6-5107-424D-853D-3907AE5502DC} -> {HKLM...CLSID} = WinStore Tile Badge Updater \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] License Validation -> (HIDDEN!) launches: rundll32.exe WSClient.dll,WSpTLR licensing [MS] Sync Licenses -> launches: {10F591BE-3C84-418A-86DD-BAA002E2F36E} -> {HKLM...CLSID} = WinStore License Sync task \InProcServer32\(Default) = C:\WINDOWS\winstore\WinStoreUI.dll [MS] WSRefreshBannedAppsListTask -> (HIDDEN!) launches: rundll32.exe WSClient.dll,RefreshBannedAppsList [MS] WSTask -> launches: {E52C9A25-F3E8-49E4-BAA7-FAD0EF620129} -> {HKLM...CLSID} = (no title provided) \InProcServer32\(Default) = C:\WINDOWS\System32\WSService.dll [MS] C:\Windows\System32\Tasks\Norton Internet Security Norton Error Analyzer -> launches: C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe /analyze [file not found] Norton Error Processor -> launches: C:\Program Files (x86)\Norton Internet Security\Engine\20.0.0.136\SymErr.exe /submit [file not found] C:\Windows\System32\Tasks\TVT TVSUUpdateTask -> launches: "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon -noreboot -nolicense -defaultupdate [null data] C:\Windows\System32\Tasks\WPD SqmUpload_S-1-5-21-3218135916-3078716367-3142756994-1001 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++} 000000000001\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS] 000000000002\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS] 000000000004\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS] 000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS] 000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS] 000000000007\LibraryPath = %SystemRoot%\system32\wshbth.dll [MS] Transport Service Providers HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 11 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> {HKLM...CLSID} = Bitdefender Wallet \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [Bitdefender] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} = (no title provided) -> {HKLM...CLSID} = Bitdefender Wallet \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [Bitdefender] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\ {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} = (no title provided) -> {HKLM...Wow...CLSID} = Bitdefender Wallet \InProcServer32\(Default) = C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [Bitdefender] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ Bitdefender Desktop Update Service, UPDATESRV, "C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe" /service [Bitdefender] Bitdefender Virus Shield, VSSERV, "C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe" /service [Bitdefender] Bluetooth Device Monitor, Bluetooth Device Monitor, "C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe" [Motorola Solutions, Inc.] Bluetooth OBEX Service, Bluetooth OBEX Service, "C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe" [Motorola Solutions, Inc.] Intel(R) Capability Licensing Service Interface, Intel(R) Capability Licensing Service Interface, "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [Intel(R) Corporation] Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service, BTHSSecurityMgr, "C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe" [Intel(R) Corporation] Intel(R) Dynamic Application Loader Host Interface Service, jhi_service, "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" [Intel Corporation] Intel(R) HD Graphics Control Panel Service, igfxCUIService1.0.0.0, C:\WINDOWS\system32\igfxCUIService.exe [Intel Corporation] Intel(R) PROSet/Wireless Event Log, EvtEng, "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" [Intel(R) Corporation] Intel(R) PROSet/Wireless Registry Service, RegSrvc, "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" [Intel(R) Corporation] Intel(R) PROSet/Wireless Zero Configuration Service, ZeroConfigService, "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" [Intel© Corporation] Intel(R) Rapid Storage Technology, IAStorDataMgrSvc, "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" [null data] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management, Intel(R) Wireless Bluetooth(R) 4.0 Radio Management, "C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe" [Intel Corporation] Intel© Centrino© Wireless Bluetooth© + High Speed Service, AMPPALR3, C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [Intel Corporation] Lenovo Camera Mute, LENOVO.CAMMUTE, C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [Lenovo Group Limited] Lenovo Keyboard Noise Reduction, LENOVO.TPKNRSVC, C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [Lenovo Group Limited] Lenovo System Agent Service, Lenovo System Agent Service, C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [LENOVO INCORPORATED.] Nalpeiron Licensing Service, nlsX86cc, C:\windows\SysWOW64\NLSSRV32.EXE [Nalpeiron Ltd.] Network Connection Broker, NcbService, C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted {C:\WINDOWS\System32\ncbservice.dll [MS]} NitroPDFDriverCreatorReadSpool2, NitroDriverReadSpool2, "C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe" [Nitro PDF Software] Power Manager DBC Service, Power Manager DBC Service, "C:\Program Files (x86)\Lenovo\PowerMgr\PWMDBSVC.EXE" [Lenovo] Session Launcher Service, PelService, C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe [null data] Skdaemon Service, Sks8821, C:\Program Files\Lenovo\Lenovo Slim USB Keyboard\Sks8821.exe [null data] SoftEther VPN Client, SEVPNCLIENT, "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /service [SoftEther VPN Project at University of Tsukuba, Japan.] ThinkVantage Virtual Camera Controller, LENOVO.TVTVCAM, C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [Lenovo Corporation] Safe Mode Drivers & Services (subkey name, subkey default value): ----------------------------------------------------------------- HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\ <> CleanHlp, Driver <> CleanHlp.sys, Driver <> SystemEventsBroker, Service <> PEVSystemStart, Service HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ <> CleanHlp, Driver <> CleanHlp.sys, Driver <> SystemEventsBroker, Service <> PEVSystemStart, Service Print Monitors: --------------- HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\ LIDIL hpzlllhn\Driver = hpzlllhn.dll [Hewlett-Packard Company] Nitro PDF Port Monitor\Driver = nitrolocalmon2.dll [Nitro PDF Software] ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\patri_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\patri_000\AppData\Local\Mozilla\Firefox\Profiles\qwm14hp7.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=20 folders=15 95173654 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\patri_000\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\PATRI_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 12/02/2015 at 18:23:45,52 ======================